www.sophos.com Open in urlscan Pro
23.73.229.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.readsitquick.us/els/v2/bxy0B2v0bRHa/Uy9JY3dpN3BmRmFnaW9ybXYrcUdmMWtPQlBKQlBsWk51aHhTQzBTVTdObFNOalkvOUdrL3VsVXhp...
Effective URL:
https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Submission: On November 26 via api (November 26th 2021, 12:11:19 pm UTC) from SE — Scanned from US

Summary HTTP 172 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 42 domains to perform 172 HTTP transactions. The main IP is 23.73.229.203, located in Edison, United States and belongs to AKAMAI-AS, US. The main domain is www.sophos.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on November 18th 2020. Valid for: a year.

This is the only time www.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.142.0.45 18.142.0.45	16509 (AMAZON-02) (AMAZON-02)
23	23.73.229.203 23.73.229.203	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1	23.217.149.220 23.217.149.220	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
4	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
2	2600:1400:d:5... 2600:1400:d:5a5::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	192.29.192.157 192.29.192.157	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13:699::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.226.37.39 13.226.37.39	16509 (AMAZON-02) (AMAZON-02)
2 6	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::6815:59b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	45.60.11.212 45.60.11.212	19551 (INCAPSULA) (INCAPSULA)
1	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1	151.101.248.157 151.101.248.157	54113 (FASTLY) (FASTLY)
1	151.101.129.2 151.101.129.2	54113 (FASTLY) (FASTLY)
2	54.230.160.114 54.230.160.114	16509 (AMAZON-02) (AMAZON-02)
2	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
63	54.230.162.16 54.230.162.16	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.52.162.190 23.52.162.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	3.230.50.184 3.230.50.184	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
3 3	2620:109:c002... 2620:109:c002::6cae:a0e	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.37.79 13.226.37.79	16509 (AMAZON-02) (AMAZON-02)
2 2	34.225.131.76 34.225.131.76	14618 (AMAZON-AES) (AMAZON-AES)
2 4	13.225.63.113 13.225.63.113	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	18.235.43.134 18.235.43.134	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	23.204.152.10 23.204.152.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2600:141b:13:... 2600:141b:13::17d7:82d3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:141b:13:... 2600:141b:13::17d7:82da	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
6	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
1	13.225.63.112 13.225.63.112	16509 (AMAZON-02) (AMAZON-02)
172	47

1 18.142.0.45 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-0-45.ap-southeast-1.compute.amazonaws.com

links.readsitquick.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.73.229.203 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-229-203.deploy.static.akamaitechnologies.com

www.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.217.149.220 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-149-220.deploy.static.akamaitechnologies.com

img03.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4023:1404::9d (Columbus, United States) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d:5a5::11a6 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
173e255b.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.192.157 (Amsterdam, Netherlands) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s1777052651.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:699::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.37.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-39.ewr53.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

9816844.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9570324.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:59b2 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.11.212 (United States)

ASN19551 (INCAPSULA, US)

px.spiceworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.248.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.2 (United States)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 54.230.162.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-16.ewr53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.50.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-50-184.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:109:c002::6cae:a0e (United States) 3 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.37.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-37-79.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.131.76 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-131-76.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.63.113 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-113.ewr53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.43.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-43-134.compute-1.amazonaws.com

6025286.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.204.152.10 (Edison, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-10.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d3 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82da (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.186 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-112.ewr53.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	driftt.com js.driftt.com	881 KB
23	sophos.com www.sophos.com	1 MB
11	doubleclick.net 5 redirects stats.g.doubleclick.net 9816844.fls.doubleclick.net 9570324.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	22 KB
9	bing.com bat.bing.com	11 KB
6	drift.com metrics.api.drift.com bootstrap.api.drift.com	466 B
6	adsrvr.org 1 redirects js.adsrvr.org insight.adsrvr.org match.adsrvr.org	9 KB
6	cookielaw.org cdn.cookielaw.org	122 KB
5	company-target.com 2 redirects api.company-target.com segments.company-target.com	3 KB
5	linkedin.com 5 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
5	google.com www.google.com adservice.google.com	2 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net	1 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	65 KB
4	googletagmanager.com www.googletagmanager.com	161 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	facebook.net connect.facebook.net	133 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	715 B
2	facebook.com www.facebook.com	497 B
2	rlcdn.com 2 redirects id.rlcdn.com	449 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	adsymptotic.com 1 redirects p.adsymptotic.com	540 B
2	yimg.com s.yimg.com	7 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	spiceworks.com px.spiceworks.com	7 KB
2	eloqua.com 1 redirects s1777052651.t.eloqua.com	1 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
1	driftcdn.com embeds.driftcdn.com	11 KB
1	akstat.io 173e255b.akstat.io	201 B
1	googleadservices.com www.googleadservices.com	15 KB
1	siteimproveanalytics.io 6025286.global.siteimproveanalytics.io	225 B
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	674 B
1	reddit.com alb.reddit.com	125 B
1	zoominfo.com ws.zoominfo.com	675 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	redditstatic.com www.redditstatic.com	8 KB
1	licdn.com snap.licdn.com	2 KB
1	siteimproveanalytics.com siteimproveanalytics.com	11 KB
1	demandbase.com scripts.demandbase.com	16 KB
1	onetrust.com geolocation.onetrust.com	406 B
1	en25.com img03.en25.com	3 KB
1	readsitquick.us 1 redirects links.readsitquick.us	289 B
172	42

	Domain	Requested by
63	js.driftt.com	www.sophos.com js.driftt.com
23	www.sophos.com	www.sophos.com
9	bat.bing.com	www.sophos.com bat.bing.com
6	cdn.cookielaw.org	www.sophos.com cdn.cookielaw.org
4	metrics.api.drift.com	js.driftt.com
4	segments.company-target.com	2 redirects www.sophos.com
4	dev.visualwebsiteoptimizer.com	www.sophos.com dev.visualwebsiteoptimizer.com
4	www.googletagmanager.com	www.sophos.com www.googletagmanager.com
3	match.adsrvr.org	js.adsrvr.org
3	px.ads.linkedin.com	3 redirects
3	connect.facebook.net	www.sophos.com connect.facebook.net
3	9570324.fls.doubleclick.net	1 redirects www.googletagmanager.com www.sophos.com
3	9816844.fls.doubleclick.net	1 redirects www.googletagmanager.com www.sophos.com
3	www.google.com	www.sophos.com
3	stats.g.doubleclick.net	2 redirects www.sophos.com
2	bootstrap.api.drift.com	js.driftt.com
2	ib.adnxs.com	2 redirects
2	www.facebook.com	www.sophos.com
2	tr.outbrain.com	amplify.outbrain.com www.sophos.com
2	adservice.google.com	9816844.fls.doubleclick.net 9570324.fls.doubleclick.net
2	id.rlcdn.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	p.adsymptotic.com	1 redirects www.sophos.com
2	s.yimg.com	www.sophos.com s.yimg.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	px.spiceworks.com	www.googletagmanager.com www.sophos.com
2	s1777052651.t.eloqua.com	1 redirects www.sophos.com
1	embeds.driftcdn.com	js.driftt.com
1	ups.analytics.yahoo.com	js.adsrvr.org
1	cm.g.doubleclick.net	1 redirects
1	figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	173e255b.akstat.io	s.go-mpulse.net
1	insight.adsrvr.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	sp.analytics.yahoo.com	www.sophos.com
1	www.googleadservices.com	www.googletagmanager.com
1	6025286.global.siteimproveanalytics.io	www.sophos.com
1	api.company-target.com	scripts.demandbase.com js.driftt.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	t.co	www.sophos.com
1	analytics.twitter.com	static.ads-twitter.com
1	q.quora.com	www.sophos.com
1	alb.reddit.com	www.sophos.com
1	amplify.outbrain.com	www.sophos.com
1	ws.zoominfo.com	www.sophos.com
1	a.quora.com	www.sophos.com
1	static.ads-twitter.com	www.sophos.com
1	www.redditstatic.com	www.sophos.com
1	snap.licdn.com	www.sophos.com
1	siteimproveanalytics.com	www.sophos.com
1	scripts.demandbase.com	www.sophos.com
1	c.go-mpulse.net	s.go-mpulse.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	s.go-mpulse.net	www.sophos.com
1	img03.en25.com	www.sophos.com
1	links.readsitquick.us	1 redirects
172	60

This site contains links to these domains. Also see Links.

Domain
www.refactr.it
home.sophos.com
partners.sophos.com
news.sophos.com
central.sophos.com
secure2.sophos.com
ai.sophos.com
support.sophos.com
docs.sophos.com
events.sophos.com
partnernews.sophos.com
secure.ethicspoint.eu
onetrust.com

Subject Issuer	Validity	Valid
www.sophos.com GlobalSign Extended Validation CA - SHA256 - G3	`2020-11-18` - `2021-12-20`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-13` - `2022-04-14`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-04` - `2021-12-03`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
quora.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.quora.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-07`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-01-27`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2021-11-11` - `2022-12-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Frame ID: E4B77E2452C19668034C43C068C2246B
Requests: 93 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/98YDQ-4R7DD-Y3XRM-CVBHP-WX4A4
Frame ID: C44C2A166EFB3E133F9F461D821C95B2
Requests: 4 HTTP requests in this frame

Frame: https://9816844.fls.doubleclick.net/activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx
Frame ID: 04EB1CBE0D97B2E0C14F9D43B943EF37
Requests: 1 HTTP requests in this frame

Frame: https://9570324.fls.doubleclick.net/activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx
Frame ID: D432971FBF51FE44471C70B96B03255C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx
Frame ID: A50E7E15FE5F779208C6BD404C06353C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx
Frame ID: A73476AAFC83E9E7BD47DD0880F1FA0B
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
Frame ID: CF649DED50378E5194846601D876AA25
Requests: 33 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
Frame ID: E8719C632C044B31F7DF855C2058C55F
Requests: 32 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0
Frame ID: 0F40EDC35AE7B23D90D336094BE7B82D
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df&google_gid=CAESEC0pbnDspGaWM3z41Rx8Foo&google_cver=1
Frame ID: 74BA8FAB65D7BBFD33CB6B177899D0EF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7574469182888486657&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df
Frame ID: BE75020B1D8D0C546BC26DC87D646C75
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=10034e7b-1203-478c-b729-1840126da8df&_origin=1&gdpr=0&gdpr_consent=
Frame ID: 5B7DFA7358A6D8DA4478A40B8990A750
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sophos 2022 Threat Report: Gravitational Force of Ransomware Black Hole Pulls in Other Cyberthreats to Create One Massive, Interconnected Ransomware Delivery System Back ButtonFilter Button

Page URL History Show full URLs

http://links.readsitquick.us/els/v2/bxy0B2v0bRHa/Uy9JY3dpN3BmRmFnaW9ybXYrcUdmMWtPQlBKQlBsWk51aHhTQzBTVTdO... HTTP 302
https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx Page URL

Page Statistics

172
Requests

95 %
HTTPS

38 %
IPv6

42
Domains

60
Subdomains

47
IPs

4
Countries

2735 kB
Transfer

7649 kB
Size

59
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.refactr.it/
Title: Refactr

Search URL Search Domain Scan URL

URL: https://home.sophos.com/
Title: Sophos Home

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/english/directory/
Title: Partner Locator

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/
Title: Sophos News

Search URL Search Domain Scan URL

URL: https://partners.sophos.com/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://central.sophos.com/
Title: Sophos Central

Search URL Search Domain Scan URL

URL: https://secure2.sophos.com/en-us/mysophos/login.aspx
Title: Licenses & Account

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/05/11/a-defenders-view-inside-a-darkside-ransomware-attack/
Title: DarkSide

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/02/16/conti-ransomware-evasive-by-nature/
Title: Conti

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/
Title: Gootloader

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/10/28/the-top-10-ways-ransomware-operators-ramp-up-the-pressure-to-pay/
Title: 10 different types

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/05/07/new-lemon-duck-variants-exploiting-microsoft-exchange-server/
Title: Lemon Duck

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/01/21/mrbminer-cryptojacking-to-bypass-international-sanctions/
Title: MrbMiner

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/03/17/mtr-in-real-time-exchange-proxylogon-edition/
Title: ProxyLogon

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/09/03/conti-affiliates-use-proxyshell-exchange-exploit-in-ransomware-attacks/
Title: ProxyShell

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/10/05/python-ransomware-script-targets-esxi-server-for-encryption/
Title: Linux

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/10/13/cryptorom-fake-ios-cryptocurrency-apps/
Title: scams

Search URL Search Domain Scan URL

URL: https://ai.sophos.com/
Title: artificial intelligence

Search URL Search Domain Scan URL

URL: https://support.sophos.com/support
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://docs.sophos.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://events.sophos.com/en-us/partnertraining
Title: Partner Training

Search URL Search Domain Scan URL

URL: https://partnernews.sophos.com/en-us/
Title: Partner News

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.eu/domain/media/en/gui/104916/index.html
Title: Speak Out

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.readsitquick.us/els/v2/bxy0B2v0bRHa/Uy9JY3dpN3BmRmFnaW9ybXYrcUdmMWtPQlBKQlBsWk51aHhTQzBTVTdObFNOalkvOUdrL3VsVXhpUSsvY3F2eXJGTzFMdTQxeW1JSEJOTXhqVDVwU1JjYVBlY0lnVy9yeEVxQUl3bkJUbmM9S0/ HTTP 302
https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=777&optin=disabled HTTP 302
https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=777&optin=disabled&elqCookie=1

Request Chain 35

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=470826117&utmhn=www.sophos.com&utme=8(4!CampaignID)9(4!0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&utmhid=105935354&utmr=-&utmp=%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&utmht=1637928670892&utmac=UA-737537-1&utmcc=__utma%3D1.1704625816.1637928671.1637928671.1637928671.1%3B%2B__utmz%3D1.1637928671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1491317871&utmredir=3&utmu=q1AAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1704625816.1637928671&jid=1491317871&_v=5.7.2dc&z=470826117

Request Chain 36

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1914212538&utmhn=www.sophos.com&utme=8(4!CampaignID)9(4!0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&utmhid=105935354&utmr=-&utmp=%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&utmht=1637928670903&utmac=UA-737537-18&utmcc=__utma%3D1.1704625816.1637928671.1637928671.1637928671.1%3B%2B__utmz%3D1.1637928671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=861189103&utmredir=3&utmmt=1&utmu=q1AgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-18&cid=1704625816.1637928671&jid=861189103&_v=5.7.2dc&z=1914212538

Request Chain 42

https://9816844.fls.doubleclick.net/activityi;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx HTTP 302
https://9816844.fls.doubleclick.net/activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx

Request Chain 43

https://9570324.fls.doubleclick.net/activityi;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx HTTP 302
https://9570324.fls.doubleclick.net/activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx

Request Chain 77

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D461060%26time%3D1637928671998%26url%3Dhttps%253A%252F%252Fwww.sophos.com%252Fen-us%252Fpress-office%252Fpress-releases%252F2021%252F11%252Fsophos-2022-threat-report.aspx%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&cookiesTest=true&liSync=true&e_ipv6=AQLNlSULyVexdwAAAX1cKB-LU5iugWw-wiJfxMiAC4mZ7rknoKfoMTXIYcUSRxbTDhP2howe HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=73aff9d7-7761-403c-9224-d4e9444863c9 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=73aff9d7-7761-403c-9224-d4e9444863c9&_expected_cookie=4c6b0e34cc6840cef6594d8bc2033eda

Request Chain 81

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAF3pk7DQZ4AACsf2CVRMw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAF3pk7DQZ4AACsf2CVRMw&verifyHash=10b92df77a9c20c13bf9d61538bc7f1be511696a

Request Chain 82

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOCdg40GEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12978-gtB-o3lIt_JWbqcypgqznBj0tYE_hEv0lsrZ63IqE HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc12978-gtB-o3lIt_JWbqcypgqznBj0tYE_hEv0lsrZ63IqE&verifyHash=bbdc940c2fc5351da9ab8aefd32de937462ac55c

Request Chain 97

https://insight.adsrvr.org/track/up?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0

Request Chain 99

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=plph574s8 HTTP 302
https://yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 100

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=plph574s8 HTTP 302
https://figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MTAwMzRlN2ItMTIwMy00NzhjLWI3MjktMTg0MDEyNmRhOGRm&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df&google_gid=CAESEC0pbnDspGaWM3z41Rx8Foo&google_cver=1

Request Chain 151

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D10034e7b-1203-478c-b729-1840126da8df HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7574469182888486657&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df

172 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sophos-2022-threat-report.aspx Show response
www.sophos.com/en-us/press-office/press-releases/2021/11/
Redirect Chain

http://links.readsitquick.us/els/v2/bxy0B2v0bRHa/Uy9JY3dpN3BmRmFnaW9ybXYrcUdmMWtPQlBKQlBsWk51aHhTQzBTVTdObFNOalkvOUdrL3VsVXhpUSsvY3F2eXJGTzFMdTQxeW1JSEJOTXhqVDVwU1JjYVBlY0lnVy9yeEVxQUl3bkJUbmM9S0/
https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

46 KB
17 KB

930ms
236ms

Document
text/html

23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

9cf223a251f6471177739226d78debb1803735c527ff9106ba420c92e53d632e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

content-type: text/html; charset=utf-8
last-modified: Mon, 08 Nov 2021 12:18:15 GMT
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=10886400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-akamai-transformed: 9 - 0 pmb=mTOE,4mRUM,2
expires: Fri, 26 Nov 2021 12:11:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 26 Nov 2021 12:11:09 GMT
content-length: 15061
server-timing: cdn-cache; desc=HIT edge; dur=10
link: <https://cdn.cookielaw.org>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect"
edge-sophos-cookie-lang: en-us

Redirect headers

Date: Fri, 26 Nov 2021 12:11:08 GMT
Content-Length: 0
Connection: keep-alive
location: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
content-language: en-US
x-envoy-upstream-service-time: 5
server: istio-envoy

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 285ms
94ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 1785
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Mon, 22 Nov 2021 20:32:32 GMT
server: cloudflare
etag: 0x8D9ADF735C33F25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8224d4d9-d01e-00dc-26ea-df8ab5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b43048c1fec5313-LAX

GET
H2 200 global.js Show response
www.sophos.com/scripts/bundles/ 1 MB
239 KB 15ms
0ms Script
text/javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/scripts/bundles/global.js?v=8

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e082114935d9b850c6d4df817a4d79d7c80de3f90ff5ae808e6be2232513052

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 279
strict-transport-security: max-age=10886400
content-encoding: br
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 18
sophos-redirection: 508
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 243393
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
x-akamai-http2-push: 1
last-modified: Fri, 19 Nov 2021 15:44:51 GMT
etag: c70789f6141e56e1a1d92867e68934c4
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public, max-age=557057
date: Fri, 26 Nov 2021 12:11:09 GMT
expires: Thu, 02 Dec 2021 22:55:26 GMT

GET
H2 200 Global.css
www.sophos.com/Styles/Bundles/ 500 KB
80 KB 15ms
0ms Stylesheet
text/css 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/Styles/Bundles/Global.css?v=11

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

095cef01d97174531cc4396240f52e552aac3aaaf9c7e80aafa955c132e10037

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
sophos-redirection: 509
server-timing: cdn-cache; desc=HIT, edge; dur=4
vary: Accept-Encoding
content-length: 81169
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
x-akamai-http2-push: 1
last-modified: Fri, 08 Oct 2021 10:21:06 GMT
etag: 7f7774180519ecacdc0e527af4c4044b
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=900
date: Fri, 26 Nov 2021 12:11:09 GMT
expires: Fri, 26 Nov 2021 12:26:09 GMT

GET
H2 200 nonhtmltracking.js Show response
www.sophos.com/en-us/medialibrary/scripts/tracking/ 2 KB
977 B 245ms
239ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/en-us/medialibrary/scripts/tracking/nonhtmltracking.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

9f3c45aae8d14cee7c2fa3bcd7604c6936a4886ff864fb743e11dc61705cd516

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 Jun 2016 10:57:40 GMT
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-ua-compatible: IE=edge
cache-control: private, max-age=900
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=40
vary: Accept-Encoding
content-length: 615
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 12:26:10 GMT

GET
H2 200 29ed1f61 Show response
www.sophos.com/akam/11/ 32 KB
11 KB 218ms
213ms Script
application/javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sophos.com/akam/11/29ed1f61
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-229-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3eea3e95139fc9bc9bec1ea1f42aeb3b70b2c587f3d2346e0599ca43243efe8f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:07:50 GMT
etag: "712b313fa678417c519ed27e40193430fa654bd2d64090f6b0afeafbd125d245"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=9
content-length: 10397
expires: Fri, 26 Nov 2021 12:11:10 GMT

GET
H2 200 WebResource.axd Show response
www.sophos.com/ 23 KB
5 KB 329ms
326ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZJOSk0UCLAIsVcp1lGhjDOtuIgnMJ-Grvo38PGQgf8V85Jrv0w2&t=637454068754849868

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 05 Jan 2021 01:27:55 GMT
date: Fri, 26 Nov 2021 12:11:09 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-ua-compatible: IE=edge
cache-control: public, max-age=30943942
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=8
vary: Accept-Encoding
content-length: 4627
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 15:43:31 GMT

GET
H2 200 WebResource.axd Show response
www.sophos.com/ 350 B
695 B 331ms
326ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/WebResource.axd?d=3WTd45ClInYAUa1dBtg1Dx3scYg9bCub9YQFIdxPHkSTB8jCCAZuRBuMGXYyiUTcH0_h7qtwgZh_UAS8UQ22cCAx3Q3OFyzyESB-cDl3avMWoV6j73u70f0iz2KiFVj0m3Ddo5IgxrGe8w9egmF4tzC1T4nGrqyOvfP2Qft-th9rBC06C1XuFLlbq1xBaG0D20oqDw2&t=637638400980000000

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

189a7158414e4fab1d24249e6eef0b73fcf61dc28c070fb90da996ca9936f111

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Aug 2021 08:48:18 GMT
date: Fri, 26 Nov 2021 12:11:09 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=30943942
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-ua-compatible: IE=edge
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 15:43:31 GMT

GET
H2 200 ScriptResource.axd Show response
www.sophos.com/ 100 KB
25 KB 334ms
329ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yN1ZvwfhxvHncooXRVKlBTvhmoCy5bupVsuGQkkLDTjm_jeXn8iO6HKP26I7IDatS8OjrL3TZARrPj65IRkIyM0vqtH5ucJW9TRfUMNR2gGqjWeoyvt0XQhPDZePYL5A24lVIUM1&t=363be08

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 15:43:39 GMT
date: Fri, 26 Nov 2021 12:11:09 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
x-ua-compatible: IE=edge
cache-control: public, max-age=30943950
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 25597
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 15:43:39 GMT

GET
H2 200 ScriptResource.axd Show response
www.sophos.com/ 39 KB
10 KB 341ms
337ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadNldxw-oCDto7EOAGJmZziNa8LT7qiasmCz0ObdMfKLRM0A-Bp6BZcpUP_cUC_iK-o_OwnHmAvTfphOefNoD-JNhN4rMOvpecOoqdhPDdFOnQg07auL3O_3RWt5JqB-KKiM6gEM1&t=363be08

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Nov 2021 15:43:39 GMT
date: Fri, 26 Nov 2021 12:11:09 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
x-ua-compatible: IE=edge
cache-control: public, max-age=30943950
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=2
vary: Accept-Encoding
content-length: 9972
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 15:43:39 GMT

GET
H2 200 CoveoJsSearchLazymin.js Show response
www.sophos.com/medialibrary/Scripts/ 704 KB
705 KB 348ms
344ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/medialibrary/Scripts/CoveoJsSearchLazymin.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

a325d69859df35ccdd1cd6a5b071bb9ef737b2775552c6c319f372a51f6fadd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Jan 2021 13:32:03 GMT
date: Fri, 26 Nov 2021 12:11:09 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: private, max-age=900
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=4
x-ua-compatible: IE=edge
content-length: 720430
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 12:26:09 GMT

GET
H2 200 sophos-logo.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/Header-Navigation/ 2 KB
1 KB 249ms
245ms Image
image/svg+xml 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/en-us/medialibrary/SophosNext/Images/Header-Navigation/sophos-logo.svg?la=en

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

a55150a4cc33c9d0e381368e1b4d6170a7fde72ecba6de0ab043b3dc43dfad73

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 192
strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
server-timing: cdn-cache; desc=HIT, edge; dur=31
content-length: 1084
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Feb 2019 19:59:02 GMT
x-frame-options: SAMEORIGIN
date: Fri, 26 Nov 2021 12:11:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=545
expires: Fri, 26 Nov 2021 12:20:15 GMT

GET
H2 200 navigation-accordian-img2.svg
www.sophos.com/en-us/medialibrary/SophosNext/Images/SophosHomePage/ 733 B
770 B 246ms
242ms Image
image/svg+xml 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/en-us/medialibrary/SophosNext/Images/SophosHomePage/navigation-accordian-img2.svg?h=34&&w=34&la=en&hash=FCE1C766C4188FD9B0E9173F3C1F0E7241DCCA05

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

517a16fedc3c2f5ba86a4c4c9567552088e1572016fc835ba0bd79e83bdd1c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 162
strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
server-timing: cdn-cache; desc=HIT, edge; dur=15
content-length: 364
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Aug 2018 15:48:35 GMT
x-frame-options: SAMEORIGIN
date: Fri, 26 Nov 2021 12:11:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=367
expires: Fri, 26 Nov 2021 12:17:17 GMT

GET
H2 200 nav-close-icon.png
www.sophos.com/en-us/medialibrary/SophosNext/Images/SophosHomePage/ 237 B
570 B 251ms
248ms Image
image/png 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/en-us/medialibrary/SophosNext/Images/SophosHomePage/nav-close-icon.png?h=24&&w=24&la=en&hash=60BCD18464B4DB8D822AA78F2AA7412BD7EF60F4

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ca76658afe65a55a56d4b0819cd3749888d68b7e8a8994f2a32f8d80166e37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 05:34:56 GMT
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, max-age=9843
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=10
x-ua-compatible: IE=edge
content-length: 237
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 14:55:13 GMT

GET
H2 200 2e456f46-6b86-42c8-be0a-01efd4471533.json Show response
cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/ 3 KB
2 KB 293ms
107ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bebf16bfa9710edb204ea20eabab3b3f736f357d23107a4270c3389e91f58ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rNeSq2ZpHvvfHoUuomYVLg==
age: 6856
vary: Accept-Encoding
content-length: 1338
x-ms-lease-status: unlocked
last-modified: Mon, 03 May 2021 14:33:58 GMT
server: cloudflare
etag: 0x8D90E407D15CA2F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3b339f35-701e-00f3-5711-e20b8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b43048e09537e7a-LAX
expires: Fri, 26 Nov 2021 16:11:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
52 KB 543ms
199ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26faeef0331646a8163e5cfc3b708a446fb7aacbeec493c27d5ca458d6b6632c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52987
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:11:10 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img03.en25.com/i/ 6 KB
3 KB 486ms
168ms Script
application/x-javascript 23.217.149.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img03.en25.com/i/elqCfg.min.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.217.149.220 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-149-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 17 Aug 2021 17:49:31 GMT
Date: Fri, 26 Nov 2021 12:11:10 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "fac3963b9093d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 26 Nov 2021 12:11:10 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 490ms
162ms Script
text/javascript 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 317
date: Fri, 26 Nov 2021 12:05:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 26 Nov 2021 14:05:53 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 303ms
103ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&f=1&r=0.8967141483531804
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gla1 /
Resource Hash: 0eabdbb05489981f7fc98f0b8a03b4b4a49a0e7da53da4ceb6c2fe8351f63aad

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 12:11:09 GMT
via: 1.1 google
server: gla1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 98YDQ-4R7DD-Y3XRM-CVBHP-WX4A4 Show response
s.go-mpulse.net/boomerang/ Frame C44C 202 KB
51 KB 511ms
168ms Script
application/javascript 2600:1400:d:5a5::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/98YDQ-4R7DD-Y3XRM-CVBHP-WX4A4
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1400:d:5a5::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: br
last-modified: Tue, 02 Nov 2021 23:00:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 header-arrow-white.svg
www.sophos.com/medialibrary/SophosNext/Images/EvolvedNavigation/ 343 B
657 B 257ms
257ms Image
image/svg+xml 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/medialibrary/SophosNext/Images/EvolvedNavigation/header-arrow-white.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

2a42c163168d9461b0bc20b3e9a1a10181ecb9f7c3d1b738903a7ee03ec36aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 138
strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 45
server-timing: cdn-cache; desc=HIT, edge; dur=49
content-length: 250
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Apr 2019 10:19:19 GMT
x-frame-options: SAMEORIGIN
date: Fri, 26 Nov 2021 12:11:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=597
expires: Fri, 26 Nov 2021 12:21:07 GMT

GET
H2 200 Hamburger.svg
www.sophos.com/medialibrary/SophosNext/Images/Navigation/2021/ 512 B
661 B 270ms
270ms Image
image/svg+xml 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/medialibrary/SophosNext/Images/Navigation/2021/Hamburger.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb75190c0b45dd7c1bfbf62ac7b6c1912ef72a53e104ca22130c06f4d6312ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 181
strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 14
server-timing: cdn-cache; desc=HIT, edge; dur=38
content-length: 254
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 27 Jan 2021 07:09:49 GMT
x-frame-options: SAMEORIGIN
date: Fri, 26 Nov 2021 12:11:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=359
expires: Fri, 26 Nov 2021 12:17:09 GMT

GET
H2 200 icon-sophos-shield.png
www.sophos.com/SophosNext/Assets/Images/ 1 KB
2 KB 351ms
349ms Image
image/png 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/SophosNext/Assets/Images/icon-sophos-shield.png

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c260937ddd7fd7dbbd098e2969d7c657a9ef854ef0458f22261447d18b5ca09

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=18, origin; dur=92
content-length: 1505
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Aug 2021 08:48:28 GMT
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=0, no-cache, no-store
etag: "0164ad39f8ad71:0"
accept-ranges: bytes
expires: Fri, 26 Nov 2021 12:11:10 GMT

GET
H2 200 sophos-shield-footer.svg
www.sophos.com/medialibrary/SophosNext/Images/Products/Icons/ 780 B
833 B 292ms
291ms Image
image/svg+xml 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/medialibrary/SophosNext/Images/Products/Icons/sophos-shield-footer.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

c348ab6de15c26b0acbf73117cc957127b32b670ea39528c659c137c35ca9b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 142
strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 45
server-timing: cdn-cache; desc=HIT, edge; dur=27
content-length: 426
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 May 2021 11:31:52 GMT
x-frame-options: SAMEORIGIN
date: Fri, 26 Nov 2021 12:11:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=810
expires: Fri, 26 Nov 2021 12:24:40 GMT

GET
H2 200 footer-down-arrow-grey.svg
www.sophos.com/medialibrary/SophosNext/Images/Navigation/Footer/ 302 B
636 B 297ms
296ms Image
image/svg+xml 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sophos.com/medialibrary/SophosNext/Images/Navigation/Footer/footer-down-arrow-grey.svg

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

31037d926621b0758c70fb400f05cd1bf962bceddd00aae8f9c9d3551858f65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 126
strict-transport-security: max-age=10886400
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 47
server-timing: cdn-cache; desc=HIT, edge; dur=31
content-length: 231
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Nov 2018 14:55:13 GMT
x-frame-options: SAMEORIGIN
date: Fri, 26 Nov 2021 12:11:10 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: private, max-age=52
expires: Fri, 26 Nov 2021 12:12:02 GMT

GET
H2 200 735D3D2CB1D74CA185D9438103FF763D.ashx
www.sophos.com/medialibrary/ 26 KB
26 KB 300ms
298ms Font
application/font-woff2 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/medialibrary/735D3D2CB1D74CA185D9438103FF763D.ashx

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
Origin: https://www.sophos.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Oct 2019 13:33:58 GMT
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: private, max-age=9250
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=18
x-ua-compatible: IE=edge
content-length: 26532
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 14:45:20 GMT

GET
H2 200 SophosSans-Light-woff2.woff2
www.sophos.com/medialibrary/Files/Fonts/ 25 KB
25 KB 305ms
303ms Font
application/font-woff2 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/medialibrary/Files/Fonts/SophosSans-Light-woff2.woff2

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/Styles/Bundles/Global.css?v=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sophos.com/Styles/Bundles/Global.css?v=11
Origin: https://www.sophos.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Oct 2019 13:28:18 GMT
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: private, max-age=9537
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=13
x-ua-compatible: IE=edge
content-length: 25316
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 14:50:07 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 190 B
406 B 319ms
112ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdfd83fd2d571329ff1a83795db1249cf059e106f0eeffcbf8b2d0816c599cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b4304900f977b59-LAX

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Searchbox.js Show response
www.sophos.com/medialibrary/Scripts/ 69 KB
16 KB 208ms
208ms Script
application/x-javascript 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/medialibrary/Scripts/Searchbox.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/medialibrary/Scripts/CoveoJsSearchLazymin.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

a04c0733de7586e4f40c17b0f84b63ecf1da88afe01cac3067ca16fefa7b95d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Jan 2021 13:16:22 GMT
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-ua-compatible: IE=edge
cache-control: private, max-age=900
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=4
vary: Accept-Encoding
content-length: 16278
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 12:26:10 GMT

GET
H2 200 geoiphandler.axd Show response
www.sophos.com/ 93 B
849 B 290ms
290ms XHR
text/plain 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sophos.com/geoiphandler.axd

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/scripts/bundles/global.js?v=8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-73-229-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

1fb320efbb0b62786337a93ea3a71a41b8f0dbbd593c6776021903e408bbe5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400
referrer-policy: strict-origin-when-cross-origin
date: Fri, 26 Nov 2021 12:11:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-content-type-options: nosniff
server-timing: cdn-cache; desc=MISS, edge; dur=75, origin; dur=12
x-ua-compatible: IE=edge
content-length: 93
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 12:11:10 GMT

GET
H3 200 va-227a5d9759ade9c7907a6afef1f5e6bb.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 218 KB
62 KB 199ms
98ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-227a5d9759ade9c7907a6afef1f5e6bb.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=25349&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&f=1&r=0.8967141483531804
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gla1 /
Resource Hash: 53ffa8bfd1d1e4f412c5cf0f3ed9bef23e43af5db5315e0fd13d0fe4376b8d52

Request headers

Referer: https://www.sophos.com/
Origin: https://www.sophos.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: br
last-modified: Thu, 25 Nov 2021 08:25:27 GMT
server: gla1
etag: "619f4877-f81e"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63518
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 167ms
167ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=25349&d=sophos.com&u=DBB6FF210ABE707C162E51D8E9E2503E1&h=53bb1184d5e547c951bf56552c6ea46c&t=false&r=0.25467804874059974

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:10 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1

200
OK

svrGP.aspx
s1777052651.t.eloqua.com/visitor/v200/
Redirect Chain

https://s1777052651.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=777&optin=disabled
https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=777&optin=disabled&elqCookie=1

49 B
448 B

282ms
281ms

Image
image/gif

192.29.192.157
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=777&optin=disabled&elqCookie=1

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

HTTP/1.1

Server

192.29.192.157 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Fri, 26 Nov 2021 12:11:11 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Fri, 26 Nov 2021 12:11:11 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s1777052651.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1777052651&ref2=elqNone&tzo=0&ms=777&optin=disabled&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 274
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 104ms
104ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Nov 2021 12:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 1080
vary: Accept-Encoding
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ca88caf2-e01e-00d4-0afa-da91c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b430490cd2a5313-LAX

GET
H2

200

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=470826117&utmhn=www.sophos.com&utme=8(4!CampaignID)9(4!0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1704625816.1637928671&jid=1491317871&_v=5.7.2dc&z=470826117

42 B
501 B

545ms
194ms

Image
image/gif

2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1704625816.1637928671&jid=1491317871&_v=5.7.2dc&z=470826117

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 12:11:11 GMT
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-1&cid=1704625816.1637928671&jid=1491317871&_v=5.7.2dc&z=470826117
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.com/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1914212538&utmhn=www.sophos.com&utme=8(4!CampaignID)9(4!0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-18&cid=1704625816.1637928671&jid=861189103&_v=5.7.2dc&z=1914212538

42 B
107 B

543ms
208ms

Image
image/gif

2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-18&cid=1704625816.1637928671&jid=861189103&_v=5.7.2dc&z=1914212538

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 12:11:11 GMT
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-737537-18&cid=1704625816.1637928671&jid=861189103&_v=5.7.2dc&z=1914212538
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 343 B
269 B 109ms
109ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=25349&settings_type=1&vn=7.0&r=0.6368593133833087
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-227a5d9759ade9c7907a6afef1f5e6bb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gla1 /
Resource Hash: 46f90271b9841971288d1544e94394877203eefcd32b2cbe2d9b03fec869a633

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:10 GMT
via: 1.1 google
server: gla1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame C44C 777 B
1 KB 1006ms
643ms XHR
application/json 2600:141b:13:699::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=98YDQ-4R7DD-Y3XRM-CVBHP-WX4A4&d=www.sophos.com&t=5459762&v=1.632.0&if=&sl=0&si=s7dvagnwxke-r36hum&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=173635
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/98YDQ-4R7DD-Y3XRM-CVBHP-WX4A4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:699::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ef120c66bc162befed856ab148da627719445c7846049a9b9d0caf1cf03aaaa3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Nov 2021 12:11:11 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 777
Content-Type: application/json

GET
H2 200 WuEFNglz.min.js Show response
scripts.demandbase.com/ 61 KB
16 KB 999ms
201ms Script
application/javascript 13.226.37.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.demandbase.com/WuEFNglz.min.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-39.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 821c1dba392245eac9a9d8709348b2e3dc9245eaeb40233a2f0d608060df20e0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: LCueR8U3D7lJgwCfemj1Slg2LluSXKrc
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 19:46:43 GMT
server: AmazonS3
age: 1279
etag: W/"b068f44152e87ccb66f40491a735aad0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a5bdbdd1958d4d023b03427095a0a97b.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Fri, 26 Nov 2021 11:49:53 GMT
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 04BISmk0VCKrH_OhJA-88zRWVobXhZYS4-QJk2tHcEyFiVKK6X4_Tg==

POST
H2 200 pixel_29ed1f61 Show response
www.sophos.com/akam/11/ 0
697 B 341ms
340ms XHR
text/html 23.73.229.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sophos.com/akam/11/pixel_29ed1f61
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/akam/11/29ed1f61
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.229.203 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-229-203.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
cache-control: max-age=0, no-cache
expires: Fri, 26 Nov 2021 12:11:11 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=50
content-length: 0
content-type: text/html

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/0ae242e1-43cf-41ee-83fe-01ec588a9590/ 83 KB
14 KB 109ms
108ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/0ae242e1-43cf-41ee-83fe-01ec588a9590/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2686f251e3a912a86ddc8a975bd4da5aeb73296d060b0d61e77a7cb94c0681f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: G5u87UyeVmi7DKED4e3JPg==
age: 6825
vary: Accept-Encoding
content-length: 14581
x-ms-lease-status: unlocked
last-modified: Mon, 03 May 2021 14:34:07 GMT
server: cloudflare
etag: 0x8D90E408234B088
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b366b636-501e-00e4-730e-e2cbec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4304936d997e7a-LAX
expires: Fri, 26 Nov 2021 16:11:11 GMT

GET
H3

200

activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpr... Show response
9816844.fls.doubleclick.net/ Frame 04EB
Redirect Chain

https://9816844.fls.doubleclick.net/activityi;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2F...
https://9816844.fls.doubleclick.net/activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.so...

684 B
465 B

363ms
193ms

Document
text/html

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9816844.fls.doubleclick.net/activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

d8808089e61d18c5c54b1be4b0d918e45cc09b748cf6af3c71c63c0750b21487

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 12:11:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 440
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 12:11:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9816844.fls.doubleclick.net/activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpre... Show response
9570324.fls.doubleclick.net/ Frame D432
Redirect Chain

https://9570324.fls.doubleclick.net/activityi;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fp...
https://9570324.fls.doubleclick.net/activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sop...

683 B
463 B

360ms
189ms

Document
text/html

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9570324.fls.doubleclick.net/activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

2a37c1581844434f8e39fa761c8691391aa38a0f3f094881fa6c4004ef11d2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 12:11:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 12:11:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9570324.fls.doubleclick.net/activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 siteanalyze_6025286.js Show response
siteimproveanalytics.com/js/ 41 KB
11 KB 638ms
422ms Script
application/javascript 2606:4700:3031::6815:59b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6025286.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:59b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63720ceb15bfc3803b058c48499e5d61ac7db2e50b0281924d10d0f1eb40033e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 03MZGAXNEBN38S1D
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10793
x-amz-id-2: v6gGgJBG83jFOluD8uuNVAJ2y0WuKBlY5hgAHwSjTw6Ih86SYDYhyZxJtUBHg8IxoGG1nNHCBFY=
last-modified: Wed, 10 Nov 2021 00:28:31 GMT
server: cloudflare
etag: "c3bf85161de1a217045afbedfcac721f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzFjWPmdtnf%2BYYcFTY3BD8fWxdbtOGHojmFlqAU1iHeC7oQVB%2Fa9ZylOX%2F01HBw5JUpb%2Fw4UT0j7OMXbNIVRhaUc4aheL9wUPwNFe6CnV48zTUpoln0anaulxwV9sR%2BlMq4jxlRzp9xq9tcqtjCK1dXa6xzE%2FMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 6b4304961eba7d7c-LAX

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
11 KB 383ms
137ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E8C7CAA289044F8903F0E4274864ED7 Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 px.js Show response
px.spiceworks.com/ 21 KB
6 KB 433ms
214ms Script
text/javascript 45.60.11.212
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://px.spiceworks.com/px.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.11.212 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a405625d3620d1ef8d74c8bdfae7a609a563854125a2e4d306b9b33083a50c7c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-iinfo: 5-107745488-107745489 NNYN CT(26 57 0) RT(1637928671345 0) q(0 0 1 0) r(1 1) U5
date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: gzip
x-cdn: Imperva
content-type: text/javascript

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 577ms
164ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 303
Date: Fri, 26 Nov 2021 12:11:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
X-EdgeConnect-MidMile-RTT: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=67363
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 485ms
156ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: DW8M6eWUHH+FSZwSF8hBU3r7CcEHhL9mumXLwSwQji45uEoRX6vop+DVhVXSvg5OyKtfiQhQMyXVOnE71J/M2Q==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Nov 2021 12:11:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 329ms
102ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:11 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 485ms
152ms Script
application/javascript 151.101.248.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.248.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 00:02:22 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200022-IAD, cache-bwi5037-BWI

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 323ms
103ms Script
text/plain 151.101.129.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 5867
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: rAtDbO0ogwXoc1unJsvoZzDij4OkpQHzTl2l8Mi0CK8/5pvBGsnVBtBPdM3alnhK6WFhHKelS2I=
x-served-by: cache-bwi5131-BWI, cache-sna10737-LGB
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1637928672.711900,VS0,VE0
date: Fri, 26 Nov 2021 12:11:11 GMT
vary: Accept-Encoding
x-amz-request-id: A5967NHPSXM55SSW
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 286

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 511ms
174ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 00:00:19 GMT
Via: 1.1 977bceb85b0d96fff42219b533149c4d.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 43854
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C3
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: LELCeGufFBV0rAdIbt7kAuyVh4qwAUH_gnTbSN3YHXoAPFYk48fc8w==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 492ms
166ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 26 Nov 2021 11:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1567
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: VZQIQBXHK12GMDWpl7WDNfdHuqUERQtsSRr40UK9jFWnqmlmmz+8G1rno2gEKOzs++B7wU68sSw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 4WWZVNHXSR8FF635
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 371ms
188ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9570324

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48eef0addb763db2a4ae796eec3a919b828e0390bd0c861af7a06414b86c337b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35969
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:11:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 374ms
192ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-743773256

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a25170b5578740e88d72fa7b23cd8e4294c901a944e4f97a5df9d9ab09dc767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39584
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:11:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 505ms
323ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9816844

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-556N8KS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13c73ba36d1b267eb4a9d1d6d68237e7722436e211648a23559afe480137910e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35968
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:11:11 GMT

GET
H2 200 w7p4sauc2iyi.js Show response
js.driftt.com/include/1637928900000/ 218 KB
62 KB 575ms
221ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1637928900000/w7p4sauc2iyi.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

67193e1f8b13691632f81cb4ff92b09955e911cb7760b990eff3c1c258f02266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 20:20:52 GMT
server: nginx
etag: W/"c722ecfa8c7c3bf3cbfc80ed0fb8531e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sUxHf9xgcpk8tCBmFbUB42ClXLES_ITY
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CfXHc2fzpf7PU8ORUo9sDi4Fqg6Yn896uM0SiowqdM1y-ggYdxN7Xg==

GET
H2 200 6171aa8f08a9730012fba12a Show response
ws.zoominfo.com/pixel/ 0
675 B 451ms
250ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6171aa8f08a9730012fba12a

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6b430498eb627d4a-LAX
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
3 KB 495ms
169ms Script
application/x-javascript 23.52.162.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 12:12:10 GMT
Server: AkamaiNetStorage
ETag: "973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3150
Expires: Fri, 26 Nov 2021 12:31:12 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 112ms
111ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 6825
vary: Accept-Encoding
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c061f079-d01e-0179-740e-e2f7f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4304950ef77e7a-LAX

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/ 46 KB
12 KB 118ms
117ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 26 Nov 2021 12:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2Zi7TemSsXHh6hY5sI0Yeg==
age: 6825
vary: Accept-Encoding
content-length: 11890
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:50 GMT
server: cloudflare
etag: 0x8D910C574C4FC1A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 72e5ebae-b01e-004f-7e0e-e21cfe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b4304950efb7e7a-LAX

GET
H2 200 activityi;register_conversion=1;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases...
9816844.fls.doubleclick.net/ 0
0 176ms
174ms Image
text/html 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9816844.fls.doubleclick.net/activityi;register_conversion=1;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%...
9570324.fls.doubleclick.net/ 0
0 178ms
176ms Image
text/html 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9570324.fls.doubleclick.net/activityi;register_conversion=1;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 402ms
189ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1637928671780&id=t2_3ktgjz9h&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=6ca6e999-7e33-4486-8764-2850b53dfd15&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/6bed874137d04358a290eecc797a0cd6/ 43 B
424 B 674ms
160ms Image
image/gif 3.230.50.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/6bed874137d04358a290eecc797a0cd6/pixel?j=1&u=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&tag=ViewContent&ts=1637928671789

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.50.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-50-184.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,d6690b8c76b0efb113a539bdaa88745e,10.0.0.219,11238,193.37.254.157,,130847421231,1,1637928672.630,0.001,,.,0,0,0.000,0.000,-,0,0,203,233,116,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 204 4015302.js Show response
bat.bing.com/p/action/ 0
111 B 199ms
199ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4015302.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Nov 2021 12:11:11 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 899C075E7A9D49E7A35CBBEF7FA6C566 Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 127ms
127ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4015302&Ver=2&mid=67b045d6-e50b-42a2-9da9-bd56f6e28d27&sid=f205ffe04eb111eca43781a8682471ba&vid=f20640a04eb111ec8e0465521aa5cca8&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive,%20Interconnected%20Ransomware%20Delivery%20System&p=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&r=&lt=2213&evt=pageLoad&msclkid=N&sv=1&rn=359763
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE8EED59F47A47A2AD4C048237AF8E4B Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25073712.js Show response
bat.bing.com/p/action/ 0
93 B 205ms
204ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25073712.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Nov 2021 12:11:11 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9648287CBA9442C4800C5547D1F72537 Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 131ms
131ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25073712&Ver=2&mid=f49c8948-97cc-4a7b-bd1c-eb4cc1dffb46&sid=f205ffe04eb111eca43781a8682471ba&vid=f20640a04eb111ec8e0465521aa5cca8&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive,%20Interconnected%20Ransomware%20Delivery%20System&p=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&r=&lt=2213&evt=pageLoad&msclkid=N&sv=1&rn=133520
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D94D021BD9D47958B65955C80127E01 Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25073713.js Show response
bat.bing.com/p/action/ 0
92 B 203ms
203ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25073713.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Nov 2021 12:11:11 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AA864314E0EF4BD9A734242D5913C5B4 Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
93 B 128ms
127ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25073713&Ver=2&mid=9211881b-55bd-4eb4-a70c-e9ecb9901088&sid=f205ffe04eb111eca43781a8682471ba&vid=f20640a04eb111ec8e0465521aa5cca8&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive,%20Interconnected%20Ransomware%20Delivery%20System&p=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&r=&lt=2213&evt=pageLoad&msclkid=N&sv=1&rn=740331
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55D0235020F84663A2105A818508840F Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 26089927.js Show response
bat.bing.com/p/action/ 0
91 B 209ms
208ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26089927.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Nov 2021 12:11:11 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C0A0AB2813640A4A9B220F279160AE3 Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
94 B 127ms
127ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26089927&Ver=2&mid=42921bb2-feb5-465f-8868-d2deb8e42e72&sid=f205ffe04eb111eca43781a8682471ba&vid=f20640a04eb111ec8e0465521aa5cca8&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive,%20Interconnected%20Ransomware%20Delivery%20System&p=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&r=&lt=2213&evt=pageLoad&msclkid=N&sv=1&rn=582414
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02502A7BAA424175AB61143D69EAA63E Ref B: SJCEDGE0412 Ref C: 2021-11-26T12:11:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9shj
px.spiceworks.com/px/ 42 B
512 B 127ms
126ms Image
image/gif 45.60.11.212
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.spiceworks.com/px/9shj?buster=50346&pxref=&consent=true&_fpv=2.4&_fpt=2&_fp2=6dfc35e0f6ff41506ecc60ab789ca096
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.11.212 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-iinfo: 5-107745501-107745489 PNNN RT(1637928671587 0) q(0 0 0 -1) r(1 1) U5
date: Fri, 26 Nov 2021 12:11:11 GMT
x-cdn: Imperva
content-length: 42
content-type: image/gif

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 376ms
127ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4apa&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=127a5d9d-1ef0-40a3-8d1b-9f35751ca733&tw_document_href=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_a /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 13
pragma: no-cache
last-modified: Fri, 26 Nov 2021 12:11:12 GMT
server: tsa_a
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d7e251851cc7f54d42532f091a2bf35defb33d66a9700974c73ec0efe4fe1942
x-transaction: 08d54091635ae6a3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 377ms
124ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4apa&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=127a5d9d-1ef0-40a3-8d1b-9f35751ca733&tw_document_href=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_a /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 8
pragma: no-cache
last-modified: Fri, 26 Nov 2021 12:11:12 GMT
server: tsa_a
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9be292a76f66c4888c4d104e99d1c5c999b647bd96adb60275a4bc71f5b709cc
x-transaction: 4483665bdbef95f2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&co...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D461060%26time%3D1637928671998%26url%3Dhttps%253A%252F%252Fwww.sophos.com%252Fen-u...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&co...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=461060&time=1637928671998&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&c...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=73aff9d7-7761-403c-9224-d4e9444863c9
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=73aff9d7-7761-403c-9224-d4e9444863c9&_expected_cookie=4c6b0e34cc6840cef6594d8b...

43 B
142 B

165ms
164ms

Image
image/gif

104.18.99.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=73aff9d7-7761-403c-9224-d4e9444863c9&_expected_cookie=4c6b0e34cc6840cef6594d8bc2033eda
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: H2
Server: 104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b4304a57819523f-LAX
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=73aff9d7-7761-403c-9224-d4e9444863c9&_expected_cookie=4c6b0e34cc6840cef6594d8bc2033eda
date: Fri, 26 Nov 2021 12:11:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b4304a47ebb523f-LAX
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 323ms
164ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: tu9GQHS3BUrqUO/YU2WI0xfMt+uvkaQIuIrBDoEgRrW2xSh41Fxmv11Gq9KwEJyvVxAvBDveN/DOKxyCA72fiw==
x-frame-options: DENY
date: Fri, 26 Nov 2021 12:11:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 334990480506518 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 427ms
270ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/334990480506518?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3d1fc2626c6ea0973dee40f4ea950ab4b64b405302f3d96fe92088f219376a9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88931
x-xss-protection: 0
pragma: public
x-fb-debug: NVEFXB3kW/q0Q1p/1izdTnO5B8xg7igmiUc6uulhQDBLg7xxh401SpPaX7Yy3tpR67Jp//deAGXYq5YCHMCxjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Nov 2021 12:11:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 435 B
942 B 556ms
209ms XHR
application/json 13.226.37.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&page_title=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&src=tag&key=f2514e2223f271de300b1908c2c90c911bed78d7
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/WuEFNglz.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.37.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-37-79.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 6d3c4628c0179519b756999976351d516b79bc9efa6c4275ac4fbca8ce0f50a8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: 95e2b407-4d98-4406-a46f-c4acb3cf5550
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.sophos.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 ba636ce43f1cebcb0c172b8070a33b15.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bN5KGcK8OW1KbLr84FBc0HAMRbLoIYUgeYzi8AFDkodeP2u4PVtqTg==
expires: Thu, 25 Nov 2021 12:11:12 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAF3pk7DQZ4AACsf2CVRMw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAF3pk7DQZ4AACsf2CVRMw&verifyHash=10b92df77a9c20c13bf9d61538bc7f1be511696a

26 B
409 B

194ms
158ms

Image
image/gif

13.225.63.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAF3pk7DQZ4AACsf2CVRMw&verifyHash=10b92df77a9c20c13bf9d61538bc7f1be511696a
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: HTTP/1.1
Server: 13.225.63.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-113.ewr53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
Via: 1.1 17a79dcb426270de1bedb2a8dbcb8f73.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 217240efa3caa1a0
X-Amz-Cf-Id: 0NCTfhWtjsvUXUCNHETygmVOT2qc6qIF8b9S76xxOR-OqNZ3Lgvxzg==

Redirect headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
Via: 1.1 17a79dcb426270de1bedb2a8dbcb8f73.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAF3pk7DQZ4AACsf2CVRMw&verifyHash=10b92df77a9c20c13bf9d61538bc7f1be511696a
Connection: keep-alive
trace-id: 9d6185a7b629a6cb
Content-Length: 0
X-Amz-Cf-Id: ZMLG-uMsUNlDI-25lrVDSo3Wxs0BLWWgacD60NEj3EzlxTPeRXB9Ww==

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOCdg40GEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12978-gtB-o3lIt_JWbqcypgqznBj0tYE_hEv0lsrZ63IqE
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc12978-gtB-o3lIt_JWbqcypgqznBj0tYE_hEv0lsrZ63IqE&verifyHash=bbdc940c2fc5351da9ab8aefd32de937462ac55c

26 B
409 B

321ms
159ms

Image
image/gif

13.225.63.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc12978-gtB-o3lIt_JWbqcypgqznBj0tYE_hEv0lsrZ63IqE&verifyHash=bbdc940c2fc5351da9ab8aefd32de937462ac55c
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: HTTP/1.1
Server: 13.225.63.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-113.ewr53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
Via: 1.1 17a79dcb426270de1bedb2a8dbcb8f73.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 6a9d2560bc0ed0ea
X-Amz-Cf-Id: XWTWgqWXNxzGmBY9eysz4m0vdmTtIZ7VJx8Z2HJ3Py0NM2Tjj0cuVg==

Redirect headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
Via: 1.1 17a79dcb426270de1bedb2a8dbcb8f73.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=liveramp&user_id=Xc12978-gtB-o3lIt_JWbqcypgqznBj0tYE_hEv0lsrZ63IqE&verifyHash=bbdc940c2fc5351da9ab8aefd32de937462ac55c
Connection: keep-alive
trace-id: d580a8e594341bb4
Content-Length: 0
X-Amz-Cf-Id: E_Gz63tlXCvozU_o6_liiRNqjjn9QQ2veu1jk_GdaOLWJBmGNf153Q==

GET
H/1.1 200
OK image.aspx
6025286.global.siteimproveanalytics.io/ 34 B
225 B 797ms
163ms Image
image/gif 18.235.43.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6025286.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&title=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&res=1600x1200&accountid=6025286&rt=3771&prev=8dfcff30-20d2-02cd-3153-028ed6a752ac&luid=499ba683-8157-7207-b730-90aea59a1e99&rnd=62460
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.43.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-43-134.compute-1.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
Cache-Control: max-age=0
Expires: Fri, 26 Nov 2021 12:11:13 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 597ms
186ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-743773256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14383
x-xss-protection: 0
server: cafe
etag: 8922484703547193234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 12:11:12 GMT

GET
H2 200 10150886.json Show response
s.yimg.com/wi/config/ 2 B
449 B 501ms
160ms XHR
application/json 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10150886.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:48:20 GMT
x-content-type-options: nosniff
age: 1372
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: KG59GVWV014PYCK7
x-amz-id-2: QBchCQjl5GjVg/IkBLtzKW99/OZdiWHRozm2mmqs+Z0DCX7i4cVPZ/Lvvo3rYq0gLAJewsEXgjw=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releas... Show response
adservice.google.com/ddm/fls/i/ Frame A50E 194 B
627 B 647ms
188ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx

Requested by

Host: 9816844.fls.doubleclick.net
URL: https://9816844.fls.doubleclick.net/activityi;dc_pre=CIORneX_tfQCFfkDaAgdYEAKWQ;src=9816844;type=pagev0;cat=pageurl0;ord=1809736237845;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://9816844.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 12:11:12 GMT
expires: Fri, 26 Nov 2021 12:11:12 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-release... Show response
adservice.google.com/ddm/fls/i/ Frame A734 194 B
242 B 647ms
189ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx

Requested by

Host: 9570324.fls.doubleclick.net
URL: https://9570324.fls.doubleclick.net/activityi;dc_pre=CIuPn-X_tfQCFQIHcQodKNgJPg;src=9570324;type=sopapj;cat=sopho00;ord=5553630634214;gtm=2wgba1;auiddc=375181513.1637928671;u1=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx;ps=1;~oref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://9570324.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Nov 2021 12:11:12 GMT
expires: Fri, 26 Nov 2021 12:11:12 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 703ms
174ms Script
application/javascript 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=004df4e554108dc44d26d5da738f006d16
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
content-encoding: gzip
X-TraceId: edef0f45d5487d8969118af1520e4562
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 707ms
165ms Image
image/gif 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=004df4e554108dc44d26d5da738f006d16&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&optOut=false&bust=07194105140390392
Requested by: Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:13 GMT
Cache-Control: no-cache
X-TraceId: 679684336904eabfcac4d2b70121588f
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 527ms
155ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=334990480506518&ev=PageView&dl=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&rl=&if=false&ts=1637928672705&sw=1600&sh=1200&ud[external_id]=9c266d3e1bc3927c651759a0a7d4fb9de7d5d7429b81888a31421f4d1b18c436&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637928672702.1403096602&it=1637928672043&coo=false&rqm=GET

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 26 Nov 2021 12:11:13 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 574ms
161ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2026%20Nov%202021%2012%3A11%3A12%20GMT&n=0&b=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&.yp=10150886&f=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&enc=UTF-8&yv=1.10.2&tagmgr=gtm

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:13 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 26 Nov 2021 12:11:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/743773256/ 2 KB
2 KB 699ms
182ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/743773256/?random=1637928673070&cv=9&fst=1637928673070&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&tiba=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fb6cc23998741673cbd0e44e042fbbf46137022180dd4c8d9faf86c5f509320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1146
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/743773256/ 42 B
64 B 335ms
173ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/743773256/?random=1637928673070&cv=9&fst=1637928000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&tiba=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&async=1&fmt=3&is_vtc=1&random=3765583439&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 303ms
155ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=334990480506518&ev=Microdata&dl=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&rl=&if=false&ts=1637928674214&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtSophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=9c266d3e1bc3927c651759a0a7d4fb9de7d5d7429b81888a31421f4d1b18c436&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637928672702.1403096602&it=1637928672043&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 26 Nov 2021 12:11:14 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame CF64 2 KB
1 KB 179ms
179ms Document
text/html 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1637928900000/w7p4sauc2iyi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7e3bbce85c6a2804610806ac933293d2cdbff6c7d28a470af339b8c86d22ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 22 Nov 2021 20:20:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Usmn4vQEOhuMDh8alPn7fxqyZ7MlNOry
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 26 Nov 2021 12:11:14 GMT
cache-control: no-cache
etag: W/"15fe000f7b996aca7a7c39f834e85b43"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: 4w-C6jIY5AM7BRRUorbEUGWsl3WmkY37u_0cOdE4wgKMemXLGvDZ2A==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame E871 2 KB
1 KB 162ms
161ms Document
text/html 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1637928900000/w7p4sauc2iyi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7e3bbce85c6a2804610806ac933293d2cdbff6c7d28a470af339b8c86d22ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 22 Nov 2021 20:20:34 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Usmn4vQEOhuMDh8alPn7fxqyZ7MlNOry
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Fri, 26 Nov 2021 12:11:14 GMT
cache-control: no-cache
etag: W/"15fe000f7b996aca7a7c39f834e85b43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: DvLiQ9d32f8paaiqyPo3CQIJuclhKOpf5amcmCZk_5q3wGA1NBtQhA==

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 0F40
Redirect Chain

https://insight.adsrvr.org/track/up?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0

882 B
1 KB

120ms
112ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: bc26dbe1a4b00ccf6f9c49bc5ff6ace515432606fedc85c6283c3265431fb724

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/

Response headers

date: Fri, 26 Nov 2021 12:11:15 GMT
content-type: text/html; charset=utf-8
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

date: Fri, 26 Nov 2021 12:11:15 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 /
173e255b.akstat.io/ 0
201 B 353ms
333ms Ping
image/gif 2600:1400:d:5a5::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://173e255b.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/98YDQ-4R7DD-Y3XRM-CVBHP-WX4A4

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2600:1400:d:5a5::11a6 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sophos.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 12:11:14 GMT
content-type: image/gif
access-control-allow-origin: https://www.sophos.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:11:14 GMT

GET
H/1.1

200
OK

results.txt Show response
yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net/eum/ Frame C44C
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=plph574s8
https://yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

1014ms
172ms

XHR
text/plain

23.204.152.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 23.204.152.10 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-10.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:16 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Fri, 26 Nov 2021 12:11:15 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net/eum/ Frame C44C
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=plph574s8
https://figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

1025ms
173ms

XHR
text/plain

2600:141b:13::17d7:82da
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2600:141b:13::17d7:82da New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 12:11:16 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net/eum/results.txt
Date: Fri, 26 Nov 2021 12:11:15 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 runtime~main.ab9d7b37.js Show response
js.driftt.com/core/assets/js/ Frame E871 6 KB
3 KB 153ms
150ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

da6e5eccd6f46dd0b12fda7fa82a07ea7fb3a75467693c1c67c486f15cac91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316241
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:22 GMT
server: nginx
etag: W/"ba5260995e64ac1175c9f12a86a4e6ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qySU0RneoIVieaiR7uLP0OJNX8Fw_XBE
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QCUKmdGtWSJwQGRIAu8Oz7a-AT4tTefsK6dAi-3O4cpEjj5cQXsudA==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 58 KB
58 KB 165ms
163ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:23:08 GMT
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
age: 9128886
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59055
last-modified: Thu, 12 Aug 2021 19:36:12 GMT
server: nginx
etag: "fce0b3daf28dfa888be2818f43b06ef0"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q7_jgxG2AYS0ltIB1kk0GRIKriX6aeGV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4S75xPnSqNwJh82gOYsOkZwDtF_iUB6HqqjzkyzumZyhXzhCyOYRxA==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 6 KB
3 KB 235ms
233ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:36:14 GMT
content-encoding: gzip
age: 3004500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: peQlDNv4DdGfxSWfPX0Y-YjdSPAQ_s7PmI6I0G5Zo8fEg3ugGpQfwg==

GET
H2 200 runtime~main.ab9d7b37.js Show response
js.driftt.com/core/assets/js/ Frame CF64 6 KB
3 KB 220ms
220ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

da6e5eccd6f46dd0b12fda7fa82a07ea7fb3a75467693c1c67c486f15cac91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:22 GMT
server: nginx
etag: W/"ba5260995e64ac1175c9f12a86a4e6ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qySU0RneoIVieaiR7uLP0OJNX8Fw_XBE
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SmYQ_kkUFDqGTUe9T3SIg-ScvaEynvMvvpi1hpkHU3lWq9Rij96bvg==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 58 KB
58 KB 233ms
233ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:23:08 GMT
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
age: 9128887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59055
last-modified: Thu, 12 Aug 2021 19:36:12 GMT
server: nginx
etag: "fce0b3daf28dfa888be2818f43b06ef0"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q7_jgxG2AYS0ltIB1kk0GRIKriX6aeGV
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EMcLeYkbzS4NV9p_PBqNltr9mkcgLwEtRGryohPlqZHSo6YYS5BnQw==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 6 KB
3 KB 270ms
270ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 17:36:14 GMT
content-encoding: gzip
age: 3004501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m-Zz-MhxPynaLPutGtdfyAjfECGhXRueocLPOhdQdjpzRdJuIwWajw==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 47 KB
14 KB 156ms
153ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 5162718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:30 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VUhmN0wteSIOoD7zf42Fx9jVTzQPjY_
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Alsx8feeT1JJRcwssqF7n0A13bVVaD6Pv1wlhT8soKxvH6Q28fxCxA==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 44 KB
13 KB 162ms
159ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 5162718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:29 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jEi2sT.oz2dMTnmIGznKkCTerYS6HNwY
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4ROnRf1P6EeLK5AMH6BcEPp-yJopqQ9DeK6OmbPnJjvg9PWziYBWQA==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 25 KB
8 KB 164ms
160ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7p7hEG7wgBEqHh4x1KNFvP8cQiijthzZbqtvO0xPoAZryefbek8tYg==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 16 KB
5 KB 165ms
161ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9650338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DFxVD2BF7qhnNQPB8Q5XXun9IjJbMQTgkMpV33gMOkZ9vTSubn8dTw==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 72 KB
22 KB 177ms
173ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4310321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:09 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PpKcHacqpQIWv5LlWxshj7GW7ctXBTRY
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pnspHQYDCJRINJir7V2GsrpsLMEDv3UU1n6lwmMCxWz2kk4N3Z8O-Q==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 16 KB
6 KB 179ms
175ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nh0pYGpBA28EORjGfGr-0dJ5nU5tOneuUpnPon3i3Ow0qgzmiXTcUg==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 59 KB
19 KB 241ms
238ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4310321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: v0Q3sUg3fAcXKBWqoZodUDobSoc9.NX8
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bDkPSouLyVqlUi1Ukd-IKikw3jBlFSdV_oB3kvkIXPPGPsqrboR_NA==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 91 KB
28 KB 249ms
246ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 02:14:12 GMT
content-encoding: gzip
age: 4442223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Oct 2021 13:21:52 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F4c27N8Q48RzRrjWijYpmql7j.I4UKQs
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rbs7mDxZxtVPuIhcB0YqroTUyCIAcZny1NgQ01MO8Ngpj8-Lx6Hd2A==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 23 KB
7 KB 259ms
256ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9650338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I1WpwpZZajsea33MgtOuZ1ex1v-KM-APxAsYXEfQK53qGOik8O9Wrg==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 62 KB
20 KB 264ms
261ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 21:49:43 GMT
content-encoding: gzip
age: 3939692
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Oct 2021 21:20:00 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dduSgTmTEeX.c1xrsh3Cd4WUJFtbN06M
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -iCyDi8cCVuVegwmNaUp839sr1PDNgfvpI4coaNDtu9vhydwvcWXlg==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 105 KB
34 KB 274ms
271ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z20Hv20uphe3Vo5pkuRaE4g32dX5Qbuen3ypfzr4ox7-qyHkxJx1sg==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 12 KB
4 KB 317ms
314ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V79A5POhk5IQuunP2J3ULRYvl0nTQrf367HD03a8vLLDVwjdyCUMOQ==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 12 KB
5 KB 319ms
316ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:36 GMT
content-encoding: gzip
age: 4310319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _ix5iBb64na.L1JY7ymqDewgFGceFL7s
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GDE7FGG57kHzyAHAPDtYSww4mgWFhn0bDpqsDW1Id8_3Mnnf8yIJVQ==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 17 KB
7 KB 322ms
320ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Gta-xbjamj62lxtyJ0H4gXgx4EqrzMfkgnuryE2wX3vULXfspFiAhw==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame E871 11 KB
3 KB 321ms
320ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:19 GMT
content-encoding: gzip
age: 2137376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ww56mBAwfmgUIcrxZ9Q2hoV5wEoUnd3qRO6uBKF4CERbv5P1yBieFg==

GET
H2 200 7.ba44d36f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 69 KB
21 KB 327ms
326ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.ba44d36f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

11d27d2ac15ed29e2769deb82c83901b218fba3535541af03b5e4e389a14b715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:20 GMT
server: nginx
etag: W/"be9c30db45280cd93a65c217b5f439d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bsbrqRGd3KbBlvAQn091Ie3Hjs81RG5
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lIdSBJIaa-x8t0-14tTUjPmUoRtKgkLZw_BrhEx32tc3KXEVyvmiUg==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame E871 24 B
666 B 329ms
329ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
age: 9650338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C92wLlVZuJeZmS7gf6g7MG01-danj-RpkwNIcoL5F5RgQpqCfvSdog==

GET
H2 200 14.dad5b9c7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 73 KB
19 KB 335ms
335ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.dad5b9c7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8d4842ea3131afb2c889435d7fa4da85c6692f42ad83a1b0087a47ed10c399fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"1ceab3facf2a332b3ff8f53bb8ae0178"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NmuWzskZM7ZSDx59o.Nk.l7aO3PE2L6w
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R2LUgb1mrfOtj6Gqb0_w4-KMMPBJ0rJA9x6lNsDTLYb6H6wzNwisjg==

GET
H2 200 20.59e51040.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 47 KB
13 KB 340ms
340ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.59e51040.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1e5e3f29206ca046d131a9ea9db973a5a116a5f14c156db28e3a885381c40498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"7902a4b6b2d44a9ebba2447498122c80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EmTbJrdDKKXIAo2Rwx2ftAT657NYabgu
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xBzvZJ_jYFb7BDiGtF6CLZMRLVmkz6Poc3nhHCpGyxRuZgkVbIH1nw==

GET
H2 200 12.46770405.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 40 KB
13 KB 346ms
346ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.46770405.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c61a5b3616fe58f512ff682458b601c81bd8c0d47730a3efb958ff8c06000d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"66dd9df5ec130240c8e1dc5074ff5d96"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sh3cz2I3FOd_iqnGu_dJzYmjsz7yNbWC
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: t4jllo8TET3ZBqAEy_wOPT7BrF4zxQkxkaLSo3omRtmLs8xOyeBKMg==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 47 KB
14 KB 315ms
313ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 5162718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:30 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .VUhmN0wteSIOoD7zf42Fx9jVTzQPjY_
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hkh2HXIraFxiCeFLxBT_stJDotvLAQ2HkTYa6BGAJFi8-xmAvwoKvA==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 44 KB
13 KB 321ms
319ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
content-encoding: gzip
age: 5162718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 17:53:29 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jEi2sT.oz2dMTnmIGznKkCTerYS6HNwY
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uEVwMrhZt-weN2lOcSiRNx3gDemkeZ2Oa0GDoQaDDyRup5-wPlOWYw==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 25 KB
8 KB 323ms
322ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1I09NUqlw54C3qTPS3eShOaQpBS5lcLu
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HR817Ielp_T-GueXGVMS2gzrVZW-o5CVK_NN5huq3RP2vW7NDuXb9A==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 16 KB
5 KB 325ms
324ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9650338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:24 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3Lit_GR0K_e3yyTyyAPf_WyqhFyqI1X7
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HmiBJVRCto4xxUVweMwmwXLyBjIw2ZIT2lDp4ZVen1koF3SBla4ZxQ==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 72 KB
22 KB 331ms
330ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4310321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:09 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PpKcHacqpQIWv5LlWxshj7GW7ctXBTRY
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: X3njBeAKSKUMqkQUVucCsS1hlvtmf4NzV22YSgO4s8vqqjkumzMSpQ==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 16 KB
6 KB 334ms
334ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SPqSo.47y7907Wglh2zWsWSyACYHB_Zc
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 11EUZ60f5Xmogf4aZr_m-TR0YhRLJHAXAx2ipsFzWBWhaYAdVOlSAQ==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 59 KB
19 KB 373ms
372ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:34 GMT
content-encoding: gzip
age: 4310321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: v0Q3sUg3fAcXKBWqoZodUDobSoc9.NX8
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IBIr3V-bhHxD8WloQ947v0GpKFBOz3Jt0scbrcFwovk46XgqEIG-eg==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 91 KB
28 KB 375ms
374ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 02:14:12 GMT
content-encoding: gzip
age: 4442223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Oct 2021 13:21:52 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: F4c27N8Q48RzRrjWijYpmql7j.I4UKQs
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y7P5rD_VaMxR3bY-YXaPvKWbWg5YdTDIDZw-vN53rBs07ft8btIcpw==

GET
H2 200 9.a48906f3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 23 KB
7 KB 380ms
379ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.a48906f3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 9650338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:26 GMT
server: nginx
etag: W/"60e5547ed381473c15e63274bcd796b6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gA_0cz7CJfhJ8aNbtPMgs.3Fr8VDJHGb
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kFDO_yAQbKwQLW0dt8d3bt4-94sCEDYT__QFk50Rhuit2PCTxwBJiw==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 62 KB
20 KB 383ms
383ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 21:49:43 GMT
content-encoding: gzip
age: 3939692
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Oct 2021 21:20:00 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dduSgTmTEeX.c1xrsh3Cd4WUJFtbN06M
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: N1ZkpPE1VMhY67IU3_Gvt88goAor0B8sRvfc2icdsve5w2400M5c6A==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 105 KB
34 KB 388ms
387ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:08 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9jXV8w0bWzHPQtgsCAjrFrN9PLNAN.Ap
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ersWrbgRpowT8064Hg6ngBC4VA_BxeBQUnajvlyaLbQXAmpMg0qhtQ==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 12 KB
4 KB 395ms
395ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ocjv..MVaCaOGNo5kiC5l3ewWVKjMwbS
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: loZudy9vwEjA--qECS3L8WnzsA1HTgypqn3OrPsisVPr7UWCcx4XXA==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 12 KB
5 KB 398ms
398ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:36 GMT
content-encoding: gzip
age: 4310319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:10 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _ix5iBb64na.L1JY7ymqDewgFGceFL7s
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P_NFu6GjePIJWgA3Fwgnx8YhEGfF_YXl94Y0z-qsE1otrs98cm1J_Q==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 17 KB
7 KB 399ms
399ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 18:08:17 GMT
content-encoding: gzip
age: 8186578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 23 Aug 2021 17:42:07 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mlbxReFt8YmdLvOZ4ChXgFfj8NP88809
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gikqhyrFm96X8CkQAMnjh_m1mPSlbLCd2GST7Bre7fsj28ScvBdVKA==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame CF64 11 KB
3 KB 399ms
397ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:19 GMT
content-encoding: gzip
age: 2137376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Hhhdu8KSrse0xwFVsC0O7-v-ZTMQZ801BNSgcNf4lowayP9hYwlnfw==

GET
H2 200 7.ba44d36f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 69 KB
21 KB 400ms
397ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.ba44d36f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

11d27d2ac15ed29e2769deb82c83901b218fba3535541af03b5e4e389a14b715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:20 GMT
server: nginx
etag: W/"be9c30db45280cd93a65c217b5f439d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bsbrqRGd3KbBlvAQn091Ie3Hjs81RG5
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qmg0HGekmwOL5ObzrWcO1lCcWs3LUxoXK4liboRtESy-SDBorNvJjg==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame CF64 24 B
666 B 400ms
398ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
age: 9650338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MQXqucpC5YU8o1LKD6blw6zzMaLhBqjYf0HDr4Tt44rEiaBdDCbUwQ==

GET
H2 200 14.dad5b9c7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 73 KB
19 KB 406ms
403ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.dad5b9c7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

8d4842ea3131afb2c889435d7fa4da85c6692f42ad83a1b0087a47ed10c399fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"1ceab3facf2a332b3ff8f53bb8ae0178"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NmuWzskZM7ZSDx59o.Nk.l7aO3PE2L6w
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: p57AodeGE1KbazC1S03NjxRCzLMNnD0NpBcjiRfFYIDKGxnCyShiCg==

GET
H2 200 20.59e51040.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 47 KB
13 KB 407ms
405ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.59e51040.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

1e5e3f29206ca046d131a9ea9db973a5a116a5f14c156db28e3a885381c40498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"7902a4b6b2d44a9ebba2447498122c80"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EmTbJrdDKKXIAo2Rwx2ftAT657NYabgu
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Kcv66eatDOL8aFwKdepkpj2KqGe8FuecYy7iuTc5weTsfB4jqZ8IjA==

GET
H2 200 12.46770405.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 40 KB
13 KB 410ms
408ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.46770405.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

c61a5b3616fe58f512ff682458b601c81bd8c0d47730a3efb958ff8c06000d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"66dd9df5ec130240c8e1dc5074ff5d96"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Sh3cz2I3FOd_iqnGu_dJzYmjsz7yNbWC
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o2A22lcNZMRIE_hkwvxFdQ1iTNAZVbPBMp9h6TAQ5gO-7Q4D1YdACQ==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 0F40 487 B
964 B 162ms
157ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=j022xlj&ref=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&upid=ql4fc2b&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 06:50:21 GMT
Via: 1.1 977bceb85b0d96fff42219b533149c4d.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 19255
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR53-C3
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: QaetTdjaz4chNB3rut2a88LP4v7FGxv7Ypv_yHyUOfoSiyQHQRKw_Q==

GET
H2 200 30.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame E871 3 KB
1 KB 162ms
161ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 2137375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GBOBYZXPfE_Um1Sf_mqL4fDHmw8hrH5J
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fpGb1hxmw-LBA7UDx5xTtih4_s2MVnJjdxQIrrGwpNFqkZ-Uvj9QxA==

GET
H2 200 30.025287d0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 3 KB
3 KB 162ms
162ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.025287d0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

f5642eea8890a1123d9a49ae8efd66755a53d6b44301249f5d9b27b21acab85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 06:52:52 GMT
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
age: 537503
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2620
last-modified: Fri, 19 Nov 2021 19:04:45 GMT
server: nginx
etag: "f592b825cca98e86b19c3c23a7bc0d4f"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hUSgEUQkZffvytAno4YJs9KYWlpdFwGR
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zzH46zhdHcktIcGqvxUnMYvUZi2CidVfL1TKvDw3aAsHtqSZ-lduAw==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 74BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MTAwMzRlN2ItMTIwMy00NzhjLWI3MjktMTg0MDEyNmRhOGRm&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-18401...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df&google_gid=CAESEC0pbnDspGaWM3z41Rx8Foo&google_cver=1

70 B
588 B

115ms
115ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df&google_gid=CAESEC0pbnDspGaWM3z41Rx8Foo&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df&google_gid=CAESEC0pbnDspGaWM3z41Rx8Foo&google_cver=1
date: Fri, 26 Nov 2021 12:11:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame BE75
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D10034e7b-1203-478c-b729-1840126da8df
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7574469182888486657&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df

70 B
588 B

121ms
121ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7574469182888486657&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Server: nginx/1.17.9
Date: Fri, 26 Nov 2021 12:11:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7574469182888486657&ttd_tdid=10034e7b-1203-478c-b729-1840126da8df
AN-X-Request-Uuid: 37caccc9-220f-497e-8bc1-3549c9af8fd4
X-Proxy-Origin: 193.37.254.157; 193.37.254.157; 675.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55953/ Frame 5B7D 0
0 794ms
159ms Document
text/plain 54.175.87.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=10034e7b-1203-478c-b729-1840126da8df&_origin=1&gdpr=0&gdpr_consent=

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-87-114.compute-1.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age: 0
server: ATS/9.1.0.33

GET
H2 200 22.e10510b6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 42 KB
12 KB 157ms
156ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.e10510b6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 01:13:23 GMT
content-encoding: gzip
age: 3668272
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 14 Oct 2021 21:28:22 GMT
server: nginx
etag: W/"a99459752bee496e4af7c45277fd9c26"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T8L5krx2cqygd71cKnQ.RlFky1lNaO_x
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ml-L0d9mKuF5FVrvGHsObLfPXYR0pDTIabx5dqOpQwrtNEcW_s_NCQ==

GET
H2 200 24.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame CF64 8 KB
2 KB 158ms
156ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/24.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 14:52:38 GMT
content-encoding: gzip
age: 4310317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 14:03:07 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Jae8JqW663dCPtKcAWnt.q.y_JeyJDGP
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KtrLiHXHnfPdaSETdm0NZ19-6ofbos7rTSrxSo-ZKnRNeuFYhUcV2w==

GET
H2 200 24.3632c295.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 12 KB
5 KB 172ms
171ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.3632c295.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

9b9cb5ed20b53ea6b4ea1ff2355f4503a2b3a0811b5eea90a46d87932d45a077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"9cc1c16b32b5203ded0936e43a26c2b5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: aJ.POfjp1rnB8zITMt9sDj2VJw6PHXza
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c6tBfz_Gh38SooYFBVdLUzOs2Ib4oN3XozWd4RqnTEZsXz-hbkJACg==

GET
H2 200 18.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame CF64 365 B
1005 B 172ms
171ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:57 GMT
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
age: 5162718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 27 Sep 2021 17:53:27 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2nl84_Ynkb7J4eflOi4MBL9RG1iL8udX
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q9zOBjMlj8zyrcnyg7nM4TCzVpDeCgApxdeW7gOGt1_RhAt96Ou_og==

GET
H2 200 18.c447861e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame CF64 84 KB
23 KB 173ms
172ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c447861e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

4193c906068e59efea49bf877ce6259a7befce4828660f7a37b12ec3a84c1ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?embedId=w7p4sauc2iyi&region=US&forceShow=false&skipCampaigns=false&sessionId=3e62167a-6d1f-4045-9fff-831cd45b3ff7&sessionStarted=1637928674.525&campaignRefreshToken=3ec05480-5354-4e96-8de3-62d532e0afac&hideController=false&pageLoadStartTime=1637928669835&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"3b88d372f3f4b68e7db793505ae832ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Bqtp7eTmaldDqB3daSJ_RyU8KrAlWdFv
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YCXrDOJ9HpSonP5_y7nMnxhuxRYosQv0FL2-Phn54ZQtc46GRtJhBQ==

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame E871 7 KB
2 KB 157ms
156ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 19:44:40 GMT
content-encoding: gzip
age: 12241595
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 07 Jul 2021 17:12:06 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hdWMgNKvLwZcep5QH7m9bqoRE1.SuP2b
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 39KXFGYEDeBvcfjbM7OtjzquX_sqfjGGBbvd6frnCOG-kuM03tsVvw==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 54 KB
16 KB 159ms
158ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 15:57:00 GMT
content-encoding: gzip
age: 9836055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 04 Aug 2021 15:23:59 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .bVTg0MSlE6rXjintZc.g75plFKA2.sd
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ywM1m5q08aoF4a1cSOb5qs7bAEjU6D-5Pij3IyKbERfS-cNi18cJVQ==

GET
H2 200 0.6d90a433.chunk.css
js.driftt.com/core/assets/css/ Frame E871 44 KB
7 KB 160ms
158ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.6d90a433.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

bf8e028caa6730932640ad679e31fe66ff9663aa29e214d151a889196081f9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:12:39 GMT
content-encoding: gzip
age: 748716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 19:25:04 GMT
server: nginx
etag: W/"408c59571162a79ac16fc96c1273f0f2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8XLpsu9QAcQ0ItiVWO5brdd1N5g2sOHJ
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TrMEaUxobt2POcwhga509-bzhcbNGvdDSz1ux_Vw-bjrV90mNyt9ew==

GET
H2 200 0.8116ab4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 70 KB
24 KB 161ms
160ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.8116ab4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

3cae95b041db640339eae18d74c546f8d7e9fb76e53a1e7cb15d9e8adea93d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:20:33 GMT
content-encoding: gzip
age: 316242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:18 GMT
server: nginx
etag: W/"82e5821e8a29a3377c71a9e85ea8d994"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8BhhXuxBMr6aey5WYe68V.Mg04pcfE1J
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uN5Pa_i9lB7NwvFHnZ-vx1znlhMZbqbOQSujwF_Lqyf45yUU1asdfA==

GET
H2 200 29.a4eacd1c.chunk.css
js.driftt.com/core/assets/css/ Frame E871 11 KB
2 KB 163ms
162ms Stylesheet
text/css 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.a4eacd1c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:12:39 GMT
content-encoding: gzip
age: 748716
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 19:25:04 GMT
server: nginx
etag: W/"5fcabdf983fd5bbf7cb199063137d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k82F8FaNpkIB_WK109g86MbRHlA8U_6q
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zqytisKNZ-rob0ix2tZ-t_WnCE5LpdeqjdRBwoOKbaVSQ1PnuU3yzA==

GET
H2 200 29.73b9ccf9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame E871 11 KB
5 KB 163ms
162ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.73b9ccf9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.ab9d7b37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

61c5e0ee01b43350fc63d6540019ca4a1a2fec438e09e225b715a442a63115f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1637928669835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 22:13:05 GMT
content-encoding: gzip
age: 741490
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 21:01:38 GMT
server: nginx
etag: W/"08a72aad434f11567a747fd67be2d3fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qicBCcKgTenss1sMR3kJQz8teIQSYJPA
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: EWR53-C3
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4BHNGtjCGeOMYTVuSD9XaAP-1tXlXtBwF48kHeIEmOQJ8bgviHZqCQ==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame CF64 25 B
123 B 175ms
174ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
server: istio-envoy
requestid: ed702655bce706dd
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame CF64 156 B
254 B 159ms
159ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

aa87080829e2d6ea448f1271ed11a0ca76ac17c38cd96d6d68a61c426713a84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
server: istio-envoy
requestid: af5789590545f686
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 156
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 527ms
163ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift6af5f4f46ecad0f76be99b86837
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 507ms
157ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 12:11:16 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift867b5224b6e9df882d581983ce0
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 w7p4sauc2iyi.js Show response
js.driftt.com/include/1637928900000/ 218 KB
62 KB 202ms
201ms Script
application/javascript 54.230.162.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1637928900000/w7p4sauc2iyi.js

Requested by

Host: www.sophos.com
URL: https://www.sophos.com/en-us/press-office/press-releases/2021/11/sophos-2022-threat-report.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.162.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-162-16.ewr53.r.cloudfront.net

Software

nginx /

Resource Hash

67193e1f8b13691632f81cb4ff92b09955e911cb7760b990eff3c1c258f02266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.sophos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: sUxHf9xgcpk8tCBmFbUB42ClXLES_ITY
content-encoding: gzip
etag: W/"c722ecfa8c7c3bf3cbfc80ed0fb8531e"
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 20:20:52 GMT
server: nginx
date: Fri, 26 Nov 2021 12:11:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vU07Q5BmCM-8RPziORUBMVh8wT5JNLow3h9H5bOicq6KEwpUc6QHVA==

GET
H2 200 w7p4sauc2iyi.json Show response
embeds.driftcdn.com/embeds/ Frame CF64 46 KB
11 KB 556ms
227ms XHR
application/json 13.225.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/w7p4sauc2iyi.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-112.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b70d0ef148866eed1d3dd7b4741335e97561cad3fa53972ce36d903e1547a3aa

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:11:18 GMT
content-encoding: gzip
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 26 Nov 2021 12:07:23 GMT
server: AmazonS3
etag: W/"21064b2378e0fef6af2e32ae2e62b6cd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 95a7b3c60127f88f316c1c042cf353c3.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: 4yBG08Q2gXTIpIBZf2IvQamux8aB2YZNgKonFVfUc1QXszgQIQBvqw==

GET ip.json
api.company-target.com/api/v2/ 0
0

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame CF64 25 B
89 B 167ms
167ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Nov 2021 12:11:18 GMT
server: istio-envoy
requestid: 6a3f3210b8bd1f15
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 151ms
150ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 26 Nov 2021 12:11:18 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift9946d4146468304f62f7a85708a
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.company-target.com
URL: https://api.company-target.com/api/v2/ip.json?key=e065786bc0bf5976243d701d59b98dbf&page=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&page_title=Sophos%202022%20Threat%20Report%3A%20Gravitational%20Force%20of%20Ransomware%20Black%20Hole%20Pulls%20in%20Other%20Cyberthreats%20to%20Create%20One%20Massive%2C%20Interconnected%20Ransomware%20Delivery%20System&referrer=

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sophos.com/en-us/press-office/press-releases/2021/11	1969-12-31 23:59:59	Name: DriftPlaybook Value: B
.sophos.com/	1970-01-19 23:01:41	Name: websiteaklang Value: en-us
.sophos.com/	1970-01-19 22:58:52	Name: AKA_A2 Value: A
www.sophos.com/	1969-12-31 23:59:59	Name: akacd_pr01 Value: 3815381468~rv=23~id=500033596ee67e35516a880424976a29
.sophos.com/	1970-01-20 03:18:00	Name: CampaignID Value: 0
.sophos.com/	1970-01-20 07:45:51	Name: _vwo_uuid_v2 Value: DBB6FF210ABE707C162E51D8E9E2503E1\|53bb1184d5e547c951bf56552c6ea46c
.sophos.com/	1970-01-20 16:30:00	Name: __utma Value: 1.1704625816.1637928671.1637928671.1637928671.1
.sophos.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
.sophos.com/	1970-01-20 03:21:36	Name: __utmz Value: 1.1637928671.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.sophos.com/	1970-01-20 03:19:27	Name: _sphs_uuid Value: 423c5967-bf05-48de-983c-e48407905dbc
.sophos.com/	1970-01-19 22:58:55	Name: bm_sv Value: 743A416C2155ED0B70D9125DFFD5F1EA~6Jo5jVcXol5X9xrjCRWFT6Sp5ke5P46LivClHbGiDed+4OxnB96aH58+CywlUGMjPwAXaY2dMUj4/XU8XzfmkGhR4Nx6+5DCSqWswrtqnB1PBhXBy/jCg9ntY+cxUSniMLwUZNDJg6IGQiaTf/VSdYvtNbsL2vZfx/sL6Q9n7y4=
.sophos.com/	1970-01-19 22:58:49	Name: __utmt Value: 1
.sophos.com/	1970-01-19 22:58:49	Name: __utmt_o Value: 1
.sophos.com/	1970-01-19 22:58:50	Name: __utmb Value: 1.2.10.1637928671
.sophos.com/	1970-01-19 23:00:15	Name: __L10N Value: %7B%22longitude%22%3A%22-112.0421%22%2C%22zoom%22%3A%226%22%2C%22latitude%22%3A%2233.4413%22%2C%22name%22%3A%22United%20States%22%2C%22code%22%3A%22US%22%7D
.sophos.com/	1970-01-20 01:22:48	Name: _vis_opt_s Value: 1%7C
.sophos.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.sophos.com/	1970-01-19 23:08:53	Name: RT Value: "z=1&dm=sophos.com&si=s7dvagnwxke&ss=kwgcfuiy&sl=0&tt=0"
.sophos.com/	1970-01-20 01:08:24	Name: _gcl_au Value: 1.1.375181513.1637928671
.sophos.com/	1970-01-19 22:58:55	Name: ak_bmsc Value: 4478CDE46A687DD931FFA59ED7A5B6DB~000000000000000000000000000000~YAAQhZcwF7R7qCx9AQAAvBgoXA1lHcZEBfMdrB/ElxH3+j53V0tgnEzEjvRVM1vJsfr9YDZCeanAHb567WTWARM/0ckt1k68tW3mD07b3kBlQOFetFooefGBkDx+eSO37Y0oTiKWIhmSaSnB4Mm2e811gocazzcSC8zm5HNSta74CY/mtcluffJjxKvspqda7iLlCxvzTWBV0vzbrUF55OHvW3yrmrwiPTpwxw7qsNKsbDBscMKtXU0/C6c5qZzodz43FrAN604eBtRL3GMB2oZnZJIxmxqTU5ok4+X5AggDZVVNPOusNNO7olkVAI7r7nWeHac3A3n4ZQHj8/kuTMyyj4QNscOWnj1mHAwen/MqSqvNUqad8IBPGiQDOViH15v0mqz7QGQnjj+sRruYo+Wx+NphrwfY1YteVCsmUaTrhc4ecOSmaJS0e73aU+h7Hx4/Qs90wUiyCJACZU8lVlZFVDoKhQ+tkzTqUW6Yg6q1NPSbTraoFGrO
.sophos.com/	1970-01-20 07:44:24	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Nov+26+2021+12%3A11%3A11+GMT%2B0000+(GMT)&version=6.16.0&hosts=&landingPath=https%3A%2F%2Fwww.sophos.com%2Fen-us%2Fpress-office%2Fpress-releases%2F2021%2F11%2Fsophos-2022-threat-report.aspx&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.eloqua.com/	1970-01-20 08:27:36	Name: ELOQUA Value: GUID=b4b12f2e42c54e59946f36a399a22de3
.eloqua.com/	1970-01-20 08:27:36	Name: ELQSTATUS Value: OK
.sophos.com/	1970-01-20 01:08:24	Name: _rdt_uuid Value: 1637928671775.6ca6e999-7e33-4486-8764-2850b53dfd15
.bing.com/	1970-01-20 08:20:24	Name: MUID Value: 055C2DA88EBB633C2CE03D538F0B62FC
.bat.bing.com/	1970-01-19 23:08:53	Name: MR Value: 0
.sophos.com/	1970-01-19 23:00:15	Name: _uetsid Value: f205ffe04eb111eca43781a8682471ba
.sophos.com/	1970-01-20 08:20:24	Name: _uetvid Value: f20640a04eb111ec8e0465521aa5cca8
.spiceworks.com/	1970-01-21 00:54:00	Name: _swnid Value: aq3q452xlst4
.spiceworks.com/	1970-01-21 00:54:00	Name: _swauth Value: n
.sophos.com/	1970-01-20 22:58:48	Name: nmstat Value: 8dfcff30-20d2-02cd-3153-028ed6a752ac
.ws.zoominfo.com/	1970-01-20 07:44:24	Name: visitorId Value: 27de011ef425c00570accaf273cde70a6ad76f2489ea91e687f8abc0820b39e9
.zoominfo.com/	1970-01-19 22:58:50	Name: __cf_bm Value: 5fh55fvrnCIdjNEM1GwHjiObSqUatvHl_MuM7d2g0hM-1637928672-0-AZ/kYR6y9kPw6Scc3OnLaQ3vvZeTRxt1wPHOme1BZrtOHs1ggNh+Y7aCHGAVQdRKAeOjJeLQjoQ9OBSPZP3CJqo=
.twitter.com/	1970-01-20 16:30:00	Name: personalization_id Value: "v1_qxWK3Av/N8EBcOdOwplaQg=="
.linkedin.com/	1970-01-20 01:08:24	Name: li_sugr Value: 73aff9d7-7761-403c-9224-d4e9444863c9
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:30:42	Name: bcookie Value: "v=2&726a8787-5ee5-4b05-8330-b6c30a0ad5e4"
.linkedin.com/	1970-01-19 23:00:15	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2575:u=1:x=1:i=1637928672:t=1638015072:v=2:sig=AQH4-F7pApfjyRxfBcrnW8xJ3MYO7QzC"
.rlcdn.com/	1970-01-20 07:44:24	Name: rlas3 Value: uzAY97b0oWz6GaEMdJIvlbADbdULt0Qi3ozjOrCUXy8=
.sophos.com/	1970-01-20 01:08:24	Name: _fbp Value: fb.1.1637928672702.1403096602
.linkedin.com/	1970-01-19 23:42:00	Name: UserMatchHistory Value: AQJ1E-eDoOfNwwAAAX1cKB2MQkkBBvndteQtWQ9AEONpvRfCxIwLvAefYH2bOYaDBnaJKBzoYu7GnQ
.linkedin.com/	1970-01-19 23:42:00	Name: AnalyticsSyncHistory Value: AQLvXOjLqqh_ngAAAX1cKB2MZlYvOZXMSEfH4nDJGsMHfdfA308wahsJbJXMKVAgmDTqlA_IXgVnzh88kZHTAQ
.rlcdn.com/	1970-01-20 00:25:12	Name: pxrc Value: COCdg40GEgUI6AcQABIGCMrdKhAA
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:30:42	Name: bscookie Value: "v=1&20211126121113457fb6af-d201-4356-8690-c3ae59c1b00aAQG7Xs2Rs_CnCJKg4en5OIJjqDArb5Xw"
www.sophos.com/	1970-01-19 22:58:48	Name: outbrain_cid_fetch Value: true
.facebook.com/	1970-01-20 01:08:24	Name: fr Value: 01iq7yb22KNlDMo2d..BhoM7h...1.0.BhoM7h.
.bidr.io/	1970-01-20 08:27:18	Name: bito Value: AAF3pk7DQZ4AACsf2CVRMw
.bidr.io/	1970-01-20 08:27:18	Name: bitoIsSecure Value: ok
.yahoo.com/	1970-01-20 07:44:46	Name: A3 Value: d=AQABBOHOoGECECfA1nibF--xxu69Wwp4IHUFEgEBAQEgomGqYQAAAAAA_eMAAA&S=AQAAAufHPSmSxxUowgnBKUi_-dI
.company-target.com/	1970-01-20 16:30:00	Name: tuuid_lu Value: 1637928673
.company-target.com/	1970-01-20 16:30:00	Name: tuuid Value: d2730857-0088-4e83-8ffb-a1aa7254ba0c
.doubleclick.net/	1970-01-20 16:30:00	Name: IDE Value: AHWqTUm7z5bWQqHxzS52X7CJJeB9h03carIy0P5-jamKehlIzdvO6bzg1IfG9tCj
.adsymptotic.com/	1970-01-20 01:08:24	Name: U Value: 4c6b0e34cc6840cef6594d8bc2033eda
www.sophos.com/	1970-01-19 22:58:50	Name: drift_campaign_refresh Value: 3ec05480-5354-4e96-8de3-62d532e0afac
.adsrvr.org/	1970-01-20 07:44:24	Name: TDID Value: 10034e7b-1203-478c-b729-1840126da8df
.analytics.yahoo.com/	1970-01-20 07:45:51	Name: IDSYNC Value: 1769~21r0
.adnxs.com/	1970-01-20 01:08:24	Name: uuid2 Value: 7574469182888486657
.adsrvr.org/	1970-01-20 07:44:24	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI1tH0lPy3mDoQBRIXCghhcHBuZXh1cxILCMbitZb8t5g6EAUSGQoKcmlnaHRtZWRpYRILCP7qmon8t5g6EAUYBSACKAMyCwj-4p22kriYOhAFQg8iDQgBEgkKBXRpZXIyEAFaB2owMjJ4bGpgAQ..

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173e255b.akstat.io
6025286.global.siteimproveanalytics.io
9570324.fls.doubleclick.net
9816844.fls.doubleclick.net
a.quora.com
adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.twitter.com
api.company-target.com
bat.bing.com
bootstrap.api.drift.com
c.go-mpulse.net
cdn.cookielaw.org
cm.g.doubleclick.net
connect.facebook.net
dev.visualwebsiteoptimizer.com
embeds.driftcdn.com
figvmaaaaiaagjqacqnqaeyaabq2btxd-plph57-522142ddb-clienttons-s.akamaihd.net
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
img03.en25.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
links.readsitquick.us
match.adsrvr.org
match.prod.bidr.io
metrics.api.drift.com
p.adsymptotic.com
px.ads.linkedin.com
px.spiceworks.com
px4.ads.linkedin.com
q.quora.com
s.go-mpulse.net
s.yimg.com
s1777052651.t.eloqua.com
scripts.demandbase.com
segments.company-target.com
siteimproveanalytics.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
ups.analytics.yahoo.com
ws.zoominfo.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
www.sophos.com
yes75hixzsmauynaz3rq-plph57-9f76bbfa0-clientnsv4-s.akamaihd.net
api.company-target.com
104.18.99.194
104.244.42.197
104.244.42.67
108.174.10.14
13.225.63.112
13.225.63.113
13.226.37.39
13.226.37.79
142.250.80.34
142.250.80.38
142.251.40.194
15.197.193.217
151.101.129.140
151.101.129.2
151.101.248.157
18.142.0.45
18.235.43.134
192.29.192.157
2001:4998:14:800::1000
23.204.152.10
23.217.149.220
23.52.162.190
23.73.229.203
2600:1400:d:5a5::11a6
2600:141b:13:699::11a6
2600:141b:13::17d7:82d0
2600:141b:13::17d7:82d3
2600:141b:13::17d7:82da
2606:4700:10::6814:b944
2606:4700:3031::6815:59b2
2606:4700::6810:9540
2606:4700::6810:a852
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81c::2002
2607:f8b0:4006:822::2004
2607:f8b0:4023:1404::9d
2620:109:c002::6cae:a0e
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::396
3.230.50.184
34.225.131.76
34.96.102.137
35.190.60.146
45.60.11.212
50.16.7.188
54.175.87.114
54.230.160.114
54.230.162.16
64.202.112.31
68.67.160.186
76.13.32.146
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
095cef01d97174531cc4396240f52e552aac3aaaf9c7e80aafa955c132e10037
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eabdbb05489981f7fc98f0b8a03b4b4a49a0e7da53da4ceb6c2fe8351f63aad
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d27d2ac15ed29e2769deb82c83901b218fba3535541af03b5e4e389a14b715
13c73ba36d1b267eb4a9d1d6d68237e7722436e211648a23559afe480137910e
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
189a7158414e4fab1d24249e6eef0b73fcf61dc28c070fb90da996ca9936f111
1a25170b5578740e88d72fa7b23cd8e4294c901a944e4f97a5df9d9ab09dc767
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e5e3f29206ca046d131a9ea9db973a5a116a5f14c156db28e3a885381c40498
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1fb320efbb0b62786337a93ea3a71a41b8f0dbbd593c6776021903e408bbe5b9
2686f251e3a912a86ddc8a975bd4da5aeb73296d060b0d61e77a7cb94c0681f5
26faeef0331646a8163e5cfc3b708a446fb7aacbeec493c27d5ca458d6b6632c
2a37c1581844434f8e39fa761c8691391aa38a0f3f094881fa6c4004ef11d2b0
2a42c163168d9461b0bc20b3e9a1a10181ecb9f7c3d1b738903a7ee03ec36aa0
2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5
31037d926621b0758c70fb400f05cd1bf962bceddd00aae8f9c9d3551858f65c
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cae95b041db640339eae18d74c546f8d7e9fb76e53a1e7cb15d9e8adea93d04
3eea3e95139fc9bc9bec1ea1f42aeb3b70b2c587f3d2346e0599ca43243efe8f
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4193c906068e59efea49bf877ce6259a7befce4828660f7a37b12ec3a84c1ecb
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46f90271b9841971288d1544e94394877203eefcd32b2cbe2d9b03fec869a633
48eef0addb763db2a4ae796eec3a919b828e0390bd0c861af7a06414b86c337b
4a02b434edb84f078f67ae040f565f6258b91dfa3f16ad8e305392cfe5d18e8c
4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
5059bfed12587f496894f97319682ccb715e7748ae93dd2cafd6310e914f3870
517a16fedc3c2f5ba86a4c4c9567552088e1572016fc835ba0bd79e83bdd1c6e
52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a
53ffa8bfd1d1e4f412c5cf0f3ed9bef23e43af5db5315e0fd13d0fe4376b8d52
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5c260937ddd7fd7dbbd098e2969d7c657a9ef854ef0458f22261447d18b5ca09
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c5e0ee01b43350fc63d6540019ca4a1a2fec438e09e225b715a442a63115f3
63720ceb15bfc3803b058c48499e5d61ac7db2e50b0281924d10d0f1eb40033e
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67193e1f8b13691632f81cb4ff92b09955e911cb7760b990eff3c1c258f02266
6d3c4628c0179519b756999976351d516b79bc9efa6c4275ac4fbca8ce0f50a8
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b
7e3bbce85c6a2804610806ac933293d2cdbff6c7d28a470af339b8c86d22ece9
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
821c1dba392245eac9a9d8709348b2e3dc9245eaeb40233a2f0d608060df20e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca76658afe65a55a56d4b0819cd3749888d68b7e8a8994f2a32f8d80166e37c
8d4842ea3131afb2c889435d7fa4da85c6692f42ad83a1b0087a47ed10c399fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e082114935d9b850c6d4df817a4d79d7c80de3f90ff5ae808e6be2232513052
8fb6cc23998741673cbd0e44e042fbbf46137022180dd4c8d9faf86c5f509320
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
9b9cb5ed20b53ea6b4ea1ff2355f4503a2b3a0811b5eea90a46d87932d45a077
9bebf16bfa9710edb204ea20eabab3b3f736f357d23107a4270c3389e91f58ea
9cf223a251f6471177739226d78debb1803735c527ff9106ba420c92e53d632e
9f3c45aae8d14cee7c2fa3bcd7604c6936a4886ff864fb743e11dc61705cd516
a04c0733de7586e4f40c17b0f84b63ecf1da88afe01cac3067ca16fefa7b95d9
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a325d69859df35ccdd1cd6a5b071bb9ef737b2775552c6c319f372a51f6fadd9
a405625d3620d1ef8d74c8bdfae7a609a563854125a2e4d306b9b33083a50c7c
a55150a4cc33c9d0e381368e1b4d6170a7fde72ecba6de0ab043b3dc43dfad73
aa87080829e2d6ea448f1271ed11a0ca76ac17c38cd96d6d68a61c426713a84d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b70d0ef148866eed1d3dd7b4741335e97561cad3fa53972ce36d903e1547a3aa
bc26dbe1a4b00ccf6f9c49bc5ff6ace515432606fedc85c6283c3265431fb724
bdfd83fd2d571329ff1a83795db1249cf059e106f0eeffcbf8b2d0816c599cb5
bf8e028caa6730932640ad679e31fe66ff9663aa29e214d151a889196081f9e9
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c348ab6de15c26b0acbf73117cc957127b32b670ea39528c659c137c35ca9b99
c61a5b3616fe58f512ff682458b601c81bd8c0d47730a3efb958ff8c06000d5b
c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901
cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d1fabd20a67738775bb84fda3b230d2f007a2c3a6629d327bc8ab4312cb5c0fe
d8808089e61d18c5c54b1be4b0d918e45cc09b748cf6af3c71c63c0750b21487
da6e5eccd6f46dd0b12fda7fa82a07ea7fb3a75467693c1c67c486f15cac91a2
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb75190c0b45dd7c1bfbf62ac7b6c1912ef72a53e104ca22130c06f4d6312ae4
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef120c66bc162befed856ab148da627719445c7846049a9b9d0caf1cf03aaaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f3d1fc2626c6ea0973dee40f4ea950ab4b64b405302f3d96fe92088f219376a9
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f4a2fb1bd486b246823cfb9750f25a4323a8f74c23968d4a6fcdd96a65511631
f5642eea8890a1123d9a49ae8efd66755a53d6b44301249f5d9b27b21acab85d
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.sophos.com Open in urlscan Pro 23.73.229.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

172 Requests

95 %HTTPS

38 %IPv6

42 Domains

60 Subdomains

47 IPs

4 Countries

2735 kBTransfer

7649 kBSize

59 Cookies

24 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sophos.com Open in urlscan Pro
23.73.229.203 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

95 %
HTTPS

38 %
IPv6

42
Domains

60
Subdomains

47
IPs

4
Countries

2735 kB
Transfer

7649 kB
Size

59
Cookies

172 HTTP transactions
2 data transactions