go.veeam.com Open in urlscan Pro
104.17.70.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=
Effective URL:
https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln...
Submission: On September 17 via api (September 17th 2023, 6:12:15 pm UTC) from US — Scanned from DE

Summary HTTP 92 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 22 domains to perform 92 HTTP transactions. The main IP is 104.17.70.206, located in and belongs to CLOUDFLARENET, US. The main domain is go.veeam.com. The Cisco Umbrella rank of the primary domain is 231927.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 20th 2022. Valid for: a year.

This is the only time go.veeam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:219... 2600:9000:219c:1e00:5:699f:cf00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:262... 2600:9000:262b:b000:1b:4c2e:9800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.206.100.200 23.206.100.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.14.184.154 185.14.184.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:9a00:5:5dda:e080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26d... 2600:9000:26db:ec00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.24 13.32.27.24	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.3 99.84.88.3	16509 (AMAZON-02) (AMAZON-02)
4	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.48.224.138 52.48.224.138	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	23.53.43.58 23.53.43.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a02:26f0:480... 2a02:26f0:480:21::217:d11c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	3.69.80.35 3.69.80.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
92	37

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

link.veeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.veeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:219c:1e00:5:699f:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)

psr.veeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:262b:b000:1b:4c2e:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.veeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.206.100.200 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-100-200.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.14.184.154 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

geo.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:9a00:5:5dda:e080:93a1 (United States)

ASN16509 (AMAZON-02, US)

css.veeam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

870-lbg-312.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:ec00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-24.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-3.muc50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.224.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-224-138.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.53.43.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-58.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

6147876.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:21::217:d11c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.80.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-80-35.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	veeam.com link.veeam.com — Cisco Umbrella Rank: 472130 go.veeam.com — Cisco Umbrella Rank: 231927 psr.veeam.com — Cisco Umbrella Rank: 520950 js.veeam.com — Cisco Umbrella Rank: 286972 css.veeam.com — Cisco Umbrella Rank: 263483	227 KB
13	6sc.co j.6sc.co — Cisco Umbrella Rank: 6869 c.6sc.co — Cisco Umbrella Rank: 10344 ipv6.6sc.co — Cisco Umbrella Rank: 7194 b.6sc.co — Cisco Umbrella Rank: 4573	19 KB
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2576 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5629 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5679 tracking.crazyegg.com — Cisco Umbrella Rank: 4761	77 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1055 v.clarity.ms — Cisco Umbrella Rank: 8338 c.clarity.ms — Cisco Umbrella Rank: 1609	27 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 410 www.linkedin.com — Cisco Umbrella Rank: 692 px4.ads.linkedin.com — Cisco Umbrella Rank: 6273	6 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2787 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 121	1 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 6147876.fls.doubleclick.net — Cisco Umbrella Rank: 322839	4 KB
4	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 273 bat.bing.com — Cisco Umbrella Rank: 421	14 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 970	18 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5677	669 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	21 KB
3	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 911	46 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 11501	909 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	168 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1189	751 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	218 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3846	6 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 914	393 B
1	t.co t.co — Cisco Umbrella Rank: 590	378 B
1	mktoresp.com 870-lbg-312.mktoresp.com — Cisco Umbrella Rank: 431341	318 B
1	cookie-script.com geo.cookie-script.com — Cisco Umbrella Rank: 52975	74 KB
92	22

	Domain	Requested by
9	go.veeam.com	link.veeam.com go.veeam.com
6	b.6sc.co
6	script.crazyegg.com	link.veeam.com script.crazyegg.com
6	psr.veeam.com	go.veeam.com
4	v.clarity.ms	www.clarity.ms
4	snap.licdn.com	link.veeam.com snap.licdn.com www.googletagmanager.com
3	ipv6.6sc.co	j.6sc.co
3	c.6sc.co	j.6sc.co
3	bat.bing.com	link.veeam.com bat.bing.com
3	px.ads.linkedin.com	3 redirects
3	www.google.de	go.veeam.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	static.ads-twitter.com	www.googletagmanager.com link.veeam.com
2	epsilon.6sense.com	j.6sc.co
2	www.facebook.com
2	connect.facebook.net	link.veeam.com connect.facebook.net
2	6147876.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	www.google.com	go.veeam.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	css.veeam.com	psr.veeam.com
2	www.googletagmanager.com	go.veeam.com www.googletagmanager.com
2	munchkin.marketo.net	go.veeam.com munchkin.marketo.net
1	adservice.google.com	6147876.fls.doubleclick.net
1	j.6sc.co	link.veeam.com
1	c.bing.com	1 redirects
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	px4.ads.linkedin.com	go.veeam.com
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	go.veeam.com
1	t.co	go.veeam.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	870-lbg-312.mktoresp.com	munchkin.marketo.net
1	geo.cookie-script.com	go.veeam.com
1	js.veeam.com	go.veeam.com
1	link.veeam.com
92	41

This site contains links to these domains. Also see Links.

Domain
www.veeam.com
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.cloudflare.com
cookie-script.com
advertising.amazon.com
policies.google.com
www.oracle.com
www.salesforce.com
www.adobe.com
www.php.net
www.shopify.com
casalemedia.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
link.veeam.com Cloudflare Inc ECC CA-3	`2023-07-14` - `2024-07-13`	a year	crt.sh
go.veeam.com Cloudflare Inc ECC CA-3	`2022-10-20` - `2023-10-20`	a year	crt.sh
psr.veeam.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
veeam.com Amazon RSA 2048 M02	`2023-02-21` - `2023-11-18`	9 months	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Frame ID: FD31BD9FF8728DC741BB419655E217D3
Requests: 89 HTTP requests in this frame

Frame: https://6147876.fls.doubleclick.net/activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware
Frame ID: A579294E2062F51F93928FE5E37BA7AC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sales Inquiry - Veeam Software

Page URL History Show full URLs

https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G0... Page URL
https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_... Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

96 %
HTTPS

54 %
IPv6

22
Domains

41
Subdomains

37
IPs

6
Countries

923 kB
Transfer

2934 kB
Size

40
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.veeam.com/

Search URL Search Domain Scan URL

URL: https://www.veeam.com/data-center-availability-suite.html

Search URL Search Domain Scan URL

URL: https://www.veeam.com/product-demo.html
Title: watch more

Search URL Search Domain Scan URL

URL: https://www.veeam.com/vmware-esxi-vsphere-virtualization-tools-hyper-v-products.html
Title: find more

Search URL Search Domain Scan URL

URL: https://www.veeam.com/pricing-calculator
Title: try now

Search URL Search Domain Scan URL

URL: https://www.veeam.com/privacy-policy.html
Title: Privacy Policy & Cookies

Search URL Search Domain Scan URL

URL: https://www.veeam.com/eula.html
Title: EULA

Search URL Search Domain Scan URL

URL: https://www.veeam.com/licensing-policy.html
Title: Licensing Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/veeam

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VeeamSoftware

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/veeam-software/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/YouVeeam

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/privacypolicy
Title: Cloudflare Inc.

Search URL Search Domain Scan URL

URL: https://cookie-script.com/privacy-policy.html
Title: CookieScript

Search URL Search Domain Scan URL

URL: https://advertising.amazon.com/legal/privacy-notice
Title: Amazon.com Inc.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: LinkedIn Corporation

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google LLC

Search URL Search Domain Scan URL

URL: https://www.oracle.com/legal/privacy/addthis-privacy-policy.html
Title: Oracle Corporation

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/products/marketing-cloud/sfmc/audience-studio-privacy/
Title: Salesforce.com Inc.

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy/policy.html
Title: Adobe Inc.

Search URL Search Domain Scan URL

URL: https://www.php.net/privacy.php
Title: PHP.net

Search URL Search Domain Scan URL

URL: https://www.shopify.com/legal/privacy
Title: Shopify Inc.

Search URL Search Domain Scan URL

URL: https://casalemedia.com/
Title: Casale Media Inc.

Search URL Search Domain Scan URL

URL: https://twitter.com/privacy
Title: Twitter Inc.

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/privacystatement
Title: Microsoft Corporation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php
Title: Meta Platform Inc.

Search URL Search Domain Scan URL

URL: https://cookie-script.com/cookie-report?identifier=f3f5bbd01116bd4d2e8371066aac2b6d
Title: report

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: CookieScript

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0= Page URL
https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4316001%26time%3D1694974328948%26url%3Dhttps%253A%252F%252Fgo.veeam.com%252Fsalesinc-nurturing-ty%253Fst%253Ddrip%2526utm_source%253Ddrip%2526medium%253Demail%2526utm_campaign%253Dpln_ransomware%2526ccode%253Dpln_ransomware%2526mkt_tok%253DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&cookiesTest=true&liSync=true&e_ipv6=AQIkRxNO_fhsJAAAAYqkV8NPD_W1KxYtcd1Lnp7TzW7D1NWSIVeTbshlG16WYh7xu5-INUyp

Request Chain 58

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B2C68CE5F7BB45C5AD20F934CDB0A03C&RedC=c.clarity.ms&MXFR=1F3E5BFE47016A931CAF4871430164D0 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B2C68CE5F7BB45C5AD20F934CDB0A03C&MUID=3160685AD3AC6B361E977BD5D2C76A9E

Request Chain 61

https://6147876.fls.doubleclick.net/activityi;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware HTTP 302
https://6147876.fls.doubleclick.net/activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=
link.veeam.com/ 626 B
1 KB 612ms
366ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-uNmpoUN2AMu4QhzPoHJzjOaoT12CmsnyOEfXYFN1bug=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 808350c63cc7ca81-HAM
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-uNmpoUN2AMu4QhzPoHJzjOaoT12CmsnyOEfXYFN1bug=';object-src 'none';form-action 'none';frame-src 'none'
content-type: text/html;charset=UTF-8
date: Sun, 17 Sep 2023 18:12:07 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: d7d0f59a4620e85e

GET
H2 200 Primary Request salesinc-nurturing-ty Show response
go.veeam.com/ 11 KB
4 KB 884ms
504ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm

Requested by

Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0048047642c64d15c52fe6f6c15ee2f95662d9b56a010dead7b5e7e208047762

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://link.veeam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 808350cb5dbb417a-HAM
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 17 Sep 2023 18:12:08 GMT
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
server: cloudflare
vary: *,Accept-Encoding
x-asset-type: LP
x-content-type-options: nosniff

GET
H2 200 lp_template_general.css
psr.veeam.com/global/css/ 45 KB
10 KB 161ms
40ms Stylesheet
text/css 2600:9000:219c:1e00:5:699f:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://psr.veeam.com/global/css/lp_template_general.css

Requested by

Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:1e00:5:699f:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2d0c37830cf91264f4a8f6c40c47a4676ce3b95802020ca2ed8f5773c052261a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 10:39:52 GMT
content-encoding: gzip
via: 1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: CDG3-C2
age: 804737
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Fri, 08 Sep 2023 10:38:34 GMT
x-cache: Hit from cloudfront
content-length: 10127
last-modified: Fri, 08 Sep 2023 10:39:25 GMT
server: AmazonS3
etag: "9ca6fac711cff65d6eda5528f8968812"
content-type: text/css
cache-control: max-age=15552000
accept-ranges: bytes
x-amz-cf-id: 9teiam04khcD6t2tEwDrAIHMfCKG3Gssn1IXLwAQP65lrVxTKbJOmA==

GET
H2 200 jquery-2.0.0.min.js Show response
psr.veeam.com/global/js/ 80 KB
29 KB 192ms
72ms Script
application/x-javascript 2600:9000:219c:1e00:5:699f:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://psr.veeam.com/global/js/jquery-2.0.0.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:1e00:5:699f:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

388212045a8b66f422c5c76919d285ca0ffec3b390e33a289997557c38f3c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 23:39:06 GMT
content-encoding: gzip
via: 1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
last-modified: Tue, 30 Jun 2020 12:33:12 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C2
age: 67205
x-amz-meta-cb-modifiedtime: Mon, 18 Mar 2019 12:10:25 GMT
etag: "bf113a19dbc5ad9d6ef4ccbee825c54f"
x-cache: Hit from cloudfront
content-type: application/x-javascript
accept-ranges: bytes
content-length: 28814
x-amz-cf-id: KeVyrYBRhdbURuwOaV7tX3a75LQ_UGc6Cb_5PRnB0atV0KX4oK5jow==

GET
H2 200 xref_manager.min.js Show response
js.veeam.com/vendor/ 1 KB
996 B 192ms
40ms Script
application/javascript 2600:9000:262b:b000:1b:4c2e:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.veeam.com/vendor/xref_manager.min.js
Requested by: Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262b:b000:1b:4c2e:9800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9600ede23afd739e2f3eb242c894ca8bfb947970dafd7df09706b14db83772e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:39:12 GMT
content-encoding: gzip
via: 1.1 bcdbf1400b5b04e46f310591b86ea9b8.cloudfront.net (CloudFront)
last-modified: Fri, 05 Mar 2021 10:41:18 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P5
age: 2471577
etag: "ec545efaf4439cbf9d0be142cefc93cf"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 613
x-amz-cf-id: -UlcEhSaS-Y2iH3d2_DAry91P_qfdRuCzd0S9x0hdPSG509mhYIAJg==

GET
H2 200 mktLPSupport.css
go.veeam.com/css/ 2 KB
1 KB 67ms
67ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.veeam.com/css/mktLPSupport.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d7772e84897894be55c2fc38b6040a24bc96ac28f5c9e15c1349a3c6c5a4972

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 05:56:15 GMT
server: cloudflare
age: 5324
etag: "e130f-99b-604be84963dc0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 808350ce8b08417a-HAM
content-length: 888
expires: Sun, 17 Sep 2023 22:12:08 GMT

GET
H2 200 hybrid_form.css
psr.veeam.com/global/css/ 48 KB
6 KB 163ms
43ms Stylesheet
text/css 2600:9000:219c:1e00:5:699f:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://psr.veeam.com/global/css/hybrid_form.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:1e00:5:699f:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

681d3cd9515a6f21d54bce33e970a44462f9162ed1b7c8369fcf322123071c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 04:43:05 GMT
content-encoding: gzip
via: 1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: CDG3-C2
age: 566944
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Mon, 11 Sep 2023 04:40:54 GMT
x-cache: Hit from cloudfront
content-length: 6164
last-modified: Mon, 11 Sep 2023 04:41:44 GMT
server: AmazonS3
etag: "a149eb1e9a885098e9cbb19862e741ae"
content-type: text/css
cache-control: max-age=15552000
accept-ranges: bytes
x-amz-cf-id: DScAF2GTrVnBqacw_ockA9MDnQFpvZyPHkJnA8xit2GYRYHjR2uBNA==

GET
H2 200 salesinc-nurturing-ty.css
go.veeam.com/rs/870-LBG-312/images/ 2 KB
726 B 153ms
152ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.veeam.com/rs/870-LBG-312/images/salesinc-nurturing-ty.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c8c939c2b5ca333b526ae6b323b96f055d7ae4d2dfc2efa9d6eb633e044466

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 09 Sep 2023 04:32:57 GMT
server: cloudflare
etag: "281434-7a7-604e5965e44c6"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 808350ce8b0c417a-HAM
content-length: 575
expires: Sun, 17 Sep 2023 18:13:08 GMT

GET
H2 200 veeam_logo_lp_white.svg
psr.veeam.com/global/img/logo/ 5 KB
6 KB 41ms
39ms Image
image/svg+xml 2600:9000:219c:1e00:5:699f:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://psr.veeam.com/global/img/logo/veeam_logo_lp_white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:1e00:5:699f:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be457c92955aa284cd11201cb0aa3b93ca944c478c93c819f0ee223ba4629b71

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 09:53:12 GMT
via: 1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
last-modified: Fri, 24 Sep 2021 08:04:15 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C2
age: 3140337
etag: "0f8a47dcc4c178dbfacd76c3ddf2ec26"
x-amz-meta-cb-modifiedtime: Fri, 24 Sep 2021 08:01:35 GMT
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 5232
x-amz-cf-id: U9J29ey8GDVMhOQwRYpuEtBKMGOWLz8Obkk0t7LCj8DrlccOrefXuA==

GET
H2 200 slogan_lp.svg
psr.veeam.com/global/img/logo/ 107 B
510 B 54ms
53ms Image
image/svg+xml 2600:9000:219c:1e00:5:699f:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://psr.veeam.com/global/img/logo/slogan_lp.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:1e00:5:699f:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e44ef965096ae5b74fd3c176e5005c76d0627aa943cf76a13f00776bccc1280

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 10:16:44 GMT
via: 1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
last-modified: Tue, 30 Jun 2020 12:33:09 GMT
server: AmazonS3
x-amz-cf-pop: CDG3-C2
age: 28525
x-amz-meta-cb-modifiedtime: Mon, 04 Jun 2018 06:30:01 GMT
etag: "b8aa8b08f987fb48995bf19b4d8070ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 107
x-amz-cf-id: 51hs8yAsZSBus2XgcRzS8unoN693UwiomRbG6WgFvQjIGHVaWed2Dg==

GET
H2 200 icon_video_replay.svg
go.veeam.com/rs/870-LBG-312/images/ 578 B
374 B 165ms
164ms Image
image/svg+xml 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.veeam.com/rs/870-LBG-312/images/icon_video_replay.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533fb2d9ba2e0f15591723c0f82733d6707b9f43146132ae5019aceab489c90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 09 Sep 2023 04:32:57 GMT
server: cloudflare
etag: W/"281437-242-604e596663bcb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 808350cfdd40417a-HAM
expires: Sun, 17 Sep 2023 18:13:08 GMT

GET
H2 200 icon_new_product.svg
go.veeam.com/rs/870-LBG-312/images/ 799 B
468 B 162ms
161ms Image
image/svg+xml 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.veeam.com/rs/870-LBG-312/images/icon_new_product.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0147ee31b1ffa9e39110806b5e08f0d3ba371a8e8c1c67c0ae695b8a0eab3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 09 Sep 2023 04:32:57 GMT
server: cloudflare
etag: W/"281436-31f-604e5966618a3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 808350cfdd41417a-HAM
expires: Sun, 17 Sep 2023 18:13:08 GMT

GET
H2 200 icon_payment.svg
go.veeam.com/rs/870-LBG-312/images/ 745 B
518 B 156ms
155ms Image
image/svg+xml 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.veeam.com/rs/870-LBG-312/images/icon_payment.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760531918d5d072d2a6da696ed84d320e241db5ce7fade9c3b1a0ddea675c679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 09 Sep 2023 04:32:57 GMT
server: cloudflare
etag: W/"281438-2e9-604e59666a542"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=60
cf-ray: 808350cfdd42417a-HAM
expires: Sun, 17 Sep 2023 18:13:08 GMT

GET
H2 200 email-decode.min.js Show response
go.veeam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
824 B 33ms
33ms Script
application/javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.veeam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Sep 2023 15:48:14 GMT
server: cloudflare
etag: W/"6500883e-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 808350cfbd0e417a-HAM
expires: Tue, 19 Sep 2023 18:12:08 GMT

GET
H2 200 sales_inquiry_ty_v2.min.js Show response
go.veeam.com/rs/870-LBG-312/images/ 22 KB
6 KB 173ms
173ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.veeam.com/rs/870-LBG-312/images/sales_inquiry_ty_v2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62cf7afd1dfdf172dc344dc315cb03c1c940f93023b8754a6218a0862f1270e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 09 Sep 2023 04:32:57 GMT
server: cloudflare
etag: "281435-56cd-604e59665610c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 808350cfcd22417a-HAM
content-length: 5582
expires: Sun, 17 Sep 2023 18:13:08 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 219ms
33ms Script
application/x-javascript 23.206.100.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.100.200 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-100-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sun, 17 Sep 2023 18:12:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 base_template_lp.js Show response
psr.veeam.com/global/js/ 26 KB
3 KB 40ms
38ms Script
application/x-javascript 2600:9000:219c:1e00:5:699f:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://psr.veeam.com/global/js/base_template_lp.js?v20201125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:219c:1e00:5:699f:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1a21f56da779c1d891f8348fe0ba48def49909229bb3007fad7f28f5c488c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 09:53:12 GMT
content-encoding: gzip
via: 1.1 8397e2a9ea3d253ab31a153059be0170.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: CDG3-C2
age: 3140337
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Thu, 13 Oct 2022 09:38:39 GMT
x-cache: Hit from cloudfront
content-length: 2992
last-modified: Thu, 13 Oct 2022 09:39:53 GMT
server: AmazonS3
etag: "abe72931be35a22a2ae4a601d56c98f0"
content-type: application/x-javascript
cache-control: max-age=15552000
accept-ranges: bytes
x-amz-cf-id: kEHs5FCX_rjcFcXokRxeCauK-oEFU1lA-BYaiEaqsFfXdldWFY6Spg==

GET
H2 200 9f2e4f3ae272e6239af3325a81c28bb6.js Show response
geo.cookie-script.com/s/ 424 KB
74 KB 161ms
46ms Script
application/javascript 185.14.184.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.cookie-script.com/s/9f2e4f3ae272e6239af3325a81c28bb6.js?country=jp&region=eu
Requested by: Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.14.184.154 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 00b5b1591881e74a2d245b607aa61cf23d4f0b7957b6f6acdeb459192d872c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Sep 2023 13:45:25 GMT
x-cache-status: HIT
content-type: application/javascript

GET
H2 200 stripmkttok.js Show response
go.veeam.com/js/ 2 KB
808 B 83ms
81ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.veeam.com/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 05:56:12 GMT
server: cloudflare
age: 5323
etag: "141884-602-604be84687700"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 808350cfdd3f417a-HAM
content-length: 678
expires: Sun, 17 Sep 2023 22:12:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 529 KB
125 KB 251ms
130ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6572cfd7e3a6278565a2b135d8b3560dc75613665d66479acf4b984abe0990c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 127832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Sep 2023 18:12:08 GMT

GET
H2 200 GuardianSans-VF-Cy-Web.woff2
css.veeam.com/fonts/guardian/vf/ 80 KB
80 KB 160ms
45ms Font
application/octet-stream 2600:9000:223c:9a00:5:5dda:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://css.veeam.com/fonts/guardian/vf/GuardianSans-VF-Cy-Web.woff2
Requested by: Host: psr.veeam.com
URL: https://psr.veeam.com/global/css/lp_template_general.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9a00:5:5dda:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5601f3de6bf95a79d2301b22ba43007bc0c0ea0db4fde775c0f6990c30e62ec5

Request headers

Referer: https://psr.veeam.com/
Origin: https://go.veeam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 01:04:00 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 4554489
x-amz-meta-cb-modifiedtime: Wed, 02 Jun 2021 19:22:37 GMT
x-cache: Hit from cloudfront
content-length: 81512
last-modified: Tue, 15 Jun 2021 08:51:00 GMT
server: AmazonS3
etag: "1719f8c4568453ac6d33afda5eb64477"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CH2ZaxQo_6ahXbVu3co1sqcFGxivM6mYCFEgeQ_dJG12Pd768o3IEg==

GET
H2 200 fontawesome-webfont.woff2
css.veeam.com/fonts/awesome/ 75 KB
76 KB 154ms
39ms Font
application/octet-stream 2600:9000:223c:9a00:5:5dda:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://css.veeam.com/fonts/awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: psr.veeam.com
URL: https://psr.veeam.com/global/css/lp_template_general.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9a00:5:5dda:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://psr.veeam.com/
Origin: https://go.veeam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 09:51:08 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 634861
x-amz-meta-cb-modifiedtime: Tue, 28 Feb 2017 15:26:15 GMT
x-cache: Hit from cloudfront
content-length: 77160
last-modified: Fri, 16 Jun 2017 14:01:10 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 3MB_cg7rqAhG7ux_XOMsAhp6l5g_x1xJ3ildpVBS5n0yE5HCPZRA7g==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 38ms
38ms Script
application/x-javascript 23.206.100.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.100.200 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-100-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sun, 17 Sep 2023 18:12:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 26 Dec 2023 18:12:08 GMT

POST
H/1.1 200
OK visitWebPage
870-lbg-312.mktoresp.com/webevents/ 2 B
318 B 842ms
125ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://870-lbg-312.mktoresp.com/webevents/visitWebPage?_mchNc=1694974328543&_mchCn=salesinc-nurturing-ty&_mchId=870-LBG-312&_mchTk=_mch-veeam.com-1694974328543-27877&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&_mchWs=j1RR&_mchHo=go.veeam.com&_mchPo=&_mchRu=%2Fsalesinc-nurturing-ty&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Flink.veeam.com%2F&_mchQp=st%3Ddrip__-__utm_source%3Ddrip__-__medium%3Demail__-__utm_campaign%3Dpln_ransomware__-__ccode%3Dpln_ransomware__-__mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Sun, 17 Sep 2023 18:12:09 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 1af4ed9e-d9d2-4196-89d2-6e9a75bef1bf

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10876178466/ 3 KB
2 KB 220ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10876178466/?random=1694974328707&cv=11&fst=1694974328707&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&ref=https%3A%2F%2Flink.veeam.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sales%20Inquiry%20-%20Veeam%20Software&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65c991b9b5388cdad740de1907104987ad42317a4d5c5ee876f998d6e172ed1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h7zec5f40x Show response
www.clarity.ms/tag/ 843 B
1 KB 280ms
181ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/h7zec5f40x?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b6681967d12d696d1529866e912c42044a7d30a3e0ec19f4e564ee6504a284a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: -1
date: Sun, 17 Sep 2023 18:12:08 GMT
x-azure-ref: 20230917T181208Z-78h3et9zxd0e71eqs6g99079b400000007mg00000001bndu
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 843
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 131ms
29ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=52483
accept-ranges: bytes
content-length: 3822

GET
H2 200 oct.js Show response
static.ads-twitter.com/ 56 KB
15 KB 112ms
28ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-eddf8230133-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 181ms
57ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Sep 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1345
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 17 Sep 2023 19:49:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
93 KB 80ms
79ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PMJS81E58L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

caa8ed52cc47c51564f1b3d9f5550122da77f80b834eaaef19f18712b2236449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Sep 2023 18:12:08 GMT

GET
H2 200 1177.js Show response
script.crazyegg.com/pages/scripts/0013/ 6 KB
2 KB 146ms
42ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0013/1177.js?470826
Requested by: Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30e9c88d2b5f301e23dc57fa8f741a7a4de0e87a5c1bc5d04eafec57524ca72a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 9077
cf-polished: origSize=6004
ce-version: 11.5.124
cf-bgj: minify
last-modified: Sun, 17 Sep 2023 15:40:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 808350d35a30ca79-HAM

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 28ms
28ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230133-FRA

GET
H2 200 adsct
t.co/i/ 43 B
378 B 274ms
203ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=4ff9e612-4e8d-422d-a483-2d0e486db1f5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f58ce216-c91c-4372-ac59-c002bb7a3a4d&tw_document_href=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l61ni&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time: 175
date: Sun, 17 Sep 2023 18:12:08 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0b72a7ecbb2631f4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 69273350fe5b92719cbf730270e0eca4cdc63755b7adf8b2628ccd5ad039ea43
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 226ms
131ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=4ff9e612-4e8d-422d-a483-2d0e486db1f5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f58ce216-c91c-4372-ac59-c002bb7a3a4d&tw_document_href=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=l61ni&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 17 Sep 2023 18:12:08 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5d2d63d69dc29141
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 15e71345364571d46ccceeff874a5465c630bfda3d9c2e16a0ce4c2f9744c449
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
243 B 104ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PMJS81E58L&gtm=45je39d0&_p=564209317&_gaz=1&cid=1729409102.1694974329&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694974328&sct=1&seg=0&dl=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&dr=https%3A%2F%2Flink.veeam.com%2F&dt=Sales%20Inquiry%20-%20Veeam%20Software&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMJS81E58L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.veeam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 107ms
38ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PMJS81E58L&cid=1729409102.1694974329&gtm=45je39d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMJS81E58L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.veeam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 231ms
109ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PMJS81E58L&cid=1729409102.1694974329&gtm=45je39d0&aip=1&z=1887594348

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 30ms
29ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=48401
accept-ranges: bytes
content-length: 4862

GET
H2 200 go.veeam.com.json Show response
script.crazyegg.com/pages/data-scripts/0013/1177/site/ 12 KB
3 KB 105ms
43ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0013/1177/site/go.veeam.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0013/1177.js?470826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4590ce620dcfb3d25096be12710ce67ede2b1b5062cdd749becb780a589ec754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7228
ce-version: 11.5.124
content-length: 3269
last-modified: Sun, 17 Sep 2023 16:11:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 808350d42e83417b-HAM

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 67ms
66ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=564209317&t=pageview&_s=1&dl=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&dr=https%3A%2F%2Flink.veeam.com%2F&dp=%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&ul=en-us&de=UTF-8&dt=Sales%20Inquiry%20-%20Veeam%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=119256784&gjid=1785602602&cid=1729409102.1694974329&tid=UA-154008-5&_gid=2094499782.1694974329&_slc=1&gtm=45He39d0n81M586FKF&cd3=none&cd4=null&cd8=&cd24=null&cd25=null&cd70=ab_varian_null&cd71=https%3A%2F%2Flink.veeam.com%2F&cd79=en&cd80=salesinc-nurturing-ty&z=603497153

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.veeam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 68ms
38ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-154008-5&cid=1729409102.1694974329&jid=119256784&gjid=1785602602&_gid=2094499782.1694974329&_u=YCDAgEABAAAAAGAAI~&z=1063467428

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 17 Sep 2023 18:12:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.veeam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10876178466/ 42 B
455 B 195ms
66ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10876178466/?random=1694974328707&cv=11&fst=1694973600000&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&ref=https%3A%2F%2Flink.veeam.com%2F&frm=0&tiba=Sales%20Inquiry%20-%20Veeam%20Software&fmt=3&is_vtc=1&random=1521482085&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10876178466/ 42 B
455 B 155ms
74ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10876178466/?random=1694974328707&cv=11&fst=1694973600000&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&ref=https%3A%2F%2Flink.veeam.com%2F&frm=0&tiba=Sales%20Inquiry%20-%20Veeam%20Software&fmt=3&is_vtc=1&random=1521482085&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4316001/domain/go.veeam.com/ 36 B
376 B 158ms
39ms XHR
application/json 2600:9000:26db:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4316001/domain/go.veeam.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 17:40:22 GMT
content-encoding: gzip
via: 1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 1907
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 4VsY7S7gC_NgbC4aQ7xuGTo9sZGDxhDldapW4Xz2Ov3jfa09-g63Ow==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4316001%26time%3D1694974328948%26url%3Dhttps%253A%252F%252Fgo.veeam.com%252Fsales...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign...

0
265 B

344ms
223ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&cookiesTest=true&liSync=true&e_ipv6=AQIkRxNO_fhsJAAAAYqkV8NPD_W1KxYtcd1Lnp7TzW7D1NWSIVeTbshlG16WYh7xu5-INUyp
Requested by: Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 970F902D00FC4C5E9899AB37DF054DF7 Ref B: FRAEDGE1821 Ref C: 2023-09-17T18:12:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFkfbYGDmG3dmM400/+w==

Redirect headers

date: Sun, 17 Sep 2023 18:12:08 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: A2DE3ED342DD4B5BB4F1E6E76AD994BB Ref B: FRAEDGE1413 Ref C: 2023-09-17T18:12:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4316001&time=1694974328948&url=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&cookiesTest=true&liSync=true&e_ipv6=AQIkRxNO_fhsJAAAAYqkV8NPD_W1KxYtcd1Lnp7TzW7D1NWSIVeTbshlG16WYh7xu5-INUyp
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFkfbSxQ8WZJums2zFNA==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
24 KB 60ms
59ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/h7zec5f40x?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:09 GMT
content-encoding: br
last-modified: Tue, 05 Sep 2023 13:50:16 GMT
etag: W/"0x8DBAE170900AD3F"
vary: Accept-Encoding
x-azure-ref: 20230917T181209Z-78h3et9zxd0e71eqs6g99079b400000007mg00000001bnef
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7beec115-601e-001d-0d5d-e52367000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 155ms
94ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-154008-5&cid=1729409102.1694974329&jid=119256784&_u=YCDAgEABAAAAAGAAI~&z=1816840562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 114ms
100ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-154008-5&cid=1729409102.1694974329&jid=119256784&_u=YCDAgEABAAAAAGAAI~&z=1816840562

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7ec30fa91eaf9eb1ccdde76b548095fc.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 91 KB
31 KB 41ms
41ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/7ec30fa91eaf9eb1ccdde76b548095fc.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0013/1177.js?470826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b5720355f7e880a91f0b7fedff83bbacea95d279369a9c3a7e070467398bee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Sep 2023 20:20:59 GMT
server: cloudflare
age: 437452
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 808350d47c21ca79-HAM
content-length: 31336

GET
H2 200 go.veeam.com.json Show response
script.crazyegg.com/pages/data-scripts/0013/1177/sampling/ 152 B
213 B 46ms
45ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0013/1177/sampling/go.veeam.com.json?t=470826
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7ec30fa91eaf9eb1ccdde76b548095fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012085b10efbc5cec5773453090608c2ace13289872f6426bad0e551091a3515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 7229
ce-version: 11.5.124
content-length: 144
last-modified: Sun, 17 Sep 2023 16:11:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 808350d4ffaf417b-HAM

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
463 B 117ms
29ms XHR
application/json 13.32.27.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7ec30fa91eaf9eb1ccdde76b548095fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-24.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 17 May 2023 09:46:59 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 10657511
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: CsTkvxRndr5bmUFu7Y_nXd3VmJTFncflS-Kedy-TKhtpQvaOGABDlg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 147ms
39ms XHR
application/json 99.84.88.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7ec30fa91eaf9eb1ccdde76b548095fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-3.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:00:49 GMT
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 2556681
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: wcBrp3WfJ6sCpD112xUtO0Htu4KOflULWEedjQ90Yoq9n9DNN6GqaA==

GET
BLOB 200
OK ffe6cced-59f2-4187-b899-f95439dc7ad4
https://go.veeam.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.veeam.com/ffe6cced-59f2-4187-b899-f95439dc7ad4
Requested by: Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
292 B 406ms
120ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://go.veeam.com
Date: Sun, 17 Sep 2023 18:12:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 clock Show response
tracking.crazyegg.com/ 30 B
137 B 184ms
61ms XHR
text/plain 52.48.224.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1694974329334&tk=66fa399d61bdf7d67151e9af870f2165&s=47291&p=%2Fsalesinc-nurturing-ty&u=131177&v=cfbd3e02ab2936d10487c487e415cd1b73b8c3c2&f=go.veeam.com%2Fsalesinc-nurturing-ty&ul=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7ec30fa91eaf9eb1ccdde76b548095fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.224.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-224-138.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b54bd590d70e904539ffa9076424ac88d9112dd401514034b4cc3a46465b883f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Sep 2023 18:12:09 GMT
cache-control: no-store
server: awselb/2.0
content-length: 30
content-type: text/plain

GET
H2 200 d9b6b28e3d84db3e4c966a5cf73af402.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 41ms
41ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0013/1177.js?470826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 16:28:53 GMT
server: cloudflare
age: 437447
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 808350d7aac8ca79-HAM
content-length: 8025

GET
BLOB 200
OK 14f9c786-e04c-4625-9633-9d69eadac891
https://go.veeam.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.veeam.com/14f9c786-e04c-4625-9633-9d69eadac891
Requested by: Host: go.veeam.com
URL: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd5136d161be9d35cafb3c710837e588b824e4eaab440018769808c3f5cc1a05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 200 661bb7e9d0e0abee5d7403d3d65553a1.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 98 KB
32 KB 44ms
43ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/661bb7e9d0e0abee5d7403d3d65553a1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0013/1177.js?470826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2182476b2f19b36cc23e9bbdb2dd97b84f4d6eddabc117e374b893fe3cd8cdc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 16:28:50 GMT
server: cloudflare
age: 437447
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 808350d7fb50ca79-HAM
content-length: 32149

POST
H/1.1 204
No Content collect
v.clarity.ms/ 0
292 B 122ms
122ms Ping
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://go.veeam.com
Date: Sun, 17 Sep 2023 18:12:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B2C68CE5F7BB45C5AD20F934CDB0A03C&RedC=c.clarity.ms&MXFR=1F3E5BFE47016A931CAF4871430164D0
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B2C68CE5F7BB45C5AD20F934CDB0A03C&MUID=3160685AD3AC6B361E977BD5D2C76A9E

42 B
444 B

59ms
59ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B2C68CE5F7BB45C5AD20F934CDB0A03C&MUID=3160685AD3AC6B361E977BD5D2C76A9E
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:10 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9D1BFE7C759B40D1AE9590D4D4F839FC Ref B: FRAEDGE1516 Ref C: 2023-09-17T18:12:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B2C68CE5F7BB45C5AD20F934CDB0A03C&MUID=3160685AD3AC6B361E977BD5D2C76A9E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 6si.min.js Show response
j.6sc.co/ 51 KB
15 KB 194ms
46ms Script
application/javascript 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Aug 2023 22:29:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64e7d9dd-cc38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14993
expires: Sun, 17 Sep 2023 18:12:10 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 29ms
28ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=52481
accept-ranges: bytes
content-length: 3822

GET
H2

200

activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or... Show response
6147876.fls.doubleclick.net/ Frame A579
Redirect Chain

https://6147876.fls.doubleclick.net/activityi;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
https://6147876.fls.doubleclick.net/activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb...

573 B
667 B

220ms
215ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6147876.fls.doubleclick.net/activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

a3965fe1a2df40ba32a1bcea5c99c393bd8e5378183c65dce58a8144cded98ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 18:12:10 GMT
expires: Sun, 17 Sep 2023 18:12:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Sep 2023 18:12:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://6147876.fls.doubleclick.net/activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 29ms
29ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M586FKF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230133-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 142ms
54ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 17 Sep 2023 18:12:09 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4E8F7DF6AB94229BB15575EC3A77D54 Ref B: FRAEDGE1516 Ref C: 2023-09-17T18:12:10Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 105ms
28ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: link.veeam.com
URL: https://link.veeam.com/ODcwLUxCRy0zMTIAAAGNUDHGOYJa6Pisbdthf5p5-1P11n1iIYEZDaEM27yLHFZ6Kcc80Vlc26G028sWOd0KRNHquN0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Sep 2023 18:12:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: FcKSdQoapAK7iMuweCazJVUzUwtjQlVZlKCBv6WMHiiCMrMlSDxkYdCVqYFw72MZmXHD5w26899uv8gQQ8jn9g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 29ms
29ms Script
application/x-javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=48399
accept-ranges: bytes
content-length: 4862

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4316001,88017/domain/go.veeam.com/ 36 B
375 B 41ms
41ms XHR
application/json 2600:9000:26db:ec00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4316001,88017/domain/go.veeam.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ec00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 17:15:12 GMT
content-encoding: gzip
via: 1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 3418
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: PCbymEX3YYpMF4BvnbLqQUGtDhtaoODJhUB3vQmziOR0f57C1yGgfA==

GET
H2 204 5038374.js Show response
bat.bing.com/p/action/ 0
116 B 85ms
85ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5038374.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 17 Sep 2023 18:12:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 87153268159549F6AA2B9004575569F5 Ref B: FRAEDGE1516 Ref C: 2023-09-17T18:12:10Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
272 B 81ms
81ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5038374&Ver=2&mid=fdb430af-78a4-4904-9442-e6c9518419cd&sid=b8254e80558511ee8c9ff3f96105a20f&vid=b8253f50558511ee8c2aa57c6b0fe400&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sales%20Inquiry%20-%20Veeam%20Software&p=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&r=https%3A%2F%2Flink.veeam.com%2F&lt=2940&evt=pageLoad&sv=1&rn=559927

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 17 Sep 2023 18:12:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A92BDF66D3C74505B78CCC64F8D1071A Ref B: FRAEDGE1516 Ref C: 2023-09-17T18:12:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 727279560655659 Show response
connect.facebook.net/signals/config/ 421 KB
115 KB 104ms
103ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727279560655659?v=2.9.127&r=stable&domain=go.veeam.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2ba18a322475908018dfd435077a6422932cee8f97ef11014414e9c2e9c5f7c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Sep 2023 18:12:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: kNGRXvzujg5YjAfO2s+umrJbxfkU9j9cxejUAKvu1RgcUjXTmzoZC9OneWgHVToOOxPNQV9x2fhTmuxryGjiMw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 89ms
65ms XHR
text/html 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://go.veeam.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
309 B 160ms
29ms XHR
text/html 2a02:26f0:480:21::217:d11c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:21::217:d11c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eca911cde383d98bf0ebfaeae9ffcbf9a217014053c43f8a4206d325f4988a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://go.veeam.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:b:f011::1e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694974330509_389993820_443150850_25_846_27_58_219";dur=1
content-length: 20
expires: Sun, 17 Sep 2023 18:12:10 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 311ms
259ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c168444f276f97698f0e28af85c5dbda&svisitor=null&visitor=cf661b72-9e99-4614-8cb7-3eb20770c1f8&session=55976ef0-32cd-4b48-831f-44cec62cc199&event=a_pageload&q=%7B%22eventCategory%22%3A%22%22%2C%22eventAction%22%3A%22%22%2C%22pageLoadTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22c168444f276f97698f0e28af85c5dbda%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22c168444f276f97698f0e28af85c5dbda%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22f64373ecabb4ab2fdae4438deab08bd899a9d8b6%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22c168444f276f97698f0e28af85c5dbda%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setPageAttributes%5C%22%2C%5C%22value%5C%22%3A%5C%22%7B%5C%5C%5C%22eventCategory%5C%5C%5C%22%3A%5C%5C%5C%22%5C%5C%5C%22%2C%5C%5C%5C%22eventAction%5C%5C%5C%22%3A%5C%5C%5C%22%5C%5C%5C%22%7D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Thank%20you%20for%20your%20inquiry!%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%7D&cb=&r=https%3A%2F%2Flink.veeam.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&pageViewId=34ef6765-495e-4224-8e74-9209beb32016&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 83ms
66ms XHR
text/html 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://go.veeam.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
308 B 154ms
29ms XHR
text/html 2a02:26f0:480:21::217:d11c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:21::217:d11c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eca911cde383d98bf0ebfaeae9ffcbf9a217014053c43f8a4206d325f4988a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://go.veeam.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:b:f011::1e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694974330567_389993820_443150851_20_856_27_0_219";dur=1
content-length: 20
expires: Sun, 17 Sep 2023 18:12:10 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
191 B 79ms
65ms XHR
text/html 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://go.veeam.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
308 B 153ms
30ms XHR
text/html 2a02:26f0:480:21::217:d11c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:21::217:d11c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eca911cde383d98bf0ebfaeae9ffcbf9a217014053c43f8a4206d325f4988a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:10 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://go.veeam.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:b:f011::1e
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694974330569_389993820_443150854_42_625_27_0_219";dur=1
content-length: 20
expires: Sun, 17 Sep 2023 18:12:10 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
292 B 363ms
248ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://go.veeam.com
Date: Sun, 17 Sep 2023 18:12:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 89ms
28ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727279560655659&ev=PageView&dl=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&rl=https%3A%2F%2Flink.veeam.com%2F&if=false&ts=1694974330533&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694974330532.126066749&it=1694974330372&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 17 Sep 2023 18:12:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 1 KB
909 B 115ms
52ms XHR
application/json 3.69.80.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.80.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-80-35.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5a609cc4563ff2ea8b0bbe120f510a9a1d480d3bd876a546ca4659b8af7af970

Request headers

Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
accept-language: de-DE,de;q=0.9
Authorization: Token f64373ecabb4ab2fdae4438deab08bd899a9d8b6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
X-6s-CustomID: WebTag1.0 c168444f276f97698f0e28af85c5dbda

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://go.veeam.com
access-control-allow-credentials: true
content-length: 726

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 112ms
31ms Preflight 3.69.80.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.80.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-80-35.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://go.veeam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://go.veeam.com
access-control-max-age: 1800
date: Sun, 17 Sep 2023 18:12:10 GMT
server: nginx

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 245ms
245ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:10 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com...
adservice.google.com/ddm/fls/z/ Frame A579 42 B
401 B 305ms
161ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware

Requested by

Host: 6147876.fls.doubleclick.net
URL: https://6147876.fls.doubleclick.net/activityi;dc_pre=CPPT97afsoEDFZAJaAgdElkB-g;src=6147876;type=websitev;cat=websi0;ord=2665047855897;auiddc=626777250.1694974330;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6147876.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=564209317&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&dr=https%3A%2F%2Flink.veeam.com%2F&dp=%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&ul=en-us&de=UTF-8&dt=Sales%20Inquiry%20-%20Veeam%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aCDAgEABAAAAAGAAI~&jid=&gjid=&cid=1729409102.1694974329&tid=UA-154008-5&_gid=2094499782.1694974329&gtm=45He39d0n81M586FKF&cd2=1729409102.1694974329&cd3=none&cd4=null&cd8=&cd24=null&cd25=null&cd70=ab_varian_null&cd71=https%3A%2F%2Flink.veeam.com%2F&cd79=en&cd80=salesinc-nurturing-ty&cd57=Chubb%20Limited%20(fmr%20ACE%20Ltd)&cd58=Purchase&cd59=Weak&cd60=Q3%20%2723_US_RW-All-stages_1Few_ENT_ABM&cd90=Financial%20Services&cd91=10%2C000%2B&cd92=Moderate&z=2054075279

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 11:08:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25424
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 29ms
28ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727279560655659&ev=Microdata&dl=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&rl=https%3A%2F%2Flink.veeam.com%2F&if=false&ts=1694974331036&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%2C%22meta%3Adescription%22%3A%22Thank%20you%20for%20your%20inquiry!%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%2C%22og%3Adescription%22%3A%22Thank%20you%20for%20your%20inquiry!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpsr.veeam.com%2Fglobal%2Fimg%2Fbanner%2Fmeta.png%22%2C%22og%3Asite_name%22%3A%22Veeam%20Software%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.127&r=stable&ec=1&o=30&fbp=fb.1.1694974331036.141017850&it=1694974330372&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 17 Sep 2023 18:12:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 264ms
264ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c168444f276f97698f0e28af85c5dbda&svisitor=null&visitor=a6fabdbf-08a9-4756-8854-1344e529c515&session=de3f04b6-8088-4d54-8019-172e2f7d1eff&event=active_time_track&q=%7B%22eventCategory%22%3A%22%22%2C%22eventAction%22%3A%22%22%2C%22currentTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A10%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%221005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Thank%20you%20for%20your%20inquiry!%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%7D&cb=&r=https%3A%2F%2Flink.veeam.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&pageViewId=34ef6765-495e-4224-8e74-9209beb32016&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
292 B 116ms
116ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://go.veeam.com
Date: Sun, 17 Sep 2023 18:12:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 235ms
235ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c168444f276f97698f0e28af85c5dbda&svisitor=null&visitor=a6fabdbf-08a9-4756-8854-1344e529c515&session=de3f04b6-8088-4d54-8019-172e2f7d1eff&event=active_time_track&q=%7B%22eventCategory%22%3A%22%22%2C%22eventAction%22%3A%22%22%2C%22currentTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A11%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%222010%22%7D&isIframe=false&m=%7B%22description%22%3A%22Thank%20you%20for%20your%20inquiry!%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%7D&cb=&r=https%3A%2F%2Flink.veeam.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&pageViewId=34ef6765-495e-4224-8e74-9209beb32016&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:12 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 233ms
232ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c168444f276f97698f0e28af85c5dbda&svisitor=null&visitor=a6fabdbf-08a9-4756-8854-1344e529c515&session=de3f04b6-8088-4d54-8019-172e2f7d1eff&event=active_time_track&q=%7B%22eventCategory%22%3A%22%22%2C%22eventAction%22%3A%22%22%2C%22currentTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A12%20GMT%22%2C%22timeSpent%22%3A%221031%22%2C%22totalTimeSpent%22%3A%223041%22%7D&isIframe=false&m=%7B%22description%22%3A%22Thank%20you%20for%20your%20inquiry!%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%7D&cb=&r=https%3A%2F%2Flink.veeam.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&pageViewId=34ef6765-495e-4224-8e74-9209beb32016&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:13 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 35ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PMJS81E58L&gtm=45je39d0&_p=564209317&cid=1729409102.1694974329&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1694974328&sct=1&seg=0&dl=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware%26mkt_tok%3DODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm&dr=https%3A%2F%2Flink.veeam.com%2F&dt=Sales%20Inquiry%20-%20Veeam%20Software&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMJS81E58L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Sep 2023 18:12:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go.veeam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 252ms
252ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=c168444f276f97698f0e28af85c5dbda&svisitor=null&visitor=a6fabdbf-08a9-4756-8854-1344e529c515&session=de3f04b6-8088-4d54-8019-172e2f7d1eff&event=active_time_track&q=%7B%22eventCategory%22%3A%22%22%2C%22eventAction%22%3A%22%22%2C%22currentTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2017%20Sep%202023%2018%3A12%3A13%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224043%22%7D&isIframe=false&m=%7B%22description%22%3A%22Thank%20you%20for%20your%20inquiry!%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sales%20Inquiry%20-%20Veeam%20Software%22%7D&cb=&r=https%3A%2F%2Flink.veeam.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fgo.veeam.com%2Fsalesinc-nurturing-ty%3Fst%3Ddrip%26utm_source%3Ddrip%26medium%3Demail%26utm_campaign%3Dpln_ransomware%26ccode%3Dpln_ransomware&pageViewId=34ef6765-495e-4224-8e74-9209beb32016&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sun, 17 Sep 2023 18:12:14 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.link.veeam.com/	1970-01-20 14:49:36	Name: __cf_bm Value: xvSStm9mBh65xi1a0py2S.wMfBs0Rb_UuMTxcBZtBxU-1694974327-0-AX8hioEckptKbHjUAt6LQCus+S0iHJX+I+adulQQARGvX7+PxFnCVcPJMzmCjySiwkHPlgnA5N+zM2wjsFTZHuw=
go.veeam.com/	1969-12-31 23:59:59	Name: BIGipServerabjweb-nginx-app_https Value: !vV3w4MNYWx8N+vakCIQPm+cqSAXSEdjDq8uvoEzfTJtzldDZH5nu2LZ5Y/jD4OgpAcJec8mUPBHG8g==
.go.veeam.com/	1970-01-20 14:49:36	Name: __cf_bm Value: VM0PzWCWk4x7hr9qsPOB27qwPtORNz6MhgjQAnDPt50-1694974328-0-ATsJmd8Wz+48sOF/yk51DMq08rd/acyk8k5mdCwNquAnFAY+gPvxLIJQ5+V99jmSaxRSlESEjjSyLwp35fHzDlY=
.veeam.com/	1970-01-21 00:25:34	Name: x_referrer Value: https://link.veeam.com/
.veeam.com/	1970-01-21 00:25:34	Name: x_page Value: https://go.veeam.com/salesinc-nurturing-ty?st=drip&utm_source=drip&medium=email&utm_campaign=pln_ransomware&ccode=pln_ransomware&mkt_tok=ODcwLUxCRy0zMTIAAAGNUDHGOacRFY-7OYVhOySffrIK1L3X4pyafpArjQILJ8jf4_YfSLKxfeKmpWMxD8ba6E1a_1hfGhJAE1A4gOQfXPRwslDd2GzuAjCGlZD9yb8k2bGYcvcm
.veeam.com/	1970-01-21 00:25:34	Name: x_time Value: 1694974328
go.veeam.com/	1970-01-20 19:08:46	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}
.veeam.com/	1970-01-21 00:25:34	Name: _ga Value: GA1.2.1729409102.1694974329
.veeam.com/	1970-01-20 14:51:00	Name: _gid Value: GA1.2.2094499782.1694974329
.veeam.com/	1970-01-20 14:49:34	Name: _dc_gtm_UA-154008-5 Value: 1
www.clarity.ms/	1970-01-20 23:35:10	Name: CLID Value: 976eb83a259d4396bccbcf3545dba85b.20230917.20240916
.veeam.com/	1970-01-20 23:35:10	Name: _clck Value: cuwf2x\|2\|ff3\|0\|1355
.twitter.com/	1970-01-21 00:25:34	Name: personalization_id Value: "v1_R9pXUtm3cr81Kp1gEIz6HA=="
.t.co/	1970-01-21 00:25:34	Name: muc_ads Value: fddbac45-e1b0-44df-b449-a32cd8165155
.veeam.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.veeam.com/	1970-01-20 23:35:10	Name: _ce.s Value: v~cfbd3e02ab2936d10487c487e415cd1b73b8c3c2~lcw~1694974329177~vpv~0~lcw~1694974329179
.linkedin.com/	1970-01-20 16:59:10	Name: li_sugr Value: 090438f9-e221-4f53-a275-f334fd5dd900
.linkedin.com/	1970-01-20 23:35:10	Name: bcookie Value: "v=2&12353d73-1ac8-40b2-8e1f-26be22c801cc"
.linkedin.com/	1970-01-20 14:51:00	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2836:u=1:x=1:i=1694974329:t=1695060729:v=2:sig=AQGf_Nmx5Z6OPEIl8r6bnuXUT0BJTECS"
.veeam.com/	1970-01-20 14:51:00	Name: _ce.clock_event Value: 1
.linkedin.com/	1970-01-20 15:32:46	Name: UserMatchHistory Value: AQIIhMesi0iLngAAAYqkV8HNLzLI3xS5iWlLpkl_yiuavYcgeylLESyDdt8jxoGiPnZBF-my6wLFnA
.linkedin.com/	1970-01-20 15:32:46	Name: AnalyticsSyncHistory Value: AQKeeTKoDaCLFwAAAYqkV8HNHQAynhKQti8knENJmUvRclmwXScPfsK2YsQegcCiDA7QCUL5roOx0yn2yhWlYw
.veeam.com/	1970-01-20 14:51:00	Name: _ce.clock_data Value: 33%2C193.32.248.209%2C1%2C2e6de925b83fb1ba2705210ba8c28c4b
.veeam.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.www.linkedin.com/	1970-01-20 23:35:10	Name: bscookie Value: "v=1&202309171812095fff54c5-553a-47f0-896e-1c7f7b0b9e34AQGDik9In2U0WehWX2gc633v00eHLvAK"
.linkedin.com/	1970-01-20 19:08:46	Name: li_gc Value: MTswOzE2OTQ5NzQzMjk7MjswMjEFzB5ve9F26Ls590llO+dno5aouTZ12v9jk3fbrdBn1A==
.c.bing.com/	1970-01-20 14:59:39	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:11:10	Name: SRM_B Value: 3160685AD3AC6B361E977BD5D2C76A9E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:11:10	Name: MUID Value: 3160685AD3AC6B361E977BD5D2C76A9E
.c.clarity.ms/	1970-01-20 14:59:39	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:49:34	Name: ANONCHK Value: 0
.bing.com/	1970-01-21 00:11:10	Name: MUID Value: 19D8358B92176C9C20FD2604937C6D53
.doubleclick.net/	1970-01-21 00:11:10	Name: IDE Value: AHWqTUm8LE1c2OOcjrZkIbkJr03rvTiDEgiIb5m2r-c9yM6DItJzJDwdgQwvRebRjno
.6sc.co/	1970-01-21 00:25:34	Name: 6suuid Value: 362b3517098025007a4107652c0300005d016000
.veeam.com/	1970-01-20 14:51:00	Name: _clsk Value: 13cpa6w\|1694974330868\|2\|1\|v.clarity.ms/collect
.veeam.com/	1970-01-20 16:59:10	Name: _fbp Value: fb.1.1694974331036.141017850
.veeam.com/	1970-01-21 00:25:34	Name: _ga_PMJS81E58L Value: GS1.1.1694974328.1.1.1694974331.57.0.0
go.veeam.com/	1970-01-21 00:25:34	Name: _gd_visitor Value: a6fabdbf-08a9-4756-8854-1344e529c515
go.veeam.com/	1970-01-20 14:49:48	Name: _gd_session Value: de3f04b6-8088-4d54-8019-172e2f7d1eff

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-uNmpoUN2AMu4QhzPoHJzjOaoT12CmsnyOEfXYFN1bug=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6147876.fls.doubleclick.net
870-lbg-312.mktoresp.com
adservice.google.com
analytics.twitter.com
assets-tracking.crazyegg.com
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
connect.facebook.net
css.veeam.com
epsilon.6sense.com
geo.cookie-script.com
go.veeam.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.veeam.com
link.veeam.com
munchkin.marketo.net
pagestates-tracking.crazyegg.com
psr.veeam.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.crazyegg.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.crazyegg.com
v.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.17.70.206
104.17.74.206
104.244.42.133
104.244.42.195
13.107.42.14
13.32.27.24
142.250.184.198
146.75.116.157
185.14.184.154
192.28.144.124
20.114.189.135
2001:4860:4802:32::36
23.206.100.200
23.53.43.58
2600:9000:219c:1e00:5:699f:cf00:93a1
2600:9000:223c:9a00:5:5dda:e080:93a1
2600:9000:262b:b000:1b:4c2e:9800:93a1
2600:9000:26db:ec00:2:53b2:240:93a1
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9c
2a02:26f0:480:21::217:d11c
2a02:26f0:480:f::213:7ec6
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.69.80.35
52.48.224.138
68.219.88.97
99.84.88.3
0048047642c64d15c52fe6f6c15ee2f95662d9b56a010dead7b5e7e208047762
00b5b1591881e74a2d245b607aa61cf23d4f0b7957b6f6acdeb459192d872c6d
012085b10efbc5cec5773453090608c2ace13289872f6426bad0e551091a3515
02b5720355f7e880a91f0b7fedff83bbacea95d279369a9c3a7e070467398bee
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2182476b2f19b36cc23e9bbdb2dd97b84f4d6eddabc117e374b893fe3cd8cdc5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0c37830cf91264f4a8f6c40c47a4676ce3b95802020ca2ed8f5773c052261a
2e44ef965096ae5b74fd3c176e5005c76d0627aa943cf76a13f00776bccc1280
30e9c88d2b5f301e23dc57fa8f741a7a4de0e87a5c1bc5d04eafec57524ca72a
388212045a8b66f422c5c76919d285ca0ffec3b390e33a289997557c38f3c4f2
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
4590ce620dcfb3d25096be12710ce67ede2b1b5062cdd749becb780a589ec754
4a0147ee31b1ffa9e39110806b5e08f0d3ba371a8e8c1c67c0ae695b8a0eab3c
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
533fb2d9ba2e0f15591723c0f82733d6707b9f43146132ae5019aceab489c90a
5601f3de6bf95a79d2301b22ba43007bc0c0ea0db4fde775c0f6990c30e62ec5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a609cc4563ff2ea8b0bbe120f510a9a1d480d3bd876a546ca4659b8af7af970
62cf7afd1dfdf172dc344dc315cb03c1c940f93023b8754a6218a0862f1270e0
65c991b9b5388cdad740de1907104987ad42317a4d5c5ee876f998d6e172ed1d
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
681d3cd9515a6f21d54bce33e970a44462f9162ed1b7c8369fcf322123071c87
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
75c8c939c2b5ca333b526ae6b323b96f055d7ae4d2dfc2efa9d6eb633e044466
760531918d5d072d2a6da696ed84d320e241db5ce7fade9c3b1a0ddea675c679
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d7772e84897894be55c2fc38b6040a24bc96ac28f5c9e15c1349a3c6c5a4972
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1a21f56da779c1d891f8348fe0ba48def49909229bb3007fad7f28f5c488c26
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a3965fe1a2df40ba32a1bcea5c99c393bd8e5378183c65dce58a8144cded98ef
a6572cfd7e3a6278565a2b135d8b3560dc75613665d66479acf4b984abe0990c
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2ba18a322475908018dfd435077a6422932cee8f97ef11014414e9c2e9c5f7c
b54bd590d70e904539ffa9076424ac88d9112dd401514034b4cc3a46465b883f
b6681967d12d696d1529866e912c42044a7d30a3e0ec19f4e564ee6504a284a3
be457c92955aa284cd11201cb0aa3b93ca944c478c93c819f0ee223ba4629b71
caa8ed52cc47c51564f1b3d9f5550122da77f80b834eaaef19f18712b2236449
cd5136d161be9d35cafb3c710837e588b824e4eaab440018769808c3f5cc1a05
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca911cde383d98bf0ebfaeae9ffcbf9a217014053c43f8a4206d325f4988a5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
f9600ede23afd739e2f3eb242c894ca8bfb947970dafd7df09706b14db83772e
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

go.veeam.com Open in urlscan Pro 104.17.70.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

96 %HTTPS

54 %IPv6

22 Domains

41 Subdomains

37 IPs

6 Countries

923 kBTransfer

2934 kBSize

40 Cookies

28 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

go.veeam.com Open in urlscan Pro
104.17.70.206 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

96 %
HTTPS

54 %
IPv6

22
Domains

41
Subdomains

37
IPs

6
Countries

923 kB
Transfer

2934 kB
Size

40
Cookies

92 HTTP transactions
0 data transactions