www.bitdefender.com Open in urlscan Pro
2606:4700::6812:1a9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again
Submission: On November 14 via api (November 14th 2024, 2:10:04 am UTC) from TR — Scanned from DE

Summary HTTP 130 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 24 domains to perform 130 HTTP transactions. The main IP is 2606:4700::6812:1a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bitdefender.com. The Cisco Umbrella rank of the primary domain is 112271.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 10th 2024. Valid for: a year.

This is the only time www.bitdefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700::68... 2606:4700::6812:1a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a02:26f0:170... 2a02:26f0:1700:11::b856:6785	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:26cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:887::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	34.250.142.67 34.250.142.67	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:5... 2600:1901:0:5987::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.102.98 18.66.102.98	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:8c11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4d8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	35.190.14.188 35.190.14.188	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:2e00:d:199b:f700:93a1	() ()
1	52.31.224.145 52.31.224.145	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.222 63.140.62.222	15224 (OMNITURE) (OMNITURE)
1 1	52.16.193.179 52.16.193.179	16509 (AMAZON-02) (AMAZON-02)
4	66.235.152.156 66.235.152.156	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
7	2a05:d018:56f... 2a05:d018:56f:b800:f42c:e894:1fb0:3740	16509 (AMAZON-02) (AMAZON-02)
7	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.241.3.184 35.241.3.184	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100:2aa::294d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:1... 2600:1901:0:1e38::	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	34.95.108.180 34.95.108.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d4d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
130	39

21 2606:4700::6812:1a9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

businessresources.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:11::b856:6785 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:26cf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.142.67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-142-67.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:5987:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-98.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8c11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4d8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:2e00:d:199b:f700:93a1 (United States)

ASN- ()

euob.ofgreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.224.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-224-145.eu-west-1.compute.amazonaws.com

bitdefender.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net

sstats.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.193.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-193-179.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.235.152.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-156.data.adobedc.net

starget.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:56f:b800:f42c:e894:1fb0:3740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

obseu.ofgreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:2aa::294d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobetarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com

uct.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:3::b818:4d4d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

download.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	bitdefender.com www.bitdefender.com — Cisco Umbrella Rank: 112271 businessresources.bitdefender.com — Cisco Umbrella Rank: 862206 sstats.bitdefender.com — Cisco Umbrella Rank: 199569 starget.bitdefender.com — Cisco Umbrella Rank: 638093 download.bitdefender.com — Cisco Umbrella Rank: 27068	3 MB
27	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 9015 api.usercentrics.eu — Cisco Umbrella Rank: 6139 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15225 uct.service.usercentrics.eu — Cisco Umbrella Rank: 17543	200 KB
16	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 18579 js.hubspot.com — Cisco Umbrella Rank: 4583 api.hubspot.com — Cisco Umbrella Rank: 6113 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4618 track.hubspot.com — Cisco Umbrella Rank: 3183 forms.hubspot.com — Cisco Umbrella Rank: 7285 forms-na1.hubspot.com — Cisco Umbrella Rank: 14489	48 KB
8	ofgreencolumn.com euob.ofgreencolumn.com — Cisco Umbrella Rank: 299292 obseu.ofgreencolumn.com — Cisco Umbrella Rank: 232846	42 KB
7	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4801 perf.hsforms.com — Cisco Umbrella Rank: 20966 forms.hsforms.com — Cisco Umbrella Rank: 5804 forms-na1.hsforms.com — Cisco Umbrella Rank: 8797	9 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	396 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	270 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 276 bitdefender.demdex.net — Cisco Umbrella Rank: 511466	2 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4941 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488 imgsct.cookiebot.com — Cisco Umbrella Rank: 5839	35 KB
3	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 ade.googlesyndication.com — Cisco Umbrella Rank: 345	958 B
3	google.com www.google.com — Cisco Umbrella Rank: 4	1 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 468	168 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 3334 js-na1.hs-scripts.com — Cisco Umbrella Rank: 8016	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2944
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 8424	156 KB
1	adobetarget.com assets.adobetarget.com — Cisco Umbrella Rank: 42905	31 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1776	490 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 6304	26 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 6969	92 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3016	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3038	25 KB
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 5315	2 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 39415	7 KB
130	24

	Domain	Requested by
21	www.bitdefender.com	www.bitdefender.com
16	app.usercentrics.eu	assets.adobedtm.com app.usercentrics.eu www.bitdefender.com
8	api.usercentrics.eu	app.usercentrics.eu
7	obseu.ofgreencolumn.com	euob.ofgreencolumn.com www.bitdefender.com
6	businessresources.bitdefender.com	www.bitdefender.com
5	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
4	track.hubspot.com
4	starget.bitdefender.com	assets.adobedtm.com
4	no-cache.hubspot.com	www.bitdefender.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	js.hsforms.net www.gstatic.com
3	perf.hsforms.com	www.bitdefender.com
3	dpm.demdex.net	1 redirects www.bitdefender.com
3	assets.adobedtm.com	www.bitdefender.com assets.adobedtm.com
2	ade.googlesyndication.com	1 redirects
2	forms-na1.hubspot.com	js.hsforms.net
2	forms-na1.hsforms.com
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
2	sstats.bitdefender.com	assets.adobedtm.com www.bitdefender.com
2	cta-service-cms2.hubspot.com	js.hubspot.com js.hscta.net
2	api.hubspot.com	js.usemessages.com
2	consent.cookiebot.com	www.bitdefender.com consent.cookiebot.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	js.hsforms.net
1	download.bitdefender.com
1	forms.hubspot.com	js.hsleadflows.net
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	imgsct.cookiebot.com
1	forms.hsforms.com	js.hsforms.net
1	uct.service.usercentrics.eu	www.bitdefender.com
1	js.hsforms.net	www.bitdefender.com
1	assets.adobetarget.com	assets.adobedtm.com
1	perf-na1.hsforms.com	www.bitdefender.com
1	cm.everesttech.net	1 redirects
1	bitdefender.demdex.net	assets.adobedtm.com
1	euob.ofgreencolumn.com	assets.adobedtm.com
1	js.hubspot.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	api.company-target.com	assets.adobedtm.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	js.hscta.net	www.bitdefender.com
1	js.hs-scripts.com	www.bitdefender.com
130	47

This site contains links to these domains. Also see Links.

Domain
localhost
www.linkedin.com
download.bitdefender.com
techcommunity.microsoft.com
techzone.bitdefender.com
businessresources.bitdefender.com
facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-10` - `2025-11-07`	a year	crt.sh
businessresources.bitdefender.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
hscta.net WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
app.usercentrics.eu WR3	`2024-10-01` - `2024-12-30`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
hsleadflows.net WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
*.ofgreencolumn.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
sstats.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-07`	a year	crt.sh
starget.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-31` - `2025-10-30`	a year	crt.sh
api.usercentrics.eu WR3	`2024-09-30` - `2024-12-29`	3 months	crt.sh
hsforms.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
assets.adobetarget.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-18` - `2025-02-17`	a year	crt.sh
hsforms.net WE1	`2024-10-09` - `2025-01-07`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu WR3	`2024-09-27` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
uct.service.usercentrics.eu WR3	`2024-09-17` - `2024-12-16`	3 months	crt.sh
download.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-20` - `2025-05-19`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again
Frame ID: B2D0348A2E420977444DEA3F474CA1D2
Requests: 117 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 429FA1FDEAD63879898E01D8A988EA87
Requests: 1 HTTP requests in this frame

Frame: https://bitdefender.demdex.net/dest5.html?d_nsid=0
Frame ID: D5AB7619E9607158656D57E7BED36FF1
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.38.5/cross-domain-bridge.html
Frame ID: 4DCBB464E3DE566DA4BBDD5EDF44AECF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuYml0ZGVmZW5kZXIuY29tOjQ0Mw..&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=qxijyegb5ydf
Frame ID: 1ADF4281EEF9DD630C8B26140DD78E65
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 47E05D79FFBFE469933F363BEAC812D4
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.bitdefender.com
Frame ID: DE17447AD492E87F1A9DD9938DA41F19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

130
Requests

96 %
HTTPS

56 %
IPv6

24
Domains

47
Subdomains

39
IPs

4
Countries

4218 kB
Transfer

8273 kB
Size

36
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://localhost:3000/nuxt/api/en-gb/rss/businessinsights/ransomware/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/events/7262475362587004928/comments/
Title: LinkedIn Live event next Tuesday, November 19

Search URL Search Domain Scan URL

URL: http://download.bitdefender.com/am/malware_removal/BDShrinkLockerUnlocker.exe
Title: https://download.bitdefender.com/am/malware_removal/BDShrinkLockerUnlocker.exe

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-next-steps/ba-p/4148301
Title: deprecation of VBScript

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/white-papers/ransomware-whitepaper.html
Title: Stopping Ransomware: A Technical Deep Dive into Attack Vectors & Mitigation Strategies with Bitdefender.

Search URL Search Domain Scan URL

URL: https://businessresources.bitdefender.com/cs/c/?cta_guid=6507900c-b4e4-4ccc-8b09-f50ae98867bf&signature=AAH58kGsWQ_D5dpYqMldCBXKKbLizMRjBg&portal_id=341979&placement_guid=6a0e254e-3407-48f7-857c-eb6a8b1ceb11&click=db3d7058-549a-4c91-9401-96cbeeb02dac&redirect_url=APefjpGDJNKPJIgsR6hAQfEaKCN1u6E3IyHa4ToV_NCe2vo_UmvwKIvVqaEAPXgQPfUx8v2JsBmOXpwGfL7eqfABHeRY7R_IilQQ6NIKNhG41tcXpU_jQBy5jB7i0r9Z8ovhxdxvau6Ak3ckEhEt3-a03e2WpuczRhWwu0OkESDLdfwBbSfyo2w&hsutk=2a33442be5ce4dbac8d19283c8180840&canon=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&ts=1731550189838&__hstc=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&__hssc=27765283.1.1731550190305&__hsfp=3377520574
Title: Read White Paper

Search URL Search Domain Scan URL

URL: https://businessresources.bitdefender.com/cs/c/?cta_guid=adfd1e27-96b5-49f5-a4e1-8be05f515e28&signature=AAH58kFb8neu5bh3VnshhFP0EIjfZgJKow&portal_id=341979&placement_guid=199866fa-383b-44e9-8694-7bef7ce88e84&click=41391b7a-c636-4755-bd39-e31d3a23bdf8&redirect_url=APefjpE9UWV9sxBxNIaRgsK6M0CIGx9RcMdAqHSNTrb0EOlNuDh6S2Oa3NbbPE3kQPogr5-5r8HXZpG6iauovzrxL9obwN3VG8gu4Ery-dan_rY6JUmid9SZeZa1Z-Yz73IGX7px1JWifHYGNa1ZEl1ZXbJLnhhIGQ&hsutk=2a33442be5ce4dbac8d19283c8180840&canon=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&ts=1731550189844&__hstc=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&__hssc=27765283.1.1731550190305&__hsfp=3377520574
Title: Attend LinkedIn Live Event

Search URL Search Domain Scan URL

URL: https://facebook.com/Bitdefender/

Search URL Search Domain Scan URL

URL: https://twitter.com/Bitdefender_Ent

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitdefender/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BitdefenderSecurity

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1731550188689 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1731550188689

Request Chain 40

https://cm.everesttech.net/cm/dd?d_uuid=79079371826660171113465233804158089955 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzVb7QAAAJrFFwN-

Request Chain 124

https://ade.googlesyndication.com/ddm/activity/src=5165113;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again;gdid=dMWZhNz.dOThhZD;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bc0v9171448788za200zb9190968901;gcs=G100;gcd=13p3pPp2p5l1;dma_cps=-;dma=1;tag_exp=101925629~102067554~102077855;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again HTTP 302
https://ade.googlesyndication.com/ddm/activity/src=5165113;dc_pre=CNPch5Hf2okDFX34OwId81oxQg;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again;gdid=dMWZhNz.dOThhZD;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bc0v9171448788za200zb9190968901;gcs=G100;gcd=13p3pPp2p5l1;dma_cps=-;dma=1;tag_exp=101925629~102067554~102077855;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request shrinklocker-decryptor-from-friend-to-foe-and-back-again Show response
www.bitdefender.com/en-gb/blog/businessinsights/ 264 KB
53 KB 148ms
61ms Document
text/html 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8faaf6e7eedc667de765597806d182b050477d7e7437d2f4f7bef493fd494cd

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' *.bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' *.emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com *.google.com www.gstatic.com *.hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com *.googleadservices.com tag.demandbase.com *.doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com *.hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com *.bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net *.clarity.ms *.bitdefender.com *.scarabresearch.com www.dwin1.com *.taboola.com *.outbrain.com retrack-kupona.kuponacdn.de ad4m.at *.google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' *.cookielaw.org *.criteo.com *.googletagservices.com *.2mdn.net *.googlesyndication.com *.usercentrics.eu *.ofgreencolumn.com *.tiktok.com *.impactcdn.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com *.facebook.com *.google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net *.criteo.com *.2mdn.net *.googlesyndication.com *.usercentrics.eu *.googletagmanager.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com *.emarsys.net *.hubapi.com *.hubspot.com *.facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com *.bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com *.google.com google.com *.scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com *.google-analytics.com *.analytics.google.com analytics.google.com *.clarity.ms *.doubleclick.net *.taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com *.bizible.com *.bizible.net px.ads.linkedin.com *.redditstatic.com *.googlesyndication.com *.cookielaw.org *.onetrust.com *.onetrust.io *.criteo.com *.reddit.com *.googleadservices.com *.usercentrics.eu *.bing.com *.ofgreencolumn.com *.tiktok.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri *.bitdefender.com *.bitdefender.com.au *.bitdefender.co.uk *.bitdefender.ro *.bitdefender.fr *.bitdefender.de

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 37051
cache-control: s-maxage=86400
cf-cache-status: HIT
cf-ray: 8e2376241b32dbeb-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' *.bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' *.emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com *.google.com www.gstatic.com *.hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com *.googleadservices.com tag.demandbase.com *.doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com *.hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com *.bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net *.clarity.ms *.bitdefender.com *.scarabresearch.com www.dwin1.com *.taboola.com *.outbrain.com retrack-kupona.kuponacdn.de ad4m.at *.google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' *.cookielaw.org *.criteo.com *.googletagservices.com *.2mdn.net *.googlesyndication.com *.usercentrics.eu *.ofgreencolumn.com *.tiktok.com *.impactcdn.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com *.facebook.com *.google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net *.criteo.com *.2mdn.net *.googlesyndication.com *.usercentrics.eu *.googletagmanager.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com *.emarsys.net *.hubapi.com *.hubspot.com *.facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com *.bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com *.google.com google.com *.scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com *.google-analytics.com *.analytics.google.com analytics.google.com *.clarity.ms *.doubleclick.net *.taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com *.bizible.com *.bizible.net px.ads.linkedin.com *.redditstatic.com *.googlesyndication.com *.cookielaw.org *.onetrust.com *.onetrust.io *.criteo.com *.reddit.com *.googleadservices.com *.usercentrics.eu *.bing.com *.ofgreencolumn.com *.tiktok.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri *.bitdefender.com *.bitdefender.com.au *.bitdefender.co.uk *.bitdefender.ro *.bitdefender.fr *.bitdefender.de
content-type: text/html; charset=utf-8
date: Thu, 14 Nov 2024 02:09:48 GMT
expires: Wed, 13 Nov 2024 16:22:13 GMT
last-modified: Wed, 13 Nov 2024 15:52:17 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H3 200 ShrinkLocker_Ransomware.jpg
businessresources.bitdefender.com/hubfs/ 380 KB
382 KB 139ms
52ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/ShrinkLocker_Ransomware.jpg

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

025d15d52f2c00b9289a3d793ffd6cad0466270d13a79a583ed3c0ad77c7089d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "505abccb7d5e2eed5c71cd53c4378588"
age: 42568
cache-tag: F-182504570385,P-341979,FLS-ALL
x-amz-version-id: 62lW7kUNhlLPnmx6Wm.BKamLAGH1oLgt
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FC1sUHL5WNt%2B3gVBTjdFL80FT8YOzKNU5fG7fnuVHSiMeJRI%2Bn1nfAJmlpiX86BMlELlkO8F7IyDAqrxRaYlHQGpPlIhaw0%2F%2Fs9aFVSCpWl2iDHqmJKHVJVNSNyieUt8n3JFNfeCxug8OD1qa%2FPJJ3N%2FBw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: PC_7iCtISGvs1k3dJF4tYANs2m8zkO3qj6rjCD237npdY6Tyv3APEQ==
content-type: image/webp
content-disposition: inline; filename="ShrinkLocker_Ransomware.webp"
last-modified: Thu, 07 Nov 2024 19:28:37 GMT
priority: u=2,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-182504570385,P-341979,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: 38TAKWH89NBHSMQ5
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-182504570385,P-341979,FLS-ALL
content-length: 389214
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: qual=85, origFmt=jpeg, origSize=1346779
date: Thu, 14 Nov 2024 02:09:48 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: 2ocZdhGxFMdzx6WXJBXPIzYU32Kz7bGopZSgcvs76UoojoOBe+deII54Cx4F15xWitstvh1LhhyfHLoflwelff6h7m8oVg6sVyMntfvXu2Q=
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 7a6b4cd1254095c5b4b5ec2c3af1870a.cloudfront.net (CloudFront)
cf-ray: 8e2376250a75e529-TXL
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1731007716088

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 110 KB
34 KB 132ms
45ms Script
application/javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=826
content-encoding: gzip
etag: "42d4c62e8219db1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Thu, 14 Nov 2024 02:23:34 GMT
accept-ranges: bytes
content-length: 34515
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 13:01:25 GMT
vary: Accept-Encoding

GET
H2 200 TagIT.v1.min.js Show response
www.bitdefender.com/scripts/ 15 KB
4 KB 181ms
179ms Script
application/x-javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43
Requested by: Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1789e6bf0f139fc89e73756237ae433989a6d27e7effe2d1771c06d2566f889b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

cache-control: public, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
cf-cache-status: MISS
etag: W/"5c8b8d2d-3b83"
pragma: public
cf-ray: 8e2376248bb6dbeb-FRA
access-control-allow-origin: *
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/x-javascript
last-modified: Fri, 15 Mar 2019 11:31:57 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 launch-b77a56f2d5f1.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/ 543 KB
153 KB 141ms
39ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

25f82b0775d468ef51478c9a5aa42a28b077dbfe94d9fa0c3ac5f1ba72975eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "19a705835f3a0ae72bb75bcf91d2f1f8:1726835526.609658"
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 03:09:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.bitdefender.com
content-length: 156215
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/x-javascript
last-modified: Fri, 20 Sep 2024 12:32:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 341979.js Show response
js.hs-scripts.com/ 2 KB
1 KB 139ms
57ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/341979.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6fcba961679dc6caa4209cd3b7f30a0dea98e27e7c513d410de3d67878d1613

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
age: 9
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 02:11:18 GMT
date: Thu, 14 Nov 2024 02:09:48 GMT
x-hubspot-correlation-id: c471d906-3610-43d0-843d-7c9044470bc2
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Thu, 14 Nov 2024 02:09:39 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8e2376263db903f4-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.bitdefender.com
content-length: 663
server: cloudflare

GET
H2 200 service-worker.js Show response
www.bitdefender.com/content/dam/workers/ 132 B
569 B 1309ms
1309ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/content/dam/workers/service-worker.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4edd782df9a9f91a556f6334dc586c1e867e35bb47697387dd3939dff706e4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

x-vhost: bitdefender.com
service-worker-allowed: /
etag: W/"0x8DCB15252F8A0FE"
content-encoding: gzip
cf-cache-status: MISS
x-content-type-options: nosniff
x-cache: MISS
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: application/javascript
last-modified: Wed, 31 Jul 2024 11:17:11 GMT
x-served-by: cache-fra-eddf8230033-FRA
content-disposition: attachment; filename="service-worker.js"; filename*=UTF-8''service-worker.js
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: private, max-age=600, immutable
x-timer: S1731550188.453000,VS0,VS0,VE1252
referrer-policy: no-referrer-when-downgrade
cf-ray: 8e237625bd01dbeb-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 89d87db.js Show response
www.bitdefender.com/nuxt/_nuxt/ 5 KB
2 KB 143ms
141ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9794ab3e466cf2a29a4ae608198096e249b1c1eb6b6b5645ccca4d409db5687d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1411-19325c99c30"
age: 43580
cf-ray: 8e2376248bb7dbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 e039624.js Show response
www.bitdefender.com/nuxt/_nuxt/ 242 KB
83 KB 62ms
61ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/e039624.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fafbb30592c795f37772560dbe337613dd1b6bf30dda1ed65b239a2c8be22fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3c9ef-19325c99c30"
age: 43605
cf-ray: 8e2376248bb8dbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 90b34c3.js Show response
www.bitdefender.com/nuxt/_nuxt/ 12 KB
4 KB 143ms
141ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/90b34c3.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a371b8709abd6c7497e5714a93a4052fee7ad4f892768dc443925f58a76c5168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"30b7-19325c99c30"
age: 43605
cf-ray: 8e2376248bb9dbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 e209fbe.css
www.bitdefender.com/nuxt/_nuxt/css/ 64 KB
12 KB 62ms
61ms Stylesheet
text/css 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/css/e209fbe.css

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4f6648acadc44920e61b0f23a8b965f54d4ad9f87977e8113f5531c8f1e1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1007d-19325c9afb8"
age: 43580
cf-ray: 8e2376248bb3dbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 95ad8b6.js Show response
www.bitdefender.com/nuxt/_nuxt/ 103 KB
30 KB 60ms
59ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/95ad8b6.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aedb13d0beb8bd4216e39942b5c69ba907d5b0c05f7dd707c3fa36842304c2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"19d17-19325c99c30"
age: 43605
cf-ray: 8e2376248bbbdbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 a948464.css
www.bitdefender.com/nuxt/_nuxt/css/ 1 KB
535 B 141ms
140ms Stylesheet
text/css 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/css/a948464.css

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

831b25d2cf0066937657444e6d8366c0e51af9ac0989def0613358d48bd45b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"432-19325c9afb8"
age: 43580
cf-ray: 8e2376248bb4dbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 eefe234.js Show response
www.bitdefender.com/nuxt/_nuxt/ 51 KB
15 KB 141ms
141ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/eefe234.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c814d3885f6b650ae2ecb992ca5d7f46109cadfce775193c348266da540ae557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"cd54-19325c99c30"
age: 43580
cf-ray: 8e2376248bbcdbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 6e55ef7.css
www.bitdefender.com/nuxt/_nuxt/css/ 114 B
235 B 58ms
57ms Stylesheet
text/css 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/css/6e55ef7.css

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6692354a1d9a4d531832e922f7e86a9e80f24562572c9dc7614a71fe5145b266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"72-19325c9afb8"
age: 43580
cf-ray: 8e2376248bb5dbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fb3026e.js Show response
www.bitdefender.com/nuxt/_nuxt/ 768 B
562 B 145ms
144ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/fb3026e.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ddc3a8a76157b51372c1b717fdbdfa908c4bd5fff1938a1505327e629ca4a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"300-19325c99c30"
age: 43594
cf-ray: 8e237624cbeddbeb-FRA
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 6a0e254e-3407-48f7-857c-eb6a8b1ceb11.png
no-cache.hubspot.com/cta/default/341979/ 3 KB
3 KB 401ms
175ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/341979/6a0e254e-3407-48f7-857c-eb6a8b1ceb11.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b580d6751663a9c7176d0ac14b5cb6c83e3f60aa99f82617f1d92288e9a46b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cf-cache-status: DYNAMIC
etag: "0b7ab3ca4a64934d2adb1ae12fe31d5f"
x-amz-version-id: s5eTVFlsgxFDwIgU8E0YsVmfPMFv99Ub
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BQ%2BS7BPFFgcei2zEVDUn28vxXseWpi2pgU25hWmWjrIVDRQzdkPv0VGmmzkc%2BG1lY4%2FmJ7lt9t9INqWd1svrFnF6F2xRhCqWAGJDSs4XuwruMO4JzCs9yr1ablTuXdxm5iScW1HRI50rgF66ZjtXF1y"}],"group":"cf-nel","max_age":604800}
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: image/png
last-modified: Tue, 29 Oct 2024 01:39:34 GMT
x-amz-id-2: pbVykzbmFuOoJQ6hmgvVX5Nn50rKCy9jS28MpXE+7ELeJuDlgxSU5R6z/AMMgS9EQhZOf/IaCgM=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PSY58WBYCGBZ5N2R
cf-ray: 8e2376260ce590f4-FRA
accept-ranges: bytes
content-length: 2810
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 current.js Show response
js.hscta.net/cta/ 19 KB
7 KB 143ms
49ms Script
application/javascript 2606:4700::6811:26cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:26cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-request-id: 92835c79-3b84-48af-bf51-2a6e2ce33ba0
content-encoding: gzip
cf-cache-status: HIT
etag: W/"49dc870f22dc7e8bef174360be6097bc"
x-amz-version-id: W9oj2sVh6Qn00LXbZPOqsSo8Yj5Mq5qt
age: 426
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: IqWYBj_DuuTz7nI30z6DDBGu-BLRC7eRbCmYLh9oXgKmjZNHKtpEIQ==
x-hubspot-correlation-id: 92835c79-3b84-48af-bf51-2a6e2ce33ba0
content-type: application/javascript; charset=utf-8
last-modified: Thu, 10 Oct 2024 11:44:56 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-9t2m6
x-envoy-upstream-service-time: 3
x-hs-target-asset: cta-embed-js/static-1.323/bundles/current.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: MISS
date: Thu, 14 Nov 2024 02:09:48 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.323/bundles/current.js&cfRay=8e236bc1b8c9dcb4-FRA
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-ray: 8e23762539a52c36-FRA
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 199866fa-383b-44e9-8694-7bef7ce88e84.png
no-cache.hubspot.com/cta/default/341979/ 3 KB
4 KB 252ms
172ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/341979/199866fa-383b-44e9-8694-7bef7ce88e84.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30250855f1642306e68cd0949ccbdb652ed1fa1c5b8bde4ce561325127bc300b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cf-cache-status: DYNAMIC
etag: "afa5b8c5ac07a0dcfba397c4d4cc4792"
x-amz-version-id: WzwUnIGeEbKGvys.JusS9FL__BzFxwwA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUI6V1xrjUw38XOSW9VmaT5RGcaywqQksfAwcZpRFQ198hUfHhBl%2Bd%2FKXq0dtP8kEjMEbWnMO8JqdL7McD7jxped6X59VU6Gf2zE9bMXboynZiHBkG6OV92denyMP2LIOkTNmpmTTC%2F40uAElQ85wePG"}],"group":"cf-nel","max_age":604800}
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: image/png
last-modified: Wed, 13 Nov 2024 15:24:15 GMT
x-amz-id-2: AlenQ+iGuaE3HUYRO5ho6n0liEWtN+wle1+mZIQurJXq1sE+nLjU07XOmFqIZtbEGom0IX4XWwA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PSYCNACE2QSEH60N
cf-ray: 8e2376260ce690f4-FRA
accept-ranges: bytes
content-length: 3264
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 cc.js Show response
consent.cookiebot.com/4a55b566-7010-4633-9b03-7ba7735be0b6/ 375 B
601 B 82ms
81ms Script
application/x-javascript 2a02:26f0:1700:11::b856:6785
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/4a55b566-7010-4633-9b03-7ba7735be0b6/cc.js?renew=false&referer=www.bitdefender.com&dnt=false&init=false&culture=en_US
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 018f9e1aaada6e0c449d70167f3609fd5e8d028715e9ddf56cd5e6886d5ab140

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: private, max-age=60
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length: 364
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 / Show response
www.bitdefender.com/site/Main/TagIT/newsessioninit/ 33 B
1000 B 340ms
340ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/site/Main/TagIT/newsessioninit/?callback=&l=en&ch=1731550189

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fceba08a6bbdf2598e8f6d43e71b51854337da5f880c3fff252a25b9cd10b6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e237625bd06dbeb-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI ADM DEV COM NAV OUR STP"
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript
server: cloudflare

GET
H3 200 SM%20banner%20Linkedin%201280x720-png.png
businessresources.bitdefender.com/hubfs/ 109 KB
111 KB 101ms
101ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/SM%20banner%20Linkedin%201280x720-png.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3acc66dc1e93289a4e806c548a6b6e1a70cb916800250c66587eb02fceb0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "bb81be9484502d2080a7c9537eab589f"
age: 30655
cache-tag: F-182734450986,P-341979,FLS-ALL
x-amz-version-id: zpBW_khLgkJZrOuASCVk1n4HXx27nj25
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Na6tk2D1mYkcqY%2BC4iJ3%2BUTTLYr1qupjR4qlxV9FhLetBFm5TVKNNiR2efH3TN5H3h%2FmfPU7y3RQ8uuXueDMkjiWrSYX%2FKeJh6Aak2foQbdQ9kd9dwY2AQX1goJ9lhRxSxrcz1zgOzkUUDJOk0ZwXz0JIw%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Oa6yMgcNEVtSYazwVVN..2gN6R5a81vI0fsBnXj7Fr0-1731550188-1.0.1.1-KEpE1cS5t1Ebb3W0IsbLpPlk.wb4n3g4Leo4vRZAKCE.IMGqKkjNyVCH.rt1jMP9hrDjRCf27lYi6ZlZuglu6NTjmWXwT3VGmf1anJ5zU387j4k6ruE1y6JY61rBQH.eXnfVqk1cS68DgS37VpGF_9gPNwCIvvjDmOQm7d1AE_CZxVOzTue2pinoZRclHx0S"}],"group":"cf-csp-endpoint","max_age":86400}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: E-k3BH08FrbprUZB655kwA7PjHOMXnQtox9fjS5bv82D4XX2QL__vA==
content-type: image/webp
content-disposition: inline; filename="SM%20banner%20Linkedin%201280x720-png.webp"
last-modified: Tue, 12 Nov 2024 21:46:36 GMT
priority: u=3,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-182734450986,P-341979,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: 50EFWK1RYSTA9WM8
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-182734450986,P-341979,FLS-ALL
content-length: 112000
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=168669
date: Thu, 14 Nov 2024 02:09:48 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: v7kEBJ1c5N0pAnXIxUhxDLyf1lXVKP2JV0zQ/aQSFsiDJO+eFcJ6Vr6KieZ/SNqTdLbDBhmF3EqCkJTlN2k2WUG8S6zpVuMl
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Oa6yMgcNEVtSYazwVVN..2gN6R5a81vI0fsBnXj7Fr0-1731550188-1.0.1.1-KEpE1cS5t1Ebb3W0IsbLpPlk.wb4n3g4Leo4vRZAKCE.IMGqKkjNyVCH.rt1jMP9hrDjRCf27lYi6ZlZuglu6NTjmWXwT3VGmf1anJ5zU387j4k6ruE1y6JY61rBQH.eXnfVqk1cS68DgS37VpGF_9gPNwCIvvjDmOQm7d1AE_CZxVOzTue2pinoZRclHx0S; report-to cf-csp-endpoint
via: 1.1 4367cba3498f1b228cf14ad08dc7faaa.cloudfront.net (CloudFront)
cf-ray: 8e237625ebb1e529-TXL
access-control-allow-origin: *
x-amz-cf-pop: FCO50-P3
x-amz-meta-created-unix-time-millis: 1731447994999

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 429F 0
0 116ms
38ms Document
text/html 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.bitdefender.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=31297270
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 02:09:48 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 11 Nov 2025 07:50:58 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1731550188575_388276619_65114236_17_765_39_39_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1731550188689
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1731550188689

965 B
1 KB

55ms
55ms

XHR
application/json

34.250.142.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1731550188689

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Server

34.250.142.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-142-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

544cd70158592e16161ef64866820f4ae8ce57f0a7ba035fec155743790419ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-0b1991847.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: LaW2PUP1RbE=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.bitdefender.com
content-length: 554
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1731550188689
dcs: dcs-prod-irl1-2-v069-0da160222.edge-irl1.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: ERFq22NERzk=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.bitdefender.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 14 Nov 2024 02:09:48 GMT
vary: Origin

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 35 KB
13 KB 39ms
38ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "d8232f86c8016a8e0acaa7ecfdf72b3e:1722493571.189276"
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 03:09:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.bitdefender.com
content-length: 13012
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/ 3 KB
2 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement_Module_ActivityMap.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "bb4b6453e3ab80111a2b227318d22efb:1722493571.614634"
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 03:09:48 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.bitdefender.com
content-length: 1597
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Aug 2024 06:26:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 33 KB
9 KB 124ms
38ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

168fbd001832e68947238800be5e8564a5f2cb77f69e719ae238cf06b2f14678

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
content-encoding: gzip
x-goog-hash: crc32c=Xy55jw==, md5=lFuqUFQ8ZL6W0kamjZ1VbA==
etag: "945baa50543c64be96d246a68d9d556c"
age: 44
x-goog-stored-content-encoding: gzip
expires: Thu, 14 Nov 2024 03:09:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8555
date: Thu, 14 Nov 2024 02:09:04 GMT
last-modified: Tue, 05 Nov 2024 11:15:51 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3zCYfbTEG0OhD4azPWoFpN2jmsoFQtm2ICjEvK4ZWffKkkS6Y8aGBn-zEYzonZYyLxH-tnlhjA_w
strict-transport-security: max-age=7776000
cache-control: public, max-age=3600, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805351806470
content-length: 8555
server: UploadServer

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 2 KB
2 KB 246ms
156ms XHR
application/json 18.66.102.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?&page=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&referrer=&page_title=ShrinkLocker%20(%2BDecryptor)%3A%20From%20Friend%20to%20Foe%2C%20and%20Back%20Again

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-98.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d51199af77f787e326e501e25099090ad66706428a3d734d8b6dbc06cf4f438d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bitdefender.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: dacfb112-98c4-4a9b-af2d-018fbaf11d98
expires: Wed, 13 Nov 2024 02:09:48 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: D56gWAW3ZpuSOXR9vvkj7GEf4BrDKsPgHmhErsWQ_1mjdT93d2QEzg==
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.bitdefender.com
x-amz-cf-pop: FRA56-P2
server: nginx

GET
H2 200 341979.js Show response
js.hs-analytics.net/analytics/1731549900000/ 70 KB
25 KB 142ms
50ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1731549900000/341979.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be896bdbc5445ec366a8d0d81d4a553e900d73898461be6b79a7c0ac2236ef30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 44f1c978-5c47-44ab-8924-45b534fe6fb4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"467933c77feb86162ba87357e2229dc8"
x-amz-version-id: null
age: 264
expires: Thu, 14 Nov 2024 02:10:24 GMT
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:48 GMT
x-hubspot-correlation-id: 44f1c978-5c47-44ab-8924-45b534fe6fb4
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:38:20 GMT
vary: origin, Accept-Encoding
x-amz-id-2: sVhT89NMqfY8oKVw4EJVg9CgYhVnHbrYs7maNncTnTRtu46iwYvmpwceAuOBzJHmWrGKcCrq1KhLI2dMm2Ve2/BtngC1YCHX
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-8xq2m
x-envoy-upstream-service-time: 68
access-control-allow-credentials: false
x-amz-request-id: CHM76P5GJK51PRQW
cf-ray: 8e237628385adba9-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 341979.js Show response
js.hs-banner.com/ 70 KB
21 KB 145ms
54ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/341979.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e762dea4a25bf3b8c1fdae8951feaa2a41c8962e3a3145996efcfb78d79333cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 8a320c7a-e49d-4e65-95f5-a7ab9ecb6ee1
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"28538b58da5874462a53c5457bef88e7"
x-amz-version-id: 9nLDsADg80vL15QrNMBBb9toGslqVvQF
age: 264
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Thu, 14 Nov 2024 02:10:24 GMT
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:48 GMT
x-hubspot-correlation-id: 8a320c7a-e49d-4e65-95f5-a7ab9ecb6ee1
content-type: text/javascript; charset=UTF-8
last-modified: Thu, 12 Sep 2024 08:44:46 GMT
vary: origin, Accept-Encoding
x-amz-id-2: UBFklj4k+c9H/9YY1KRz5LmZNPlR+mKgvmZHL9Voy85BgI6SwV+RhqPNZPjK8t51WOCM3EMkzD4=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-mmpkf
x-envoy-upstream-service-time: 143
access-control-allow-credentials: true
x-amz-request-id: 5MTQVNHY57XEJYBM
cf-ray: 8e2376283efe18e0-FRA
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 550 KB
92 KB 130ms
47ms Script
application/javascript 2606:4700::6812:8c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://www.bitdefender.com/

Response headers

x-request-id: 84b47580-259e-42cd-bd6b-4f90430d3769
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 1P48dmUoAxkQ57N6qBxgDzS3oBmZAXBF
etag: W/"ce26171eff05376a1b746efbb809f7f6"
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
age: 69109
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: -5XgdxhNF1UrzTSdXYk5173I7yQLhJqsneNTefcQtlltKV7gvNZhBQ==
x-hubspot-correlation-id: 84b47580-259e-42cd-bd6b-4f90430d3769
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Oct 2024 10:17:06 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=86400, max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-lh5xx
x-envoy-upstream-service-time: 44
x-hs-target-asset: lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Thu, 14 Nov 2024 02:09:48 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js&cfRay=8e1cdeebf801929b-FRA
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
cf-ray: 8e2376282971365d-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 93 KB
26 KB 142ms
52ms Script
application/javascript 2606:4700::6810:4d8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4d8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 935e3573-bb3a-42bc-b22f-3e818fe98784
content-encoding: gzip
cf-cache-status: HIT
etag: W/"437fb84b40fd41c605a366d14a984219"
x-amz-version-id: GnpHiVDEdERXJOUylwbQwpaNqjGhipG0
age: 65
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: bPkw0tJTF3KCMSqlglnizItoSUJMnzJ5S1GGvrC3MSuH3RER1JIr-g==
date: Thu, 14 Nov 2024 02:09:48 GMT
x-hubspot-correlation-id: 935e3573-bb3a-42bc-b22f-3e818fe98784
content-type: application/javascript; charset=utf-8
last-modified: Thu, 31 Oct 2024 16:46:07 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-8t87w
x-envoy-upstream-service-time: 0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18525/bundles/project.js&cfRay=8e23748ddae33738-FRA
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-ray: 8e2376283d234d37-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18525/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
24 KB 148ms
58ms Script
application/javascript 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://www.bitdefender.com/

Response headers

x-request-id: 9097a577-c110-46b9-a265-904ea116afec
content-encoding: gzip
cf-cache-status: HIT
etag: W/"83516cb36bba59046b931d3496c56b0c"
x-amz-version-id: CxKDbkLWIG8oARp7ZgYVTZrOz3tr7GRC
age: 264
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMmIl5I5%2F9Tr7ncgFSTtrFKQpq6Qd%2Bzjm%2FXRjfmZSBuHAbCd4wA03sSPxi1RBjiNVmujpX6E0PMqXBFnEprrcA8st6MRzp65CE714y1P7ad8tsvPzxcDdB0JoUCw3iJyyjrQ42ihYq0pP1kE"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: iWT06b1AQhxIUv0ebVaIAR879B6mHsj0RY57cWOc4OP2K3ielKgTFQ==
x-hubspot-correlation-id: 9097a577-c110-46b9-a265-904ea116afec
content-type: application/javascript; charset=utf-8
last-modified: Fri, 01 Nov 2024 15:51:22 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-jnj7g
x-envoy-upstream-service-time: 0
x-hs-target-asset: web-interactives-embed/static-2.1648/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Thu, 14 Nov 2024 02:09:48 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1648/bundles/project.js&cfRay=8e236fb3fbb22e00-FRA
via: 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
cf-ray: 8e2376283f503678-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 / Show response
www.bitdefender.com/site/Main/TagIT/getparams/ 53 B
451 B 252ms
252ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/site/Main/TagIT/getparams/?callback=TagIT_getParams_callback&callback2=&l=en&ch=1731550191

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f4a3188e5bd3946bc65cba66db7f0400a6c149acc208b4b46640af86858f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e237627df3adbeb-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI ADM DEV COM NAV OUR STP"
date: Thu, 14 Nov 2024 02:09:48 GMT
content-type: application/javascript
server: cloudflare

GET
H3 200 index.module.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 440 KB
118 KB 80ms
38ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7c04d31ecc8832e8dd2fd384fb74176a4917de9106a6aea642ef9f2b7acffca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=UXrFKw==, md5=dYFXe8TJNO3LpOJg/Hlycw==
etag: "7581577bc4c934edcba4e260fc797273"
age: 84221
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 02:46:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 120982
date: Wed, 13 Nov 2024 02:46:07 GMT
last-modified: Tue, 05 Nov 2024 11:15:25 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY1Ue7yaTkZy5qeWJbzpjOB-StRSw49dAfwlWbIQ2nd52Y_6_qIZ6qG4-wSvpOIEUmGLR4Ksb89sTQ
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805325511336
content-length: 120982
server: UploadServer

GET
H2 200 9890752fc19726fc8a394d54a189ae9f.js Show response
euob.ofgreencolumn.com/sxp/i/ 108 KB
40 KB 140ms
43ms Script
text/javascript 2600:9000:2490:2e00:d:199b:f700:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:2e00:d:199b:f700:93a1 , United States, ASN (),
Reverse DNS
Software: Caddy /
Resource Hash: 353f8aa62bdd0bb4fd3e23bbeae004cda89a64f75a204a2a970be97aba9afa02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1b01a-TKxFRVhlatp616rFC83K0WhTojs"
age: 6672
via: 1.1 e016ea20838aeed1d878a5244c9e2552.cloudfront.net (CloudFront)
expires: Thu, 14 Nov 2024 12:18:36 GMT
x-cache: Hit from cloudfront
content-length: 40444
x-amz-cf-id: hY4zqatS3IQrHu1rOLcRhEmEZ7ew9vq6Y2j0XyC6B0-UbIiKwN0d-w==
date: Thu, 14 Nov 2024 00:18:37 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: FRA56-P6

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 183ms
170ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=341979&conversations-embed=static-1.18525&mobile=false&messagesUtk=3e9b534037674f96938e58af407b09aa&traceId=3e9b534037674f96938e58af407b09aa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.bitdefender.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8e237628bf993678-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 14 Nov 2024 02:09:49 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaGE0OcOom8i73X4Dd1teZsEqZAa7RIF4HXp2i7c5h1cxJRBXWfb4hAzrEldKyvulqxsL88DW56rEvTVWfThOSTaKBaACDYhtJjxYyQpz3E6fTVNH9%2FXRitKzCXFKj2eFCXGMDxz12EzHVr1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: a370cedd-62d5-43ee-8ad9-4c043f96e6dc

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 345 B
1 KB 178ms
178ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df38661b055073162eb91c4e3137f072e8c453ec942c6200bf460f815d6a84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again
Referer: https://www.bitdefender.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4Rny77IiHByyHQw3%2BUoTV87KEshCcx0Ml0JbV2a7CM%2BESmRAnCN078NvQpKdrumEQ1OGgYARb0Oh2geKDMD5jxRG2hO1jf4Px6EP%2FpjnKgW%2F5VqBd7NiiKl1YsvdJ61KGm2h3KltUgk2g9FLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Thu, 14 Nov 2024 02:09:49 GMT
x-hubspot-correlation-id: e0255065-cfc9-4826-b37f-fa966eeb6458
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8e237629c8163678-FRA
access-control-allow-origin: https://www.bitdefender.com
content-length: 265
server: cloudflare

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1 KB 213ms
155ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=341979&currentUrl=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 522a8ce1-54c8-4d7d-89ab-4104adb081a4
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tS4XJj3mPOPLi4d%2BzIQRgjUIBFHgZ3y6NZbPjrSiNGkq6rejDH6E08EWBh44FrKR2z0wrQVu06PAlu3L2TdMwLiAzMC6sEDRK7JNp0UWJUteM2xhRoYhSzeSfjlSFWAuRx5Uqu7hDsB7met7RZtUqLii3XX1RJ%2BKlTA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:49 GMT
x-hubspot-correlation-id: 522a8ce1-54c8-4d7d-89ab-4104adb081a4
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-zpht7
x-envoy-upstream-service-time: 9
access-control-allow-credentials: true
cf-ray: 8e2376290fb93678-FRA
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 dest5.html
bitdefender.demdex.net/ Frame D5AB 0
0 175ms
53ms Document
text/html 52.31.224.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bitdefender.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.31.224.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-145.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bitdefender.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 14 Nov 2024 02:09:49 GMT
dcs: dcs-prod-irl1-1-v069-029f0efce.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 11 Nov 2024 10:04:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: ZIV+P36iS3E=

GET
H2 200 id Show response
sstats.bitdefender.com/ 48 B
464 B 166ms
53ms XHR
application/x-javascript 63.140.62.222
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.bitdefender.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&mid=79060000963424244643467657372839462948&ts=1731550188920

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

6d4e3bfb1e102e907ad6f5f5246f076fab742ee39cb36ebe516b156845c25b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.bitdefender.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Thu, 14 Nov 2024 02:09:49 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=ZzVb7QAAAJrFFwN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=79079371826660171113465233804158089955
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzVb7QAAAJrFFwN-

42 B
717 B

57ms
57ms

Image
image/gif

34.250.142.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzVb7QAAAJrFFwN-

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Server

34.250.142.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-142-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-00f9e585a.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: zv2X1mbwQdQ=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzVb7QAAAJrFFwN-
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Thu, 14 Nov 2024 02:09:49 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

POST
H2 200 delivery Show response
starget.bitdefender.com/rest/v1/ 354 B
847 B 205ms
64ms XHR
application/json 66.235.152.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=81867f3dcddf479d8b8c0da2bccaa2e0&version=2.11.4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.156 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-156.data.adobedc.net

Software

jag /

Resource Hash

71027daca11be21c2a97986cb4d21753a57ef281680a0bbb0ab69575faa1b481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 9bbb9d85-a2a3-428b-bb6d-2f9d071061c2
cache-control: no-cache, no-store, max-age=0, no-transform, private
timing-allow-origin: *
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://www.bitdefender.com
date: Thu, 14 Nov 2024 02:09:49 GMT
x-xss-protection: 1; mode=block
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: jag

OPTIONS
H2 200 SD1TKlYyWO4GcB.json
api.usercentrics.eu/ruleSet/ Frame 0
0 138ms
53ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/ruleSet/SD1TKlYyWO4GcB.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Nov 2024 02:09:49 GMT
expires: Thu, 14 Nov 2024 02:09:49 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DEBY
x-guploader-uploadid: AHmUCY3kzATN5XDSu7HsFf9zKZKIwVfzKyIGk0r4lVOH1RXu5N1GX4nGV80ESliCQb8owtye4O7uxXxJ

GET
H2 200 SD1TKlYyWO4GcB.json Show response
api.usercentrics.eu/ruleSet/ 552 B
885 B 40ms
39ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/ruleSet/SD1TKlYyWO4GcB.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a1aa30b8c2998ad91b6d0cd88fa7fa3a4c2a3e79df019cbc504e380f0aef6c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=OfYgNQ==, md5=pEu3r9j/CLIr70/GZQNh5w==
etag: "a44bb7afd8ff08b22bef4fc6650361e7"
age: 1629
x-goog-stored-content-encoding: gzip
expires: Thu, 14 Nov 2024 02:12:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 349
x-client-geo-location: DE,DEBY
date: Thu, 14 Nov 2024 01:42:40 GMT
last-modified: Wed, 03 Jul 2024 09:20:03 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2CPx0iqMCxTTWkJyqWWYPVrkegYsFEdZYwdHQofLIhbIIHhXP3ZacIdjRBPfpofns4Ow6olYWP_A
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=1800
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1719998403375993
content-length: 349
server: UploadServer

GET
H2 200 ct Show response
obseu.ofgreencolumn.com/ 4 KB
1 KB 200ms
79ms Script
text/javascript 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.ofgreencolumn.com/ct?id=71147&url=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1731550189115&hl=2&op=0&ag=4155436659&rand=23125661986900509220669905972160935666368182118422952095287804195161575180028679168292&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDQ4MTNdLFsiYWJuY2giLDEzXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo0LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTkzMDgyMDI3OSxcInNlY1wiOlwiXCJ9Il0sWy0xLCItIl0sWy00LCI8aHRtbCBkYXRhLW4taGVhZC1zc3I9XCJcIiBsYW5nPVwiZW4tZ2JcIiBkYXRhLW4taGVhZD1cIiU3QiUyMmxhbmclMjI6JTdCJTIyc3NyJTIyOiUyMmVuLWdiJTIyJTdEJTdEXCI%2BPGhlYWQ%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBjaGFyc2V0PVwidXRmLThcIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIG5hbWU9XCJ2aWV3cG9ydFwiIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MVwiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJkZXNjcmlwdGlvblwiIG5hbWU9XCJkZXNjcmlwdGlvblwiIGNvbnRlbnQ9XCJJbWFnaW5lIGEgcmFuc29td2FyZSBhdHRhY2sgdGhhdCdzIHNvIG9sZC1zY2hvb2wgaXQncyB1c2luZyBWQlNjcmlwdCBhbmQgYSBidWlsdC1pbiBXaW5kb3dzIGZlYXR1cmUgZm9yIGVuY3J5cHRpb24uXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOnRpdGxlXCIgcHJvcGVydHk9XCJvZzp0aXRsZVwiIGNvbnRlbnQ9XCJTaHJpbmtMb2NrZXIgKCtEZWNyeXB0b3IpOiBGcm9tIEZyaWVuZCB0byBGb2UsIGFuZCBCYWNrIEFnYWluXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOmRlc2NyaXB0aW9uXCIgcHJvcGVydHk9XCJvZzpkZXNjcmlwdGlvblwiIGNvbnRlbnQ9XCJJbWFnaW5lIGEgcmFuc29td2FyZSBhdHRhY2sgdGhhdCdzIHNvIG9sZC1zY2hvb2wgaXQncyB1c2luZyBWQlNjcmlwdCBhbmQgYSBidWlsdC1pbiBXaW5kb3dzIGZlYXR1cmUgZm9yIGVuY3J5cHRpb24uXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cIm9nOnVybFwiIHByb3BlcnR5PVwib2c6dXJsXCIgY29udGVudD1cImh0dHBzOi8vd3d3LmJpdGRlZmVuZGVyLmNvbS9lbi1nYi9ibG9nL2J1c2luZXNzaW5zaWdodHMvc2hyaW5rbG9ja2VyLWRlY3J5cHRvci1mcm9tLWZyaWVuZC10by1mb2UtYW5kLWJhY2stYWdhaW5cIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwib2c6aW1hZ2VcIiBwcm9wZXJ0eT1cIm9nOmltYWdlXCIgY29udGVudD1cImh0dHBzOi8vYnVzaW5lc3NyZXNvdXJjZXMuYml0ZGVmZW5kZXIuY29tL2h1YmZzL1Nocmlua0xvY2tlcl9SYW5zb213YXJlLmpwZ1wiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJvZzp0eXBlXCIgcHJvcGVydHk9XCJvZzp0eXBlXCIgY29udGVudD1cIndlYnNpdGVcIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwib2c6c2l0ZV9uYW1lXCIgcHJvcGVydHk9XCJvZzpzaXRlX25hbWVcIiBjb250ZW50PVwiQml0ZGVmZW5kZXIgQmxvZ1wiPjxtZXRhIGRhdGEtbi1oZWFkPVwic3NyXCIgZGF0YS1oaWQ9XCJ0d2l0dGVyOnRpdGxlXCIgcHJvcGVydHk9XCJ0d2l0dGVyOnRpdGxlXCIgY29udGVudD1cIlNocmlua0xvY2tlciAoK0RlY3J5cHRvcik6IEZyb20gRnJpZW5kIHRvIEZvZSwgYW5kIEJhY2sgQWdhaW5cIj48bWV0YSBkYXRhLW4taGVhZD1cInNzclwiIGRhdGEtaGlkPVwidHdpdHRlcjpkZXNjcmlwdGlvblwiIHByb3BlcnR5PVwidHdpdHRlcjpkZXNjcmlwdGlvblwiIGNvbnRlbnQ9XCJJbWFnaW5lIGEgcmFuc29td2FyZSBhdHRhY2sgdGhhdCdzIHNvIG9sZC1zY2hvb2wgaXQncyB1c2luZyBWQlNjcmlwdCBhbmQgYSBidWlsdC1pbiBXaW5kb3dzIGZlYXR1cmUgZm9yIGVuY3J5cHRpb24uXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cInR3aXR0ZXI6dXJsXCIgcHJvcGVydHk9XCJ0d2l0dGVyOnVybFwiIGNvbnRlbnQ9XCJodHRwczovL3d3dy5iaXRkZWZlbmRlci5jb20vZW4tZ2IvYmxvZy9idXNpbmVzc2luc2lnaHRzL3Nocmlua2xvY2tlci1kZWNyeXB0b3ItZnJvbS1mcmllbmQtdG8tZm9lLWFuZC1iYWNrLWFnYWluXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cInR3aXR0ZXI6aW1hZ2VcIiBwcm9wZXJ0eT1cInR3aXR0ZXI6aW1hZ2VcIiBjb250ZW50PVwiaHR0cHM6Ly9idXNpbmVzc3Jlc291cmNlcy5iaXRkZWZlbmRlci5jb20vaHViZnMvU2hyaW5rTG9ja2VyX1JhbnNvbXdhcmUuanBnXCI%2BPG1ldGEgZGF0YS1uLWhlYWQ9XCJzc3JcIiBkYXRhLWhpZD1cImF1dGhvclwiIG5hbWU9XCJhdXRob3JcIiBjb250ZW50PVwiTSJdLFstMzAsIltcInZcIiwwXSJdLFstMzUsIlsxNzMxNTUwMTg5MDU2LC0xXSJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxMCJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUsbGF0bixncmVnb3J5Il0sWy01MCwiLSJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiNTg2NjkyNjkzXCIsXCIzNjQ3NTQ5ODE1XCIsXCIyNDg4MjcyNzk3XCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy02NSwiLSJdLFstNzAsIi0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbLTI3LCJbMTAwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02LCItIl0sWy0zOCwiaSwtMSwtMSwwLDAsMSwwLDYsODEsNzQsLTEsMCw0MjAuOCw0MjAuOCw5ODksOTg5Il0sWy00OCwiMCwwIl0sWy01MiwiLSJdLFstNjcsIjI1MzIzMTI4ODg6MTciXSxbLTIxLCItIl0sWy01MSwiLSJdLFstNjQsIlswLFwiXCIsW11dIl0sWy04LCItIl0sWy0xMywiLSJdLFstMjUsIi0iXSxbLTM0LCItIl0sWy01NSwiMiJdLFstNjAsMTk4XSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTY5LCJMaW51eCB4ODZfNjR8R29vZ2xlIEluYy58OHwyNHx8MCJdLFstMiwiNSxlQUhXWDEvZjNxekN2Ymt1eW1Rd2dsSWFGM3BJc2dJSWpTUSs4aUtncUkwb3NJQWlwRkVFUVJJa1VnZEVRUXBVb0pTQXRDQXFTSDlHeXk3WldaK2VyL2QrZTkyYndzQ1NELzFlIl0sWy0xMCwiLSJdLFstMTYsIjAiXSxbLTIwLCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTQwLCIzMyJdLFstNDksIi0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstMTIsIm51bGwiXSxbLTE1LCItIl0sWy0yNiwie1widGpoc1wiOjIxMTEwNTY0LFwidWpoc1wiOjE2NTQ2MTQ4LFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0zMSwiZmFsc2UiXSxbLTUzLCIxMDAiXSxbLTUsIi0iXSxbLTcsIi0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTMzLCItIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTYzLCItIl0sWy02NiwiZ2VvbG9jYXRpb24sY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjcm9zc29yaWdpbmlzb2xhdGVkLHNjcmVlbndha2Vsb2NrLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsY2h1YWFyY2gsY29tcHV0ZXByZXNzdXJlLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksdXNiLGNoc2F2ZWRhdGEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsc2hhcmVkc3RvcmFnZSxydW5hZGF1Y3Rpb24sY2h1YWZvcm1mYWN0b3JzLGNoZG93bmxpbmssb3RwY3JlZGVudGlhbHMscGF5bWVudCxjaHVhLGNodWFtb2RlbCxjaGVjdCxhdXRvcGxheSxjYW1lcmEscHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxhY2NlbGVyb21ldGVyLGNodWFwbGF0Zm9ybXZlcnNpb24saWRsZWRldGVjdGlvbixwcml2YXRlYWdncmVnYXRpb24saW50ZXJlc3Rjb2hvcnQsY2h2aWV3cG9ydGhlaWdodCxsb2NhbGZvbnRzLGNodWFwbGF0Zm9ybSxtaWRpLGNodWFmdWxsdmVyc2lvbix4cnNwYXRpYWx0cmFja2luZyxjbGlwYm9hcmRyZWFkLGdhbWVwYWQsZGlzcGxheWNhcHR1cmUsa2V5Ym9hcmRtYXAsam9pbmFkaW50ZXJlc3Rncm91cCxjaHdpZHRoLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24sYnJvd3Npbmd0b3BpY3MsZW5jcnlwdGVkbWVkaWEsZ3lyb3Njb3BlLHNlcmlhbCxjaHJ0dCxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsdW5sb2FkLGNoZHByLGNocHJlZmVyc2NvbG9yc2NoZW1lLGNodWF3b3c2NCxhdHRyaWJ1dGlvbnJlcG9ydGluZyxmdWxsc2NyZWVuLGlkZW50aXR5Y3JlZGVudGlhbHNnZXQscHJpdmF0ZXN0YXRldG9rZW5yZWRlbXB0aW9uLGhpZCxjaHVhYml0bmVzcyxzdG9yYWdlYWNjZXNzLHN5bmN4aHIsY2hkZXZpY2VtZW1vcnksY2h2aWV3cG9ydHdpZHRoLHBpY3R1cmVpbnBpY3R1cmUsbWFnbmV0b21ldGVyLGNsaXBib2FyZHdyaXRlLG1pY3JvcGhvbmUiXSxbLTY4LCItIl0sWy03MSwiYTAxMTAwMTAxMDAxMDAxMDEwMDAxMDEwMDExMTExMDEwMDAwMTAiXSxbLTksIisiXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTQxLCItIl0sWy0xOSwiWzMwLDMwLDMwLDMwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjg1LDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy00NCwiMCwwLDAsNSJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaY1RGWmJGMVpmWGt0Y1hGZGFWbFZNVkZjWFdsWlVGa3BCU1JaUUZnQUJBQWtPREF0ZldnZ0FEZ3NQWDFvQldBb0FEVjBNRFZnSUFRQllYQUJmRjFOS0F3Z0REd0VMRGcwUUZWaE5HVXNaRVZGTlRVbEtBeFlXWEV4V1d4ZFdYMTVMWEZ4WFdsWlZURlJYRjFwV1ZCWktRVWtXVUJZQUFRQUpEZ3dMWDFvSUFBNExEMTlhQVZnS0FBMWREQTFZQ0FFQVdBPT0iXSxbImJuY2giLDc5XSxbLTE0LCItIl0sWy0xNywiMjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNjIsIjgwIl0sWyJkZGIiLCIwLDYsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMSwwLDAsMCwxLDEsNSwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsOCwwLDAsMCwwLDAsMCwxOCwwLDAsMCwxIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDUsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMywwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=2HG0n5tBZV&pto=1046&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1731550189.UCgoTLAqrhgO6erz&suid=1.1731550189.JuhTcp4DOptuYMVP&tuid=1.1731550189.NVNzfRLDzxtLeChf&fbc=-&gtm=W10%3D&it=41%2C779%2C173&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by: Host: euob.ofgreencolumn.com
URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a75e97f2d8872e16af42be9463dc7402b6be9b30f1faf9570f11949af9b3dbcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://www.bitdefender.com
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1180
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: text/javascript

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
928 B 233ms
185ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 4cc50786-40b7-485c-94c7-d91355416f95
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:49 GMT
x-hubspot-correlation-id: 4cc50786-40b7-485c-94c7-d91355416f95
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Thu, 14 Nov 2024 02:09:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-l6xgt
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e23762a6aab58de-TXL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 languages.json Show response
api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/ 152 B
133 B 64ms
64ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

0a25589501a065c71010f4b685f20a2a283ba910b374e2ce8148c4fcd623e9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=4sEJow==, md5=aPmXvSP/EY/QrW9PJ19q/w==
etag: "68f997bd23ff118fd0ad6f4f275f6aff"
age: 0
x-goog-stored-content-encoding: gzip
expires: Thu, 14 Nov 2024 02:10:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 100
x-client-geo-location: DE,DESH
date: Thu, 14 Nov 2024 02:09:49 GMT
last-modified: Wed, 06 Nov 2024 08:46:23 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY1Y5NxPUP1aLhwBkkC2uxGgLSt6TvJRah64mApDm4V37ISkeFOMLbE3hwkRdldPr-UzWbc
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=60
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730882783608709
content-length: 100
server: UploadServer

OPTIONS
H3 200 languages.json
api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/ Frame 0
0 51ms
51ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/languages.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Nov 2024 02:09:49 GMT
expires: Thu, 14 Nov 2024 02:09:49 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DESH
x-guploader-uploadid: AHmUCY1p59IaZx3fgsMyfYe8MjpTCa2U7-68tFD207-P8NbPRukqPv4hIEZF9nr0HPJXIqiH_VI

GET
H2 200 tc_imp.gif
obseu.ofgreencolumn.com/tracker/ 43 B
79 B 57ms
55ms Image
image/gif 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obseu.ofgreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001269efc230ea4682949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d59108c692017071a10acf9f29f671a83808a0525371efe7c70068369dc33c20c335325c101005d31515cc1eb684677be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63ebb2807ff7ecaa8556d8e0e3143714493d60264f360b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf62e8ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dbe763c4325cd3fc9a794a1ef0623efe941535e68cfc748b55f64fe7d04dc549d9d36d9a6d279c9a26dc6c90cefab6cdb3f11338ae6bf2fbb9234e2bfb94248ee61bf711135782030ed092cfc9ccf3c837c465d59ef88876e37936349369209893805f2cdcf978ae0bf18200877dbf764e425ac137b60acc88a878b99723d50aea9f93df7783560b69ed55135f780668cae367b9429bcf8b22ea9e66fc9963d987eaf571cffea759613ed0ba1004cbb00a4b0ff8acba65a73386f80ffdea3cc609b22d8701c61ed6b42e824b35eeaf8e747d6a365668490955b8eb9e7ece10e41d5c493babec1a9e9c584cadaac3a8e23d84b4b3adc2a1f0af59452ea5559aa40e3ff01f3c4e892724257efc69b26405d0bd9310d639827bcfd278dfb21f84691333625e6e19f7c3e7d22078579c044495d3d9bbaccb53059eb3a17c96cf737dc4d3123c69fe8dd85621b427995e9f1ae03e8713dbc817fea631fe868bda9b5b7fece7327f9f77a58facb6109c6d590a17c02d1a04a3a94d8ef215cd9a9acd51cd868f3a105234e962cf79db14f0d93ee93416630b28616da21fd7d5215fab6edea6f236d8ca488c757ba60f0669c78c824a5e9a0eb5ca55b37a576058a02968c7f6837ac1453f848414a2ded8fa8043d2544b5c738c3d7330e0e44614fe40b28d997b9dcffe4c1d2ab0604b6518dd5514bf8be4180d82362097c6fb1e9a85fe96067cd865ec5e3508de442163c784510399dce0d5ebae01a167f77cdf24dd9d4299b8ba393dec8549de8cfeef86e1dccd2850d3a57604893593168f01a2b77eeaddc7d672bb9ac7a7b8153986ebe6e2519802dd401c630e7a9bd32b3cde65eb5dd48b2abf4e6b9b2d2c926fe0d5262af2757a4714c0b78d60&cri=2HG0n5tBZV&ts=206&cb=1731550189321
Requested by: Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Thu, 14 Nov 2024 02:09:49 GMT
pragma: no-cache
content-type: image/gif

GET
H3 200 en.json Show response
api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/ 41 KB
9 KB 62ms
62ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/en.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

a47b8f070d6b21688459f1ef92e4d4095616397f7829dc77534e28e0845185f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=48Sn/g==, md5=JjxgRFa4Ekoea+uPt8V1Kw==
etag: "263c604456b8124a1e6beb8fb7c5752b"
age: 0
x-goog-stored-content-encoding: gzip
expires: Thu, 14 Nov 2024 02:10:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8752
x-client-geo-location: DE,DESH
date: Thu, 14 Nov 2024 02:09:49 GMT
last-modified: Wed, 06 Nov 2024 08:46:23 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3KhlQE3V6uvIgO3Iabm37Y1e1NJ76PshvRI0W10gi9afU8AXFAvXy6BMkaEHDKCinB_ls
strict-transport-security: max-age=7776000
cache-control: public, max-age=1800, s-maxage=60
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730882783616567
content-length: 8752
server: UploadServer

OPTIONS
H3 200 en.json
api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/ Frame 0
0 53ms
53ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/kwvEyHMjYRQG-x/latest/en.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Nov 2024 02:09:49 GMT
expires: Thu, 14 Nov 2024 02:09:49 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DESH
x-guploader-uploadid: AHmUCY2OxpXwEoDYFNPy6rB7kUXEesfmAJIh7FW8998XyAKEkRuxqUwCb7-YEUsM_WgibkjqQPc

GET
H2 200 cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.38.5/ Frame 4DCB 0
0 112ms
38ms Document
text/html 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/4.38.5/cross-domain-bridge.html

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.bitdefender.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
age: 1427494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=2592000, no-transform
content-encoding: gzip
content-length: 1142
content-type: text/html
date: Mon, 28 Oct 2024 13:38:15 GMT
etag: "c694926fa8d9549789a56bd1df21b8a8"
expires: Wed, 27 Nov 2024 13:38:15 GMT
last-modified: Mon, 28 Oct 2024 13:37:13 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-goog-generation: 1730122633298226
x-goog-hash: crc32c=CXfLbw== md5=xpSSb6jZVJeJpWvR3yG4qA==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1142
x-guploader-uploadid: AHmUCY3KMsCIOZNh8Z1lW0TX2q1uhwJS2EML2uIQpKlCKN4iNyfaRRFndbvWBcnn-xxqxwDbxTw

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
823 B 42ms
41ms Image
image/png 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=kwvEyHMjYRQG-x

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
etag: "3702ada73b8951017b8451cbd6a96523"
age: 949
x-goog-stored-content-encoding: gzip
expires: Thu, 14 Nov 2024 02:24:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 522
date: Thu, 14 Nov 2024 01:54:00 GMT
last-modified: Fri, 08 May 2020 09:06:13 GMT
content-type: image/png
x-guploader-uploadid: AFiumC49iskrYCoNMFHddhgDBIQfjDPjQU0F0dxGpMQZmaLUaEk06rs19SmiNVQdS2IizH5K4sY5xMg-wA
strict-transport-security: max-age=7776000
cache-control: public,max-age=1800,no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1588928773413784
content-length: 522
server: UploadServer

GET
H3 200 DefaultData-d851236d-3915a171.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 2 KB
1001 B 40ms
40ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/DefaultData-d851236d-3915a171.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fcf4ad57046af8b44b9f85d4398ca15757c54cdbdecfdfdf438266ff0bd996f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=KwuzSg==, md5=1R5TzRiL1yLt+2JQXB+aRg==
etag: "d51e53cd188bd722edfb62505c1f9a46"
age: 744803
x-goog-stored-content-encoding: gzip
expires: Wed, 05 Nov 2025 11:16:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 970
date: Tue, 05 Nov 2024 11:16:26 GMT
last-modified: Tue, 05 Nov 2024 11:15:16 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2uT32UR3S0sO0hWsBwD-8gSKET-4wDAOXK2S8vyA2GT905mtYTOauo63uKToALyDqx7Ao
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805316336482
content-length: 970
server: UploadServer

GET
H3 200 translations-en.json Show response
api.usercentrics.eu/translations/ 7 KB
2 KB 38ms
38ms Fetch
application/json 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-en.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

293c213205cd107ec18a50ae1f8a7b79915117d162cc58701a575def7c295d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=8/rfvQ==, md5=3gvV2wFCHwyIlwHnbgqquQ==
etag: "de0bd5db01421f0c889701e76e0aaab9"
age: 10715
x-goog-stored-content-encoding: gzip
expires: Thu, 14 Nov 2024 23:11:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2491
x-client-geo-location: DE,DESH
date: Wed, 13 Nov 2024 23:11:14 GMT
last-modified: Mon, 07 Oct 2024 11:53:10 GMT
content-type: application/json
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6uupQNnPtZ3QTSm5M0JfMbtBPYDoJcyXoGAW-Za7GlAX56Dn4fJKRU3V035BSnK8uWcLI4IVK_Jg
strict-transport-security: max-age=7776000
cache-control: public, max-age=86400, s-maxage=86400
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728301990483385
content-length: 2491
server: UploadServer

OPTIONS
H3 200 translations-en.json
api.usercentrics.eu/translations/ Frame 0
0 52ms
52ms Preflight
text/html 35.241.3.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-en.json

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.3.241.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Nov 2024 02:09:49 GMT
expires: Thu, 14 Nov 2024 02:09:49 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: DE,DESH
x-guploader-uploadid: AHmUCY2qJ5dRQ8wvth4RoMrTYUBTr4xZP8cLgiJkU34tVHy7GE2DoHFNm93LqQkSXCANBVHTGPw

GET
H3 200 DefaultUI-ce15e383-e1d04f6d.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 2 KB
788 B 40ms
39ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/DefaultUI-ce15e383-e1d04f6d.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

a6570442910909883f637555306da7fbea96193cc7ad98ced7ee96546f542f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=BS9Q2w==, md5=8QbYrBMViKxX1UD/Xg8Jzg==
etag: "f106d8ac131588ac57d540ff5e0f09ce"
age: 537932
x-goog-stored-content-encoding: gzip
expires: Fri, 07 Nov 2025 20:44:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 757
date: Thu, 07 Nov 2024 20:44:17 GMT
last-modified: Tue, 05 Nov 2024 11:15:16 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY0ZGkas2cIclMsReQeGtb793xQUav6ACrZqLaPNCPYN9bM0279wZfsgr6Qo5ce7YFGABl-Ut_SXwA
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805316872375
content-length: 757
server: UploadServer

GET
H2 200 rules.json Show response
assets.adobetarget.com/bitdefender/production/v1/ 247 KB
31 KB 530ms
391ms Fetch
application/json 2a02:26f0:3100:2aa::294d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobetarget.com/bitdefender/production/v1/rules.json
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:2aa::294d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c724287abfe68accc1dca506cd45e6730d635f5dbea695a5bf74567df810289

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

access-control-expose-headers: x-geo-country-code, x-geo-region-code, x-geo-city, x-geo-latitude, x-geo-longitude
content-encoding: gzip
etag: "71bb05cdcbc8961d384d92c44b722e1b"
x-amz-version-id: 0E4U0X2I62e_1FlN3aScikUR0uBYJFcf
access-control-allow-methods: GET
x-geo-region-code: BY
date: Thu, 14 Nov 2024 02:09:50 GMT
x-geo-country-code: DE
last-modified: Wed, 13 Nov 2024 15:15:10 GMT
vary: Accept-Encoding
content-type: application/json
x-amz-id-2: mOvxKfl+Lu4p3wtyxG1/qkGLdhiCSxkD9LXxjmzBGy6avkghc8WQbfzMjzmmRgPUvEW+gZuEVWSPDiw6plpgwS2wfONvnN853zZV6l9YHxE=
access-control-allow-headers: *
x-amz-replication-status: COMPLETED
cache-control: max-age=60
x-geo-longitude: 11.07
x-amz-request-id: 1YW6H6VS8B8H6ZHV
accept-ranges: bytes
access-control-allow-origin: *
x-geo-latitude: 49.45
content-length: 30899
server: AmazonS3
x-geo-city: NURNBERG
x-amz-server-side-encryption: AES256

GET
H2 200 6b5af52.js Show response
www.bitdefender.com/nuxt/_nuxt/ 16 KB
6 KB 55ms
54ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/6b5af52.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfcdba5afbae138d4c89f767ee4c01cbe4e028fbf8f23a03094cbc0b728b52f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3e09-19325e3cf38"
age: 28230
cf-ray: 8e23762e0d49dbeb-FRA
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 14:18:27 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 dc63e30.js Show response
www.bitdefender.com/nuxt/_nuxt/ 37 KB
11 KB 58ms
57ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/dc63e30.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a5fe55dd93aab6db8021946a22b256d8a6719c5595507316fec2dff6d994135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"92c0-19325c99c30"
age: 43606
cf-ray: 8e23762e0d4ddbeb-FRA
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 8 KB
3 KB 164ms
163ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&pid=341979&sv=cta-embed-js-static-1.323&rdy=1&df=t&pg=6a0e254e-3407-48f7-857c-eb6a8b1ceb11&pg=199866fa-383b-44e9-8694-7bef7ce88e84

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb0de122e5a9851c483f1c454c571d16545287f51e4e74a8a55b579cfb2633a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: 92602448-013c-47c2-9c09-ac596c2c5387
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Gw93K7mSTdhuJbxZAyPkNJW6zhoxODLzlplkJaIH6Z74YmUfwu66bVFOPIIV7aU0Euv9AKPkdATl%2FjpAe4vrDJ2GtjZ4DSPxJoL4UNV6Fz6m%2FazAojRD%2Fb7f33ekR2g50RYpk5mXXAQY8StP2T014nUrOey5CImdMQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:49 GMT
x-hubspot-correlation-id: 92602448-013c-47c2-9c09-ac596c2c5387
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-zj727
x-envoy-upstream-service-time: 22
access-control-allow-credentials: true
cf-ray: 8e23762e0e8990f4-FRA
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-route-configuration: listener_https/all
content-length: 1875
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 FirstLayerCustomization-6bbfcebc-510766a4.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 3 KB
1 KB 40ms
40ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/FirstLayerCustomization-6bbfcebc-510766a4.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

1a639c6b443b17ec6c6f50d2de9487ec53d78fd91adec25c8d84f4668be31242

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/DefaultUI-ce15e383-e1d04f6d.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=5zDuVw==, md5=lzWOZHXPept9tZjFdT+38g==
etag: "97358e6475cf7a9b7db598c5753fb7f2"
age: 697981
x-goog-stored-content-encoding: gzip
expires: Thu, 06 Nov 2025 00:16:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1076
date: Wed, 06 Nov 2024 00:16:48 GMT
last-modified: Tue, 05 Nov 2024 11:15:17 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY37tEzn561BMDxxJyQIEb6_gGDCv0vC8hpcKqQDTH-CVbXLkG6C2aSx7bIvxLnjHAbz4wk
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805317367695
content-length: 1076
server: UploadServer

GET
H3 200 ButtonsCustomization-1f94048f-5b2b82fd.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 473 B
267 B 39ms
38ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/ButtonsCustomization-1f94048f-5b2b82fd.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/DefaultUI-ce15e383-e1d04f6d.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=68O2gw==, md5=vgJ3wdTQyIjUu/s0QsTS8w==
etag: "be0277c1d4d0c888d4bbfb3442c4d2f3"
age: 10715
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 23:11:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 236
date: Wed, 13 Nov 2024 23:11:14 GMT
last-modified: Tue, 05 Nov 2024 11:15:15 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY1aAIsFN6u1rva3r9wliNn0Lkca81Xu9C5fDvMk2NVMIIMlb2rW_txlx9Aa7her9zGFcdvevOjW9w
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805315557714
content-length: 236
server: UploadServer

GET
H3 200 SecondLayerUI-9cac3b05-b9b0dec2.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 567 B
354 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/SecondLayerUI-9cac3b05-b9b0dec2.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

8395d72ab340a6fb7923d93b019bffa5570553f6762dc56eeb4e5ee603ae3dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/DefaultUI-ce15e383-e1d04f6d.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=gJBPHA==, md5=7m6gQ69OlIJ09qIXD0lXyw==
etag: "ee6ea043af4e948274f6a2170f4957cb"
age: 19618
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 20:42:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 318
date: Wed, 13 Nov 2024 20:42:51 GMT
last-modified: Tue, 05 Nov 2024 11:15:18 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2FgkPBJuw57ye3kJ7Wzx4-5pz2lqJK4oTZuixVN7bwqlF_Y-6D8IL7XYRv7AYAeiKadhYLBGUd
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805318458976
content-length: 318
server: UploadServer

GET
H3 200 Taglogger-e8de1530-4e9bda1b.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 1 KB
727 B 40ms
39ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/Taglogger-e8de1530-4e9bda1b.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

fab5cda5682da8425e7110db62aa4c2163e2bbd8e2eec76139e3b1451520fa92

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=qH45TQ==, md5=poMtXIaabOq6LNkZjFw6ng==
etag: "a6832d5c869a6ceaba2cd9198c5c3a9e"
age: 407319
x-goog-stored-content-encoding: gzip
expires: Sun, 09 Nov 2025 09:01:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 687
date: Sat, 09 Nov 2024 09:01:10 GMT
last-modified: Tue, 05 Nov 2024 11:15:18 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2hcskmljH22RZqrwq65vyDnovtI7chwEJFiV9PiOAo23rdkfFdQGhPPRRqlkhMeDt9ZjCDAX6qqg
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805318979686
content-length: 687
server: UploadServer

GET
H2 200 geoip Show response
www.bitdefender.com/ 60 B
159 B 49ms
49ms Fetch
application/json 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitdefender.com/geoip
Requested by: Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/95ad8b6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94113c0342751a3fa454c377ef85f3544b273a663b1149cf82bb06a2668255b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

cf-ray: 8e23762e7d9ddbeb-FRA
content-encoding: gzip
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 6a0e254e-3407-48f7-857c-eb6a8b1ceb11.png
no-cache.hubspot.com/cta/default/341979/ 3 KB
3 KB 188ms
188ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/341979/6a0e254e-3407-48f7-857c-eb6a8b1ceb11.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/e039624.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b580d6751663a9c7176d0ac14b5cb6c83e3f60aa99f82617f1d92288e9a46b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cf-cache-status: DYNAMIC
etag: "0b7ab3ca4a64934d2adb1ae12fe31d5f"
x-amz-version-id: s5eTVFlsgxFDwIgU8E0YsVmfPMFv99Ub
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk93p6Q4rM4VvU8IS5wokCYaCGu6RknyHPQu%2F4mC9B4F3G3OjHh%2F8S60uXQmbv75XyTdx4237rEF6uPYOOtlENzibJH6z%2FrRJfnYTuwrn0SzlEFP0aSxgBjehmG0n%2BBYGhMe5tQrF28rLlpSA%2Fc%2Fdqbu"}],"group":"cf-nel","max_age":604800}
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: image/png
last-modified: Tue, 29 Oct 2024 01:39:34 GMT
x-amz-id-2: MGqAK6VRu8mbb4MouBoLKpeJqr87oZgVfthlLiMfbHM3RV/uJq9MJJ0a0AX9n2U23cQD/b+PVDk=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YTW3Z729H0HYF1H
cf-ray: 8e23762e8e9a90f4-FRA
accept-ranges: bytes
content-length: 2810
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 199866fa-383b-44e9-8694-7bef7ce88e84.png
no-cache.hubspot.com/cta/default/341979/ 3 KB
4 KB 165ms
165ms Image
image/png 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/341979/199866fa-383b-44e9-8694-7bef7ce88e84.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/e039624.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30250855f1642306e68cd0949ccbdb652ed1fa1c5b8bde4ce561325127bc300b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cf-cache-status: DYNAMIC
etag: "afa5b8c5ac07a0dcfba397c4d4cc4792"
x-amz-version-id: WzwUnIGeEbKGvys.JusS9FL__BzFxwwA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6QQ2t8pv7QH6dKIsUOhBTFUC55%2F%2FsWKFaUU9jRQvm0vEIjtc9rCLyQTtsFQkyh7DM%2FHbQWxWBLM6En3ABliKrTQuYgq9inQExjUsKBg0eb4qaPISFf%2FDOzZ42n7UCiAKX46EAeeTt8ncqDHRsgvs8k2"}],"group":"cf-nel","max_age":604800}
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: image/png
last-modified: Wed, 13 Nov 2024 15:24:15 GMT
x-amz-id-2: dag6fs3MoOcZytcDmzirL1Jui6MEzgVw/xOz97a3xx9EvSbTEbiZDr8n4BfjyZ0FOWNj8EOhOSg=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4YTV7NAV0D47YD6A
cf-ray: 8e23762e8e9b90f4-FRA
accept-ranges: bytes
content-length: 3264
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 484 KB
156 KB 100ms
49ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/eefe234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-request-id: a26dfe29-556c-485a-b9bb-9342250aede3
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53fa063fb1734ce6bb187c96e7665972"
x-amz-version-id: kLVNDW8Ykh6K0rP5.B3EI30fJIwAAkz3
age: 383
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CazwHSkFM7hNlS8tjmCqq4OW%2BaiUuQWri2OTgvSaLVPgHDCReujFy7sRFBndzO9oF68zAwtNqzWKsinEDX8LNF78whmCkXiakbACnxAByXXzudrIXheq0Vvzi%2Bey67Df"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: oJaX50K9W-JE6MejcosSAKIjJ-GnJzmAiYgUeoAiA2MUyPRt7xC5UA==
x-hubspot-correlation-id: a26dfe29-556c-485a-b9bb-9342250aede3
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Sep 2024 16:16:42 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-zcdtk
x-envoy-upstream-service-time: 1
x-hs-target-asset: forms-embed/static-1.6227/bundles/project-v2.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
x-hs-cache-status: HIT
date: Thu, 14 Nov 2024 02:09:49 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.6227/bundles/project-v2.js&cfRay=8e236cceebec9734-FRA
via: 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront)
cf-ray: 8e23762eec7cbba3-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

POST
H2 204 delivery
starget.bitdefender.com/rest/v1/ 0
98 B 62ms
61ms Ping
text/plain 66.235.152.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=81867f3dcddf479d8b8c0da2bccaa2e0&version=2.11.4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.156 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-156.data.adobedc.net

Software

jag /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 8c7f7abb-6398-49d4-abbe-939c3055f27c
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://www.bitdefender.com
date: Thu, 14 Nov 2024 02:09:49 GMT
x-xss-protection: 1; mode=block
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: jag

POST
H2 400 delivery Show response
starget.bitdefender.com/rest/v1/ 75 B
148 B 59ms
57ms XHR
application/json 66.235.152.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=81867f3dcddf479d8b8c0da2bccaa2e0&version=2.11.4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.156 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-156.data.adobedc.net

Software

jag /

Resource Hash

517d23e9beeb868f934a268f1d8ea17e6a8f35c548cd7245cf112546f6ec83c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-encoding: gzip
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://www.bitdefender.com
date: Thu, 14 Nov 2024 02:09:49 GMT
x-xss-protection: 1; mode=block
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: jag

POST
H2 400 delivery Show response
starget.bitdefender.com/rest/v1/ 75 B
139 B 56ms
54ms XHR
application/json 66.235.152.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=81867f3dcddf479d8b8c0da2bccaa2e0&version=2.11.4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.156 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-156.data.adobedc.net

Software

jag /

Resource Hash

517d23e9beeb868f934a268f1d8ea17e6a8f35c548cd7245cf112546f6ec83c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-encoding: gzip
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://www.bitdefender.com
date: Thu, 14 Nov 2024 02:09:49 GMT
x-xss-protection: 1; mode=block
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: jag

GET
H3 200 IMG_6622.jpg
businessresources.bitdefender.com/hubfs/ 183 KB
184 KB 89ms
88ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/IMG_6622.jpg

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3d0e01677feadbc19d661d9910328561fa9b3fbc0427d4b17906adb7cc8471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "25d8f84d74318c9b21c0eb13090142fd"
age: 40150
cache-tag: F-103881847921,P-341979,FLS-ALL
x-amz-version-id: G8j4q1.PKdffk_HnCG8BwBfMPLFJEg6y
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnx%2BG7KROncEI8MDmFPq0sH71QxRcRks2OTKDt4RLAk2S%2FLDcHEGgFvSSEuyq9yj3o%2FTBtYcWpqZSHknY3KVE7krVV9aXAcT7PWJhhuqMZtuHdJB%2B97vED1aMBW9rRjqgpNdqBAUPLItluMfeY98NDgfGA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: uWNnnqmP8kOfNpV2S6M6c8Vw9s_R0Z_Od_96PDCVPlp0SoEroUYaMw==
content-type: image/webp
content-disposition: inline; filename="IMG_6622.webp"
last-modified: Thu, 23 Feb 2023 21:24:16 GMT
priority: u=3,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-103881847921,P-341979,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: FDF2CMCRJWSH4NH2
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-103881847921,P-341979,FLS-ALL
content-length: 187074
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: qual=85, origFmt=jpeg, origSize=644891
date: Thu, 14 Nov 2024 02:09:49 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: qLhnkoPPsXG1vi1gSDo51G6aIL/tl9t0QHuMjox2PASW7/BDLXRleeZRECop2N0SHW7kxj6RYRo=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 fa6ccc8f7e7d948277c6904aeb2ae7a2.cloudfront.net (CloudFront)
cf-ray: 8e23762ec814e529-TXL
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
x-amz-meta-created-unix-time-millis: 1677187455379

GET
H3 200 BD_BDTD_Image-3.png
businessresources.bitdefender.com/hubfs/ 825 KB
826 KB 89ms
89ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/BD_BDTD_Image-3.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2dad223f9e4e5b2cfb90509985434d495067a5a7bb247f72cca7fa9cbc9e01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "91e0c7a953cb4092416cbebe79b87748"
age: 582207
cache-tag: F-127272939686,P-341979,FLS-ALL
x-amz-version-id: uc.5W.zDAnVusweD8AH44RpLU91ePPmK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMLEfLz1WAAoce1ITP2%2BAAqZMnVZKkDFtJB2vy6Des9D1GFnqu8OKlQzZtQqHQPHUf0XQlB5edhwoQg3UhAoDEZ1CeDPq%2BuN%2BK%2B3WQl4C3POBCQjS5V5QpnCnt8Z8%2Bg5Y3aDG5M2HyRw6%2BplSy0q2HDyaw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Sg0bnferS_6DIqnX8ZaAUtUlP7WCwNVcRCmhRNwSkE1xnwmHrItVbw==
content-type: image/webp
content-disposition: inline; filename="BD_BDTD_Image-3.webp"
last-modified: Thu, 27 Jul 2023 19:23:56 GMT
priority: u=3,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-127272939686,P-341979,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: RWTT33K854Z24XB6
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-127272939686,P-341979,FLS-ALL
content-length: 844344
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=1256484
date: Thu, 14 Nov 2024 02:09:49 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: jCFdpuLXYvTVRvtaSyEVjNeJyr+nNqdgwqpzDklHXR8pBRme+caduT3zRP6LQHLx3ei8pJ9igwM=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
cf-ray: 8e23762ec815e529-TXL
access-control-allow-origin: *
x-amz-cf-pop: VIE50-P1
x-amz-meta-created-unix-time-millis: 1690485835702

GET
H3 200 CybercrimeAbstractEye.jpg
businessresources.bitdefender.com/hubfs/ 100 KB
101 KB 55ms
55ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/CybercrimeAbstractEye.jpg

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

377257e7f31d746401274c464d238cba465da457e915c4c0fe6074a97fb38696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "5d4bbf24352b1ddd8ea10fe7601236e1"
age: 560458
cache-tag: F-182426751374,P-341979,FLS-ALL
x-amz-version-id: BI_sp12Fn_xocvMO5OeG2w4oRzvQoaaB
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7S7maqyRPTDKl2Jxn9dmjhF07TkLBuZ2Johv5RDnem%2Fn1qPIGdV6EpSybByQmd5aKXmXQ9DsDGtYGne4NHYYCk0J1ogTGPgFVFeJpoUDqAHzszPuf4fXkCHrX4aR%2FC15d1Zm24heJQGYPXHbmQkFcfrig%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: zZQ76npNroWnycJ0HjWHx-xQ7nBHmFB-7Tdp7tL9WXxEgE2Q0qgY6w==
content-type: image/webp
content-disposition: inline; filename="CybercrimeAbstractEye.webp"
last-modified: Wed, 06 Nov 2024 03:21:57 GMT
priority: u=3,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-182426751374,P-341979,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: XXMXYKYQB5Q8QED6
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-182426751374,P-341979,FLS-ALL
content-length: 102350
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: qual=85, origFmt=jpeg, origSize=536068
date: Thu, 14 Nov 2024 02:09:49 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: VJaCDKG0Ycqa7QLibiLA55jBvr74kXt0Wam6kPU3BYOD6iQzA7GVeL0jEG7wau7wPYxiqQWhu9P1BkhdiofhKe8B5M6JY6ebJ6GjlFqqC0A=
strict-transport-security: max-age=31536000
x-amz-meta-access-tag: public-indexable
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 f1e707a645d1b585e3b6fc5ef39d2e56.cloudfront.net (CloudFront)
cf-ray: 8e23762ec816e529-TXL
access-control-allow-origin: *
x-amz-cf-pop: WAW51-P1
x-amz-meta-created-unix-time-millis: 1730863316515

GET
H3 200 BD_BDTD_Image-2.png
businessresources.bitdefender.com/hubfs/ 825 KB
826 KB 57ms
57ms Image
image/webp 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/BD_BDTD_Image-2.png

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2dad223f9e4e5b2cfb90509985434d495067a5a7bb247f72cca7fa9cbc9e01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: all
cf-cache-status: HIT
etag: "91e0c7a953cb4092416cbebe79b87748"
age: 1600916
cache-tag: F-127272939629,P-341979,FLS-ALL
x-amz-version-id: fhpOUBR0gXBChu7KkXRCwAZMSYXOuyPr
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXrsodcapooeSIPW8CTSA4igfRgGLuTGVk8DrQ1Ziqj9x2D2kCEiNVNGKk8I2XWUL%2FO3kki9nOPTb56bTQogbGnTQWIc%2FVh7Kxkjbl6QUiUES%2Fjk1mauYksoDlv3Sn9Un0aoaAKW3ExIbpmIeQ%2BQBPEx2w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: hFcb2zczbaWXVX-IFbu9OnZzgw9nABJCI5DyN80EACTzIFrSrFRpZA==
content-type: image/webp
content-disposition: inline; filename="BD_BDTD_Image-2.webp"
last-modified: Thu, 27 Jul 2023 19:22:42 GMT
priority: u=3,i
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
edge-cache-tag: F-127272939629,P-341979,FLS-ALL
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
server-timing: cfExtPri
x-amz-request-id: 145EW18EHGX9H0GK
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
accept-ranges: bytes
x-amz-meta-cache-tag: F-127272939629,P-341979,FLS-ALL
content-length: 844344
x-hs-alternate-content-type: text/plain
server: cloudflare
x-amz-server-side-encryption: AES256
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
cf-polished: origFmt=png, origSize=1256484
date: Thu, 14 Nov 2024 02:09:49 GMT
vary: Accept, Accept-Encoding
x-amz-id-2: UAvkPaODNV0aP74CY6eYOxY8DG+S+oNbxgC+NioV9N785TaFZHSMIT2xfLdX1qwYCSUcWeoLyb8=
strict-transport-security: max-age=31536000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
via: 1.1 7e0d8fe3a1927ce16863bca92fb950e4.cloudfront.net (CloudFront)
cf-ray: 8e23762ec817e529-TXL
access-control-allow-origin: *
x-amz-cf-pop: OTP50-P2
x-amz-meta-created-unix-time-millis: 1690485761352

OPTIONS
H2 204 3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 129ms
45ms Preflight
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 14 Nov 2024 02:09:49 GMT
server: Google Frontend
strict-transport-security: max-age=7776000
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 6507b7f93ba4e76caad90ef6e4ed2252

POST
H2 201 3 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
87 B 48ms
46ms Fetch
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

X-Request-ID: 6cac8aa0-0ec3-4a4f-b02a-7d172da7fe35
Access-Control-Allow-Origin: *
Referer: https://www.bitdefender.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=7776000
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 14 Nov 2024 02:09:50 GMT
x-cloud-trace-context: 3d396dc7ce9058be4ea799a7c013a27c
vary: Origin
server: Google Frontend
content-type: text/html

GET
H3 200 PrivacyButton-645f74eb.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 5 KB
2 KB 46ms
45ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/PrivacyButton-645f74eb.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

b9d5cb60efaca3c6eae5d3b497e5e81d30325da6951286b161b89335d3e1f1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=kCYk/w==, md5=gWQvG8b7hWK0/YcBVc5jjw==
etag: "81642f1bc6fb8562b4fd870155ce638f"
age: 31089
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 17:31:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2448
date: Wed, 13 Nov 2024 17:31:40 GMT
last-modified: Tue, 05 Nov 2024 11:15:17 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3Y1AD41B3uo2NU9zS41MOwAJ4G5_tmOJKdC3JkQfqgz-tep6dNQFodR37tbeHmMTnsllhYYWRmzQ
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805317634615
content-length: 2448
server: UploadServer

GET
H3 200 index-a023a84e.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 2 KB
851 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/index-a023a84e.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

25bc6005e12ad5bceec69dcf022959c3b2e99274ce1871f70fac789f4abf2b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=X/FmbA==, md5=Lz+5lKUCaFX6wiPC8U//Yg==
etag: "2f3fb994a5026855fac223c2f14fff62"
age: 744796
x-goog-stored-content-encoding: gzip
expires: Wed, 05 Nov 2025 11:16:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 811
date: Tue, 05 Nov 2024 11:16:33 GMT
last-modified: Tue, 05 Nov 2024 11:15:24 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3M5j-n9w9k4VV4Ny6yzeDfHM7A0h4n1iw2N-8lrtlSWWEg4alT6G0nFw8MCgJCjSLb-i8
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805324020295
content-length: 811
server: UploadServer

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
82 KB 147ms
56ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6221907&l=dataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc7222cb978c9966ce6884c1d6333c8e2f6fea3d94bf9a85a3970cf53baea679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 02:09:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83645
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uct
uct.service.usercentrics.eu/ 35 B
250 B 145ms
59ms Image
image/gif 34.95.108.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uct.service.usercentrics.eu/uct?v=1&sid=kwvEyHMjYRQG-x&t=1&abv=&r=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&cb=1731550189887

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.108.95.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=7776000
cache-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
function-execution-id: tdwbrtcnt8ya
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: image/gif
x-cloud-trace-context: 81a20186d88c48d548b5738604655310
server: Google Frontend

GET
H2 200 cf43f35.css
www.bitdefender.com/nuxt/_nuxt/css/ 279 B
247 B 66ms
65ms Stylesheet
text/css 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/css/cf43f35.css

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2069e4f379291c013b2ac6b33c3770c98737524f80ccdfca1ea8586169622e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"117-19325c9afb8"
age: 43531
cf-ray: 8e23762f0e2cdbeb-FRA
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 3b52417.js Show response
www.bitdefender.com/nuxt/_nuxt/ 53 KB
14 KB 60ms
60ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/3b52417.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3f55fa19674af1b5251d660ea4270a44581345fd398d67b5d524756a0d162e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d597-19325c99c30"
age: 43606
cf-ray: 8e23762f0e2fdbeb-FRA
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 b8b5ed9.css
www.bitdefender.com/nuxt/_nuxt/css/ 106 B
239 B 63ms
62ms Stylesheet
text/css 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/css/b8b5ed9.css

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2207e1dfdac97cdf65dce070c145d2f8251b726777b5073bb79308e69e1a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: s-maxage=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6a-19325c9afb8"
age: 43572
cf-ray: 8e23762f0e2edbeb-FRA
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 f07d86e.js Show response
www.bitdefender.com/nuxt/_nuxt/ 45 KB
12 KB 57ms
56ms Script
application/javascript 2606:4700::6812:1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/nuxt/_nuxt/f07d86e.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/nuxt/_nuxt/89d87db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

455005635161652398dee90f5c0cdcc091e945e4c58591d829a0a4ab3df0f517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"b45f-19325c99c30"
age: 43605
cf-ray: 8e23762f0e30dbeb-FRA
date: Thu, 14 Nov 2024 02:09:49 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 13:49:50 GMT
vary: Accept-Encoding
server: cloudflare

GET cta-loaded.js
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
0

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
580 B 164ms
154ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 788300b0-ac4e-40a9-a5fc-457adaf34e9c
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 788300b0-ac4e-40a9-a5fc-457adaf34e9c
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Thu, 14 Nov 2024 02:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-kj6b9
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e23762f2d8d58de-TXL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
580 B 173ms
164ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 5f13b0b9-5e78-4479-8055-fc9e2d3f0922
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 5f13b0b9-5e78-4479-8055-fc9e2d3f0922
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Thu, 14 Nov 2024 02:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-6mlq9
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e23762f2d9058de-TXL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 index-4996a077.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 5 KB
2 KB 39ms
38ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/index-4996a077.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

4475a91121b0b2306c842f532a1ab878aa1b651a1a279b37a19c8d93c74121e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index.module.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=gRguRg==, md5=/+UVJX6YTtiQr/FeIsxLUQ==
etag: "ffe515257e984ed890aff15e22cc4b51"
age: 85112
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 02:31:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2108
date: Wed, 13 Nov 2024 02:31:17 GMT
last-modified: Tue, 05 Nov 2024 11:15:23 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2eCy1poC6tsY4FOOm5e2blFVH7zL5l6eSrxXnUCjXyxNaOvKe463CuLycDYGjthMjVVnw
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805323203526
content-length: 2108
server: UploadServer

GET
H3 200 SaveButton-bba329cc.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 1 KB
656 B 41ms
41ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/SaveButton-bba329cc.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

05676aa760e7eaa2b3cddc551f01730771837c082ec17ade03866ab30adab122

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index-4996a077.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=1YWN5Q==, md5=+dtsM541piekaRAmd4Uwhw==
etag: "f9db6c339e35a627a469102677853087"
age: 50470
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 12:08:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 616
date: Wed, 13 Nov 2024 12:08:39 GMT
last-modified: Tue, 05 Nov 2024 11:15:18 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY2mwsNC7PMqr3FRNU6tBrPoAjq_16-8TE-Xla5GY-3UaV8F3bD8IGFUjTvfCnxp9CZIiQUaGRQZGw
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805318192227
content-length: 616
server: UploadServer

GET
H3 200 VirtualServiceItem-a219c015.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 156 KB
48 KB 43ms
42ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/VirtualServiceItem-a219c015.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

04d549de2112a80d7480cc150eacc5449d4dafc73f1bf5bf4d5618877bf4e198

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index-4996a077.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=TWai7g==, md5=Aa13WiaOfKM/bGpu8ttiXQ==
etag: "01ad775a268e7ca33f6c6a6ef2db625d"
age: 744796
x-goog-stored-content-encoding: gzip
expires: Wed, 05 Nov 2025 11:16:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 48673
date: Tue, 05 Nov 2024 11:16:33 GMT
last-modified: Tue, 05 Nov 2024 11:15:19 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY0LQEhjydf_UTP_WkDTbMpHTAYHR60HpmALIDaIR6cl8mjjLJV47a_AFRGAQhqRBYsDdkw
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805319849527
content-length: 48673
server: UploadServer

GET
H3 200 DefaultTabs-a2ca0182.js Show response
app.usercentrics.eu/browser-ui/3.57.0/ 4 KB
2 KB 50ms
48ms Script
text/javascript 35.190.14.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.57.0/DefaultTabs-a2ca0182.js

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

188.14.190.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

89535a81113d9922b5ce6e3e9524aa45d39206152050b1d21c9cb1b9b03c5858

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://app.usercentrics.eu/browser-ui/3.57.0/index-4996a077.js

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=Lnh3oA==, md5=BMUKJCQRTybicL65cfwGdQ==
etag: "04c50a2424114f26e270beb971fc0675"
age: 84497
x-goog-stored-content-encoding: gzip
expires: Thu, 13 Nov 2025 02:41:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1694
date: Wed, 13 Nov 2024 02:41:32 GMT
last-modified: Tue, 05 Nov 2024 11:15:16 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY3jg5jWc8si6Jk6E06PmeTarL3rrU8w7W2ho3DkdzEqSTDOqUVFALWnkX2Y_HI9CvGKhOms6L4ueA
strict-transport-security: max-age=7776000
cache-control: public, max-age=31536000, no-transform
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730805316595746
content-length: 1694
server: UploadServer

GET
H2 200 s81441561225889
sstats.bitdefender.com/b/ss/bitdefenderproduction/1/JS-2.27.0-LEWM/ 43 B
333 B 53ms
52ms Image
image/gif 63.140.62.222
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sstats.bitdefender.com/b/ss/bitdefenderproduction/1/JS-2.27.0-LEWM/s81441561225889?AQB=1&ndh=1&pf=1&t=14%2F10%2F2024%203%3A9%3A50%204%20-60&sdid=0278327274679FDF-2D7ED06F33DE13B0&mid=79060000963424244643467657372839462948&aamlh=6&ce=UTF-8&pageName=blog%3Abusinessinsights%3Aransomware%3Ashrinklocker-decryptor-from-friend-to-foe-and-back-again&g=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&c.&p_fo=3.0&getPercentPageViewed=5.0.2&handlePPVevents=n%2Fa&apl=4.0&inList=3.0&.c&cc=USD&ch=blog&server=www.bitdefender.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=businessinsights&v1=blog%3Abusinessinsights%3Aransomware%3Ashrinklocker-decryptor-from-friend-to-foe-and-back-again&c2=ransomware&c3=shrinklocker-decryptor-from-friend-to-foe-and-back-again&v3=D%3Dc8&c4=production&v4=D%3Dc9&c5=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&c6=de&v6=D%3Dc6&c7=en&v7=D%3Dc7&c8=14%2F11%2F2024&c9=03%3A09%7C03%3A00-03%3A59%7Cthursday%7Cgmt%20%2B1&c12=undefined&c13=highestPercentViewed%3D%20%7C%20initialPercentViewed%3D%20%7C%20foldsSeen%3D%20%7C%20foldsAvailable%3D&v92=D%3Dc5&v100=67527277%3Arichardson%20%26%20associates%3Aconstruction%20and%20building%20materials%3Aengineering%20services%3Asmall%3A%241%20-%20%241m%3Asmb%3Abusiness%20services&v101=cor.gov%3Amckinney%3Aunited%20states%3Arichardson%20%26%20associates%3A%28unavailable%29%3A%28unavailable%29%3A%28unavailable%29%3A%28unavailable%29&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3718475720800731136-4618531372875777512
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 02:09:50 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Thu, 14 Nov 2024 02:09:50 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2024 02:09:50 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 410 KB
131 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=dataLayer&cx=c&gtm=45fe4bc0v9190968901za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6221907&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

173f2bff88e0f930c14500a90ced66d785b758d6dd4a02e16f1efb596b1f08ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 02:09:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134238
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
99 KB 97ms
97ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=dataLayer&cx=c&gtm=45fe4bc0v9190968901za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6221907&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32cad86da4dbc8e43c3798a23661c78c11fdc2eb5204073a643f8fc0bd27a72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 02:09:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100901
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=dataLayer&cx=c&gtm=45fe4bc0v9190968901za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6221907&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93172b2e3ba70dbe0bd07cc02a059eefc4223d61b1eac7ae621e2f1b7088d935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 02:09:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85662
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/341979/6296aa14-482c-4e42-9095-8e693b5f4caa/ 19 KB
5 KB 217ms
166ms XHR
application/json 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/341979/6296aa14-482c-4e42-9095-8e693b5f4caa/json?hs_static_app=forms-embed&hs_static_app_version=1.6227&X-HubSpot-Static-App-Info=forms-embed-1.6227

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bebd9d7d612ef1e1ceba6afe388064b05186d7a1a93b37686cc66a0f67bbdfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: c54d8304-820f-4ca2-b097-e8c95aaa8fbc
access-control-expose-headers: X-Origin-Hublet
content-encoding: gzip
cf-cache-status: DYNAMIC
x-origin-hublet: na1
access-control-allow-methods: OPTIONS, GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: c54d8304-820f-4ca2-b097-e8c95aaa8fbc
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-pjzfq
x-envoy-upstream-service-time: 16
access-control-allow-credentials: false
cf-ray: 8e237630dcbce513-TXL
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
781 B 116ms
39ms Image
image/gif 2a02:26f0:3500:887::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=4a55b566-7010-4633-9b03-7ba7735be0b6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-goog-metageneration: 1
Access-Control-Expose-Headers: *
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
Date: Thu, 14 Nov 2024 02:09:50 GMT
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Content-Type: image/gif
X-GUploader-UploadID: AFiumC4T8fO2E-USH8aIUfCqIMPbYExpJbJ_H9JwrUOZZCLMZ2xEYxjvzQc38a8k0eCKHRny_Kk
Cache-Control: public,max-age=1800
x-goog-storage-class: STANDARD
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1698061172769999
Content-Length: 35
Server: UploadServer

GET
H2 200 341979.js Show response
js-na1.hs-scripts.com/ 2 KB
813 B 65ms
56ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/341979.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1731549900000/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c29be804db7300623dca00a4ad935167e30581cc184b017ea6d01894bf1df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
age: 5850
x-content-type-options: nosniff
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: dd42b56a-0081-4b8d-bf92-2d72283d4dae
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Thu, 14 Nov 2024 00:32:20 GMT
access-control-allow-credentials: true
cf-ray: 8e237631989103f4-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.bitdefender.com
content-length: 670
server: cloudflare

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
583 B 159ms
157ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&pu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&t=ShrinkLocker+(%2BDecryptor)%3A+From+Friend+to+Foe%2C+and+Back+Again&cts=1731550190307&vi=2a33442be5ce4dbac8d19283c8180840&nc=true&u=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&b=27765283.1.1731550190305&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: bf8cad39-c552-4a53-944e-a3e62f3e378b
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2BnsDVRrqqJdBiCZLSiIpuw6fkTHYApIeYNXF4j8MH7CcQ23iGtzA9lkAELTQswr2NImSI0ZJ3fevOpvSLYBL2CTKI16dBuem4yOCmPvsKdotO55F206DM7%2BJnXODvOMIaIo3o6FjNt9hfJvjW08"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: bf8cad39-c552-4a53-944e-a3e62f3e378b
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-5v9lb
x-envoy-upstream-service-time: 6
access-control-allow-credentials: false
cf-ray: 8e2376319f1d90f4-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
580 B 188ms
187ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 41f53635-ca9a-4374-bfca-250345da0541
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 41f53635-ca9a-4374-bfca-250345da0541
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Thu, 14 Nov 2024 02:09:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-kj6b9
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e2376318f3a58de-TXL
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
570 B 155ms
154ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%226a0e254e-3407-48f7-857c-eb6a8b1ceb11%22%2C%226507900c-b4e4-4ccc-8b09-f50ae98867bf%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&pu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&t=ShrinkLocker+(%2BDecryptor)%3A+From+Friend+to+Foe%2C+and+Back+Again&cts=1731550190310&vi=2a33442be5ce4dbac8d19283c8180840&nc=true&u=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&b=27765283.1.1731550190305&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 74424ee1-66c6-45f0-b8b4-f4ad40075da8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjqnK6jRLEhvnzKn6UGn2ltzffY8uIoY1AHiHd7%2B91oO4v%2FgSAPgvmxQGHqg1ucguOmkgm02yalNYKu%2BIW%2BS4c6MIc5vkuAjKicQFT3xS1%2FtB9EGL8G5pWR4bZSwcStXwaXzsRDyBh%2BSBvlLzl9f"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 74424ee1-66c6-45f0-b8b4-f4ad40075da8
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-d86zr
x-envoy-upstream-service-time: 7
access-control-allow-credentials: false
cf-ray: 8e2376319f1c90f4-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
514 B 161ms
159ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22199866fa-383b-44e9-8694-7bef7ce88e84%22%2C%22adfd1e27-96b5-49f5-a4e1-8be05f515e28%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&pu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&t=ShrinkLocker+(%2BDecryptor)%3A+From+Friend+to+Foe%2C+and+Back+Again&cts=1731550190310&vi=2a33442be5ce4dbac8d19283c8180840&nc=true&u=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&b=27765283.1.1731550190305&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: ef5dd42e-727b-4644-8677-047ee2d529f0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwtfXFB6%2BuAEBGDObJcuwx%2BSbr0%2BvOkzCLFa18H71kocOWMTUT62SCCT4xxXchX8j9Q3U3t%2B3lx365HoukzQ%2BIlK1zop8lbpo26SXLr9j269RLuWCctEV1%2B5CjsGR32xBsDQ5Asfz1I75vliwZVr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: ef5dd42e-727b-4644-8677-047ee2d529f0
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-kjwzh
x-envoy-upstream-service-time: 8
access-control-allow-credentials: false
cf-ray: 8e2376319f1b90f4-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1004 B 166ms
166ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=341979&utk=2a33442be5ce4dbac8d19283c8180840&__hstc=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&__hssc=27765283.1.1731550190305&currentUrl=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd821fbeb6d9559c6e4f93566f5a95e10324220bc5ea1d952618231a1e3a3eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: 1fc34edc-c273-42f5-914b-0f2e1b0a6004
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJfN1sGrWOW2itNt5nr9S6UNGxmug1lC49PrIbfrhwJiOnjGt5X5dHd6j3gMzRqdxs7cLQZmk231%2Bkja8Ivrf6RfjOSRmHY6OZ09ot4RcLP%2B2fYAy192K395wWwTsjmS49p%2BPPfF4N%2BYg70pTkIW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 1fc34edc-c273-42f5-914b-0f2e1b0a6004
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-6mlq9
x-envoy-upstream-service-time: 24
access-control-allow-credentials: false
cf-ray: 8e2376319b693678-FRA
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 favicon-32x32.png
download.bitdefender.com/resources/images/favicon/ 568 B
761 B 172ms
52ms Other
image/png 2a02:26f0:3500:3::b818:4d4d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://download.bitdefender.com/resources/images/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d4d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

fab8294d35a12278bfd9179ac66940d6d77145b986fc04e5826a8521f7aa1d49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN *.bitdefender.com

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: max-age=5291
etag: "53bea05c-238"
expires: Thu, 14 Nov 2024 03:38:01 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 568
date: Thu, 14 Nov 2024 02:09:50 GMT
last-modified: Thu, 10 Jul 2014 14:17:00 GMT
content-type: image/png
server: nginx
x-frame-options: SAMEORIGIN *.bitdefender.com

POST
H2 200 mon Show response
obseu.ofgreencolumn.com/ 0
150 B 57ms
56ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.ofgreencolumn.com/mon
Requested by: Host: euob.ofgreencolumn.com
URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bitdefender.com/

Response headers

access-control-allow-origin: https://www.bitdefender.com
content-length: 0
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
540 B 153ms
145ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 749b4595-a3dc-4729-af8e-6d48686ef547
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 749b4595-a3dc-4729-af8e-6d48686ef547
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-6mlq9
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8e237631ff8758de-TXL
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 02:09:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 01:03:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 126ms
48ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_b0d39b4e_7173_408c_b819_fe0cc3482f32&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

ESF /

Resource Hash

eb47488bd134b4bb94ae925990735e57c49b537afb21d59cf4e0649c79966fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 02:09:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 14 Nov 2024 02:09:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
479 B 156ms
154ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=6296aa14-482c-4e42-9095-8e693b5f4caa&fci=b0d39b4e-7173-408c-b819-fe0cc3482f32&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&pu=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&t=ShrinkLocker+(%2BDecryptor)%3A+From+Friend+to+Foe%2C+and+Back+Again&cts=1731550190394&vi=2a33442be5ce4dbac8d19283c8180840&nc=true&u=27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1&b=27765283.1.1731550190305&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 27884459-f3c6-484b-a46d-75d4adb1c447
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6oEnLVneSVEXXuxZl7QFE51odKi7ReBhgvQ7ep4MG7IjFlKHxSFwmlh%2Ff1ESi8k1Umk6OudRgmRPh6LyWMCovx2Hdi43H0W7Y7Ms7vjXtxjfhz5ehKWQt0w514HZTtgI6NFFWQzDvRrqNG%2BDpJFN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 27884459-f3c6-484b-a46d-75d4adb1c447
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-qpwst
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8e2376321f3490f4-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
538 B 145ms
145ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

x-robots-tag: none
x-request-id: 3f45c0d1-62fa-4474-823c-ce5b7eee23e4
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:50 GMT
x-hubspot-correlation-id: 3f45c0d1-62fa-4474-823c-ce5b7eee23e4
content-type: image/gif
vary: origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-6gcth
x-envoy-upstream-service-time: 3
access-control-allow-credentials: false
cf-ray: 8e2376321f9258de-TXL
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

POST
H2 200 mon Show response
obseu.ofgreencolumn.com/ 0
16 B 55ms
54ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.ofgreencolumn.com/mon
Requested by: Host: euob.ofgreencolumn.com
URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bitdefender.com/

Response headers

access-control-allow-origin: https://www.bitdefender.com
content-length: 0
date: Thu, 14 Nov 2024 02:09:50 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 84ms
37ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://fonts.googleapis.com/

Response headers

age: 81803
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 03:26:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 03:26:27 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 101ms
53ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://fonts.googleapis.com/

Response headers

age: 155450
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 06:59:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 06:59:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 87ms
40ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://fonts.googleapis.com/

Response headers

age: 38987
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:20:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:20:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 85ms
38ms Script
text/javascript 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_b0d39b4e_7173_408c_b819_fe0cc3482f32&render=explicit&hl=en

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.bitdefender.com
Referer: https://www.bitdefender.com/

Response headers

content-encoding: gzip
age: 11372
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 23:00:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 23:00:18 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 1ADF 0
0 141ms
67ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuYml0ZGVmZW5kZXIuY29tOjQ0Mw..&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&badge=inline&cb=qxijyegb5ydf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A96ciXuAb8XIR6k7hhFh8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bitdefender.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-A96ciXuAb8XIR6k7hhFh8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 02:09:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 6296aa14-482c-4e42-9095-8e693b5f4caa Show response
forms-na1.hubspot.com/submissions-validation/v1/validate/341979/ 2 B
771 B 163ms
162ms Fetch
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/341979/6296aa14-482c-4e42-9095-8e693b5f4caa

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitdefender.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-max-age: 300
x-request-id: cc1e02c7-92c5-4b0a-8b02-c0a159b43d7c
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LWUagkbyKOhByz7QIiYmwX64EZdmfmOYgPIsJ5J5DmZM9nm8WOxBevIeUY77N4zO3CqPXwjSruIVl%2BIcJ15%2FEIQOX3uEYr1bYgJVM3dTFHkEeE7SIomNU5sjarGwbD40aQ9RSt882rvUD90debUm6Kvsw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Thu, 14 Nov 2024 02:09:51 GMT
x-hubspot-correlation-id: cc1e02c7-92c5-4b0a-8b02-c0a159b43d7c
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-kzswg
x-envoy-upstream-service-time: 22
access-control-allow-credentials: false
cf-ray: 8e2376394eb33678-FRA
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

OPTIONS
H2 200 6296aa14-482c-4e42-9095-8e693b5f4caa
forms-na1.hubspot.com/submissions-validation/v1/validate/341979/ Frame 0
0 156ms
147ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-na1.hubspot.com/submissions-validation/v1/validate/341979/6296aa14-482c-4e42-9095-8e693b5f4caa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bitdefender.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bitdefender.com
access-control-max-age: 300
allow: POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 8e2376385e573678-FRA
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Thu, 14 Nov 2024 02:09:51 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oM4xuo20ghVJcV7ElDBIBM9WFKu2WJr6B434St3DRQF247kij%2FhFSc36WpqSNVwtIH13KbLNO0jq3RXJ2F0Ng6%2Bo3I%2FWRkMn0mSHHyUnwF9QgxSgGAzcRt9DpysXh3s%2Bn2H0ahQlhr2Aoi70lEloHiIr0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-tbrhv
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: d59fc483-1199-4dbd-b8ac-d665b174477f
x-request-id: d59fc483-1199-4dbd-b8ac-d665b174477f

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame 47E0 0
0 66ms
65ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2_39Bey7_xz2ZBMK2sUozA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bitdefender.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2_39Bey7_xz2ZBMK2sUozA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 02:09:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 124ms
48ms Ping
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&scrsrc=www.googletagmanager.com&frm=0&rnd=1035823274.1731550192&npa=1&us_privacy=1YNY&gdid=dMWZhNz.dOThhZD&gtm=45fe4bc0v9190968901za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067807~102077855&tft=1731550192294&tfd=4224&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-6221907&l=dataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 130ms
45ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6M0GWNLLWF&gtm=45je4bc0v869430580za200zb9190968901&_p=1731550189883&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067554~102077855&gdid=dMWZhNz.dOThhZD&cid=234222188.1731550192&ecid=1793788937&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&uid=&dl=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again&sid=1731550190&sct=1&seg=0&dt=ShrinkLocker%20(%2BDecryptor)%3A%20From%20Friend%20to%20Foe%2C%20and%20Back%20Again&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=true&ep.geoRegion=de&ep.pageSubSection=businessinsights&ep.login_status=false&ep.source=&ep.medium=&ep.cid=&ep.page_name=blog%3Abusinessinsights%3Aransomware%3Ashrinklocker-decryptor-from-friend-to-foe-and-back-again&ep.fingerprint=&ep.siteSection=blog&ep.pageSubSubSection=ransomware&tfd=4244
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=dataLayer&cx=c&gtm=45fe4bc0v9190968901za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.bitdefender.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 02:09:52 GMT
content-type: text/plain
server: Golfe2

GET
H2

200

src=5165113;dc_pre=CNPch5Hf2okDFX34OwId81oxQg;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-fri...
ade.googlesyndication.com/ddm/activity/
Redirect Chain

https://ade.googlesyndication.com/ddm/activity/src=5165113;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decry...
https://ade.googlesyndication.com/ddm/activity/src=5165113;dc_pre=CNPch5Hf2okDFX34OwId81oxQg;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbus...

42 B
118 B

75ms
74ms

Image
image/gif

216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/src=5165113;dc_pre=CNPch5Hf2okDFX34OwId81oxQg;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again;gdid=dMWZhNz.dOThhZD;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bc0v9171448788za200zb9190968901;gcs=G100;gcd=13p3pPp2p5l1;dma_cps=-;dma=1;tag_exp=101925629~102067554~102077855;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again?

Protocol

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.bitdefender.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 14 Nov 2024 02:09:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ade.googlesyndication.com/ddm/activity/src=5165113;dc_pre=CNPch5Hf2okDFX34OwId81oxQg;type=na-c;cat=allpages;ord=7274564520157;npa=1;u2=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again;gdid=dMWZhNz.dOThhZD;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bc0v9171448788za200zb9190968901;gcs=G100;gcd=13p3pPp2p5l1;dma_cps=-;dma=1;tag_exp=101925629~102067554~102077855;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com%2Fen-gb%2Fblog%2Fbusinessinsights%2Fshrinklocker-decryptor-from-friend-to-foe-and-back-again?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 14 Nov 2024 02:09:52 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame DE17 0
0 117ms
38ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.bitdefender.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=dataLayer&cx=c&gtm=45fe4bc0v9190968901za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 188764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 21:43:48 GMT
expires: Tue, 11 Nov 2025 21:43:48 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 mon Show response
obseu.ofgreencolumn.com/ 0
39 B 59ms
57ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.ofgreencolumn.com/mon
Requested by: Host: euob.ofgreencolumn.com
URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bitdefender.com/

Response headers

access-control-allow-origin: https://www.bitdefender.com
content-length: 0
date: Thu, 14 Nov 2024 02:09:52 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obseu.ofgreencolumn.com/ 0
39 B 58ms
56ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.ofgreencolumn.com/mon
Requested by: Host: euob.ofgreencolumn.com
URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bitdefender.com/

Response headers

access-control-allow-origin: https://www.bitdefender.com
content-length: 0
date: Thu, 14 Nov 2024 02:09:54 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obseu.ofgreencolumn.com/ 0
39 B 58ms
56ms XHR
application/json 2a05:d018:56f:b800:f42c:e894:1fb0:3740
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://obseu.ofgreencolumn.com/mon
Requested by: Host: euob.ofgreencolumn.com
URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b800:f42c:e894:1fb0:3740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bitdefender.com/

Response headers

access-control-allow-origin: https://www.bitdefender.com
content-length: 0
date: Thu, 14 Nov 2024 02:09:59 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cta-service-cms2.hubspot.com
URL: https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=341979&pg=6a0e254e-3407-48f7-857c-eb6a8b1ceb11&lt=1731550188417&dt=1731550188418&at=1731550189915&ae=1&sl=1&an=1

Domain: cta-service-cms2.hubspot.com
URL: https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=341979&pg=199866fa-383b-44e9-8694-7bef7ce88e84&lt=1731550188418&dt=1731550188418&at=1731550189916&ae=1&sl=1&an=1

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 05:18:22	Name: _GRECAPTCHA Value: 09ANOXeZwig4eNx9_wmgIAS6QdFQx5oHu9I_WOsz-E52w6eHdNFuOWfBs5nHB6EMG4ZKLEIbzsTZjo0Gpmosj-eiE
.businessresources.bitdefender.com/	1970-01-21 00:59:11	Name: __cf_bm Value: T.U1DTTOsVqpUjz1LimnpB_hDdfHor6.nbNCEgJkepc-1731550188-1.0.1.1-uF7YONPrGPadbwLSjvk7gkD2UyXoa0FqGBEG19fDkcQXvZUjLNykFNXUubADlJBpiKTHdueGL9YoS3jQcMzxhg
.businessresources.bitdefender.com/	1969-12-31 23:59:59	Name: __cfruid Value: a461d6d392fe1d1afcf3ba313ce341c65c08fb74-1731550188
www.bitdefender.com/	1969-12-31 23:59:59	Name: tagit_session Value: 1
.hubspot.com/	1970-01-21 00:59:11	Name: __cf_bm Value: WPX5at1Otuijy4cN5G8QIGe.uETv1onq0ugsx87Xn_8-1731550188-1.0.1.1-f53_X1p3XxS_uWp0hj1MnoI720HSZgs5EzbIITeuI1AlR6LpS_48bBqAYaYq1kDfKPt3RJJ.FnkRH_5xs73WMQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HRGgl80A1sHIgmONK1Y6sVu8FgVk3tH7BldEsjl4Vw4-1731550188620-0.0.1.1-604800000
.bitdefender.com/	1969-12-31 23:59:59	Name: at_check Value: true
www.bitdefender.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0lpn1t4apf8psj1lgv086obsn1
.bitdefender.com/	1970-01-21 09:44:46	Name: bd112 Value: i44FAA%3D%3D
.demdex.net/	1970-01-21 05:18:22	Name: demdex Value: 79079371826660171113465233804158089955
.bitdefender.com/	1969-12-31 23:59:59	Name: AMCVS_0E920C0F53DA9E9B0A490D45%40AdobeOrg Value: 1
www.bitdefender.com/	1970-01-21 01:09:14	Name: AWSALB Value: VDMQAgtfzeLkFa3H4PkekNbLwiWOeogM9kJLrfS+Rq2lmxqb0RF1xCrknnR7iheAqvFOvUvTfnusj+QrJ8olGcSdCzNfngxJkUscEj+gxKYEKQ1xBpUfBwOfjwXX
www.bitdefender.com/	1970-01-21 01:09:14	Name: AWSALBCORS Value: VDMQAgtfzeLkFa3H4PkekNbLwiWOeogM9kJLrfS+Rq2lmxqb0RF1xCrknnR7iheAqvFOvUvTfnusj+QrJ8olGcSdCzNfngxJkUscEj+gxKYEKQ1xBpUfBwOfjwXX
www.bitdefender.com/	1969-12-31 23:59:59	Name: tagit_params Value: %7B%22obj%22%3A%5B%5D%7D
.bitdefender.com/	1970-01-21 10:35:10	Name: s_ecid Value: MCMID%7C79060000963424244643467657372839462948
.bitdefender.com/	1970-01-21 03:10:34	Name: _cq_duid Value: 1.1731550189.UCgoTLAqrhgO6erz
.bitdefender.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1731550189.JuhTcp4DOptuYMVP
.bitdefender.com/	1970-01-21 10:35:10	Name: mbox Value: session#81867f3dcddf479d8b8c0da2bccaa2e0#1731552050\|PC#81867f3dcddf479d8b8c0da2bccaa2e0.37_0#1794794990
.dpm.demdex.net/	1970-01-21 05:18:22	Name: dpm Value: 79079371826660171113465233804158089955
.bitdefender.com/	1970-01-21 10:35:10	Name: AMCV_0E920C0F53DA9E9B0A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C20042%7CMCMID%7C79060000963424244643467657372839462948%7CMCAAMLH-1732154988%7C6%7CMCAAMB-1732154988%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1731557389s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20049%7CvVersion%7C5.5.0
.doubleclick.net/	1970-01-21 10:20:46	Name: IDE Value: AHWqTUmK_tYEENFXmxQGwdFlr5BMCU5yCc7P8vLpahOTIs8otDj0aCNi-5w6mGWqkqQ
obseu.ofgreencolumn.com/	1970-01-21 09:03:00	Name: cg_uuid Value: c133298504724b3a583f6bc024e37e39
.demdex.net/	1970-01-21 05:18:22	Name: dextp Value: 771-1-1731550189119\|1123-1-1731550189220\|129099-1-1731550189320
.hsforms.com/	1970-01-21 00:59:11	Name: __cf_bm Value: NCHwlSGD601h_r15gqGgTPvUhv5EbnjSvTwdXtuly5Q-1731550189-1.0.1.1-.Fhd0Z.bWfeoy8t78PRTxAYWe9vUasq3fjinHzzkAvqmbFF36Jigw2hW5ShLxzJH38MIfXRtrbV7wDzNuo64KA
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mZnCl.RJmEhbcKeyVoLt4U4Ge12ZVqEDXGOjUZD4dk0-1731550189332-0.0.1.1-604800000
.twitter.com/	1970-01-21 10:35:10	Name: personalization_id Value: "v1_LGmg6kGUetwJEFYoFSXPtQ=="
.hsforms.net/	1970-01-21 00:59:11	Name: __cf_bm Value: yysLZQmY5HC469mYerMrgvwbvhEgKpUsYUbqgEsEGck-1731550189-1.0.1.1-qPJTJzLauPJyJ4tehpNxMm89NJ26mKuSYqfUI1g2hPWfkyx9x4eZ1cgZsMjbPDie8OxEQ5KX3voRZnR5iJqOVQ
.bitdefender.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.bitdefender.com/	1969-12-31 23:59:59	Name: s_tp Value: 26307
.bitdefender.com/	1969-12-31 23:59:59	Name: s_ppv Value: blog%253Abusinessinsights%253Aransomware%253Ashrinklocker-decryptor-from-friend-to-foe-and-back-again%2C5%2C5%2C1200%2C1%2C21
.bitdefender.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.bitdefender.com/	1970-01-21 05:18:22	Name: __hstc Value: 27765283.2a33442be5ce4dbac8d19283c8180840.1731550190305.1731550190305.1731550190305.1
.bitdefender.com/	1970-01-21 05:18:22	Name: hubspotutk Value: 2a33442be5ce4dbac8d19283c8180840
.bitdefender.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.bitdefender.com/	1970-01-21 00:59:11	Name: __hssc Value: 27765283.1.1731550190305
.bitdefender.com/	1970-01-21 01:09:14	Name: at_geo Value: {%22latitude%22:49.45%2C%22longitude%22:11.07%2C%22countryCode%22:%22DE%22%2C%22stateCode%22:%22BY%22%2C%22city%22:%22NURNBERG%22}

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C0BD008C2A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://www.bitdefender.com/en-gb/blog/businessinsights/shrinklocker-decryptor-from-friend-to-foe-and-back-again Message: [GroupMarkerNotSet(crbug.com/242999)!:A020BE008C2A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security	error	URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js Message: Refused to create a worker from 'blob:https://www.bitdefender.com/0a330523-0e19-40b3-abc2-8fe8111a1d00' because it violates the following Content Security Policy directive: "script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com .usercentrics.eu .ofgreencolumn.com .tiktok.com .impactcdn.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://euob.ofgreencolumn.com/sxp/i/9890752fc19726fc8a394d54a189ae9f.js Message: Refused to create a worker from 'blob:https://www.bitdefender.com/e0f02b52-fe43-4481-b80a-e79a76c69170' because it violates the following Content Security Policy directive: "script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com .usercentrics.eu .ofgreencolumn.com .tiktok.com .impactcdn.com". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://js.hscta.net/cta/current.js Message: Refused to load the script 'https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=341979&pg=6a0e254e-3407-48f7-857c-eb6a8b1ceb11&lt=1731550188417&dt=1731550188418&at=1731550189915&ae=1&sl=1&an=1' because it violates the following Content Security Policy directive: "script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com .usercentrics.eu .ofgreencolumn.com .tiktok.com .impactcdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://js.hscta.net/cta/current.js Message: Refused to load the script 'https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=341979&pg=199866fa-383b-44e9-8694-7bef7ce88e84&lt=1731550188418&dt=1731550188418&at=1731550189916&ae=1&sl=1&an=1' because it violates the following Content Security Policy directive: "script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com .usercentrics.eu .ofgreencolumn.com .tiktok.com .impactcdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=81867f3dcddf479d8b8c0da2bccaa2e0&version=2.11.4 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=81867f3dcddf479d8b8c0da2bccaa2e0&version=2.11.4 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
api.company-target.com
api.hubspot.com
api.usercentrics.eu
app.usercentrics.eu
assets.adobedtm.com
assets.adobetarget.com
bitdefender.demdex.net
businessresources.bitdefender.com
cm.everesttech.net
consent-api.service.consent.usercentrics.eu
consent.cookiebot.com
consentcdn.cookiebot.com
cta-service-cms2.hubspot.com
download.bitdefender.com
dpm.demdex.net
euob.ofgreencolumn.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms-na1.hubspot.com
forms.hsforms.com
forms.hubspot.com
imgsct.cookiebot.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscta.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
no-cache.hubspot.com
obseu.ofgreencolumn.com
pagead2.googlesyndication.com
perf-na1.hsforms.com
perf.hsforms.com
region1.google-analytics.com
sstats.bitdefender.com
starget.bitdefender.com
track.hubspot.com
uct.service.usercentrics.eu
www.bitdefender.com
www.google.com
www.googletagmanager.com
www.gstatic.com
cta-service-cms2.hubspot.com
104.18.141.119
104.19.175.188
142.250.186.100
172.217.18.3
18.66.102.98
199.60.103.2
2001:4860:4802:32::36
216.58.206.34
216.58.206.35
216.58.206.66
2600:1901:0:1e38::
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:2490:2e00:d:199b:f700:93a1
2606:4700:4400::ac40:9310
2606:4700::6810:4d8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6811:26cf
2606:4700::6812:1a9
2606:4700::6812:8c11
2a00:1450:4001:802::200a
2a00:1450:4001:830::2008
2a02:26f0:1700:11::b856:6785
2a02:26f0:3100:2aa::294d
2a02:26f0:3500:3::b818:4d4d
2a02:26f0:3500:587::1e80
2a02:26f0:3500:887::f09
2a05:d018:56f:b800:f42c:e894:1fb0:3740
34.250.142.67
34.95.108.180
35.190.14.188
35.241.3.184
52.16.193.179
52.31.224.145
63.140.62.222
66.235.152.156
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
018f9e1aaada6e0c449d70167f3609fd5e8d028715e9ddf56cd5e6886d5ab140
0200a7698afae38e9385f59706f2c5966fcd943aec1b0d47597fb65f319fa2b0
025d15d52f2c00b9289a3d793ffd6cad0466270d13a79a583ed3c0ad77c7089d
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
04d549de2112a80d7480cc150eacc5449d4dafc73f1bf5bf4d5618877bf4e198
05676aa760e7eaa2b3cddc551f01730771837c082ec17ade03866ab30adab122
067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c
09c29be804db7300623dca00a4ad935167e30581cc184b017ea6d01894bf1df6
0a25589501a065c71010f4b685f20a2a283ba910b374e2ce8148c4fcd623e9a5
168fbd001832e68947238800be5e8564a5f2cb77f69e719ae238cf06b2f14678
173f2bff88e0f930c14500a90ced66d785b758d6dd4a02e16f1efb596b1f08ae
1789e6bf0f139fc89e73756237ae433989a6d27e7effe2d1771c06d2566f889b
19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb
1a639c6b443b17ec6c6f50d2de9487ec53d78fd91adec25c8d84f4668be31242
25bc6005e12ad5bceec69dcf022959c3b2e99274ce1871f70fac789f4abf2b8e
25f82b0775d468ef51478c9a5aa42a28b077dbfe94d9fa0c3ac5f1ba72975eb5
293c213205cd107ec18a50ae1f8a7b79915117d162cc58701a575def7c295d39
2a5fe55dd93aab6db8021946a22b256d8a6719c5595507316fec2dff6d994135
2f3d0e01677feadbc19d661d9910328561fa9b3fbc0427d4b17906adb7cc8471
30250855f1642306e68cd0949ccbdb652ed1fa1c5b8bde4ce561325127bc300b
32cad86da4dbc8e43c3798a23661c78c11fdc2eb5204073a643f8fc0bd27a72b
33f4a3188e5bd3946bc65cba66db7f0400a6c149acc208b4b46640af86858f61
353f8aa62bdd0bb4fd3e23bbeae004cda89a64f75a204a2a970be97aba9afa02
377257e7f31d746401274c464d238cba465da457e915c4c0fe6074a97fb38696
3cb0de122e5a9851c483f1c454c571d16545287f51e4e74a8a55b579cfb2633a
3f2069e4f379291c013b2ac6b33c3770c98737524f80ccdfca1ea8586169622e
4475a91121b0b2306c842f532a1ab878aa1b651a1a279b37a19c8d93c74121e1
455005635161652398dee90f5c0cdcc091e945e4c58591d829a0a4ab3df0f517
4a2207e1dfdac97cdf65dce070c145d2f8251b726777b5073bb79308e69e1a68
4edd782df9a9f91a556f6334dc586c1e867e35bb47697387dd3939dff706e4ff
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
517d23e9beeb868f934a268f1d8ea17e6a8f35c548cd7245cf112546f6ec83c2
544cd70158592e16161ef64866820f4ae8ce57f0a7ba035fec155743790419ad
5c724287abfe68accc1dca506cd45e6730d635f5dbea695a5bf74567df810289
6692354a1d9a4d531832e922f7e86a9e80f24562572c9dc7614a71fe5145b266
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d4e3bfb1e102e907ad6f5f5246f076fab742ee39cb36ebe516b156845c25b2e
6df38661b055073162eb91c4e3137f072e8c453ec942c6200bf460f815d6a84a
71027daca11be21c2a97986cb4d21753a57ef281680a0bbb0ab69575faa1b481
7c04d31ecc8832e8dd2fd384fb74176a4917de9106a6aea642ef9f2b7acffca5
7ddc3a8a76157b51372c1b717fdbdfa908c4bd5fff1938a1505327e629ca4a1c
831b25d2cf0066937657444e6d8366c0e51af9ac0989def0613358d48bd45b88
8395d72ab340a6fb7923d93b019bffa5570553f6762dc56eeb4e5ee603ae3dda
89535a81113d9922b5ce6e3e9524aa45d39206152050b1d21c9cb1b9b03c5858
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8fafbb30592c795f37772560dbe337613dd1b6bf30dda1ed65b239a2c8be22fb
93172b2e3ba70dbe0bd07cc02a059eefc4223d61b1eac7ae621e2f1b7088d935
9794ab3e466cf2a29a4ae608198096e249b1c1eb6b6b5645ccca4d409db5687d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d
a1aa30b8c2998ad91b6d0cd88fa7fa3a4c2a3e79df019cbc504e380f0aef6c47
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a371b8709abd6c7497e5714a93a4052fee7ad4f892768dc443925f58a76c5168
a47b8f070d6b21688459f1ef92e4d4095616397f7829dc77534e28e0845185f7
a6570442910909883f637555306da7fbea96193cc7ad98ced7ee96546f542f73
a75e97f2d8872e16af42be9463dc7402b6be9b30f1faf9570f11949af9b3dbcc
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
aedb13d0beb8bd4216e39942b5c69ba907d5b0c05f7dd707c3fa36842304c2b9
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15
b580d6751663a9c7176d0ac14b5cb6c83e3f60aa99f82617f1d92288e9a46b39
b9d5cb60efaca3c6eae5d3b497e5e81d30325da6951286b161b89335d3e1f1f4
be896bdbc5445ec366a8d0d81d4a553e900d73898461be6b79a7c0ac2236ef30
bebd9d7d612ef1e1ceba6afe388064b05186d7a1a93b37686cc66a0f67bbdfa3
c814d3885f6b650ae2ecb992ca5d7f46109cadfce775193c348266da540ae557
c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132
c8faaf6e7eedc667de765597806d182b050477d7e7437d2f4f7bef493fd494cd
c94113c0342751a3fa454c377ef85f3544b273a663b1149cf82bb06a2668255b
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
cd821fbeb6d9559c6e4f93566f5a95e10324220bc5ea1d952618231a1e3a3eb1
cf3acc66dc1e93289a4e806c548a6b6e1a70cb916800250c66587eb02fceb0dd
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
d51199af77f787e326e501e25099090ad66706428a3d734d8b6dbc06cf4f438d
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc7222cb978c9966ce6884c1d6333c8e2f6fea3d94bf9a85a3970cf53baea679
dfcdba5afbae138d4c89f767ee4c01cbe4e028fbf8f23a03094cbc0b728b52f4
e2dad223f9e4e5b2cfb90509985434d495067a5a7bb247f72cca7fa9cbc9e01d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e762dea4a25bf3b8c1fdae8951feaa2a41c8962e3a3145996efcfb78d79333cc
eb47488bd134b4bb94ae925990735e57c49b537afb21d59cf4e0649c79966fb2
ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6fcba961679dc6caa4209cd3b7f30a0dea98e27e7c513d410de3d67878d1613
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e
fab5cda5682da8425e7110db62aa4c2163e2bbd8e2eec76139e3b1451520fa92
fab8294d35a12278bfd9179ac66940d6d77145b986fc04e5826a8521f7aa1d49
fceba08a6bbdf2598e8f6d43e71b51854337da5f880c3fff252a25b9cd10b6ae
fcf4ad57046af8b44b9f85d4398ca15757c54cdbdecfdfdf438266ff0bd996f8
ff3f55fa19674af1b5251d660ea4270a44581345fd398d67b5d524756a0d162e
ff4f6648acadc44920e61b0f23a8b965f54d4ad9f87977e8113f5531c8f1e1b9

www.bitdefender.com Open in urlscan Pro 2606:4700::6812:1a9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

96 %HTTPS

56 %IPv6

24 Domains

47 Subdomains

39 IPs

4 Countries

4218 kBTransfer

8273 kBSize

36 Cookies

11 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bitdefender.com Open in urlscan Pro
2606:4700::6812:1a9 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

96 %
HTTPS

56 %
IPv6

24
Domains

47
Subdomains

39
IPs

4
Countries

4218 kB
Transfer

8273 kB
Size

36
Cookies

130 HTTP transactions
0 data transactions