opti9tech.com Open in urlscan Pro
151.101.130.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7...
Effective URL:
https://opti9tech.com/observr-ransomware-detection-and-protection/
Submission: On July 10 via manual (July 10th 2023, 7:45:16 pm UTC) from US — Scanned from DE

Summary HTTP 151 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 52 IPs in 4 countries across 39 domains to perform 151 HTTP transactions. The main IP is 151.101.130.159, located in United States and belongs to FASTLY, US. The main domain is opti9tech.com.
TLS certificate: Issued by R3 on June 10th 2023. Valid for: 3 months.

This is the only time opti9tech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1edf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	151.101.130.159 151.101.130.159	54113 (FASTLY) (FASTLY)
1	35.201.125.192 35.201.125.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:bb41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:b200:9:7608:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:4600:14:6e14:cf80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:310... 2a02:26f0:3100::1735:28c0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:c9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2600:9000:225... 2600:9000:225e:f600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	2600:9000:225... 2600:9000:2250:1600:0:f267:a5c0:93a1	() ()
4	2606:4700::68... 2606:4700::6811:d6f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.128.224.79 3.128.224.79	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1a0... 2400:52e0:1a01::987:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:20e... 2600:9000:20eb:3800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:dcb6:b520:ea2:2b32	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 1	35.201.70.94 35.201.70.94	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:2600:4:d7e1:700:93a1	() ()
1	2606:4700::68... 2606:4700::6811:d4f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:69c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:75be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:65ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.189.9 13.224.189.9	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:8d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:f0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
151	52

2 2606:4700::6812:1edf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 151.101.130.159 (United States)

ASN54113 (FASTLY, US)

opti9tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.125.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.125.201.35.bc.googleusercontent.com

marvel-b2-cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:853b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bb41 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:b200:9:7608:8a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

consents-cf.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:4600:14:6e14:cf80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dsrportal-cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:28c0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c9f (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:f600:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2250:1600:0:f267:a5c0:93a1 (United States) 1 redirects

ASN- ()

marvel-b1-cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:d6f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.128.224.79 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-224-79.us-east-2.compute.amazonaws.com

cookie-cdn.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1a01::987:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:dcb6:b520:ea2:2b32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.70.94 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 94.70.201.35.bc.googleusercontent.com

marvel-processor.bc0a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2600:4:d7e1:700:93a1 (United States)

ASN- ()

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:69c7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:75be (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:65ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-9.fra2.r.cloudfront.net

tr-rc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cccc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:8d65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f0f (United States)

ASN13335 (CLOUDFLARENET, US)

2459647.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	opti9tech.com opti9tech.com	2 MB
13	bc0a.com 2 redirects marvel-b2-cdn.bc0a.com — Cisco Umbrella Rank: 26485 consents-cf.bc0a.com — Cisco Umbrella Rank: 50432 dsrportal-cdn.bc0a.com — Cisco Umbrella Rank: 108036 marvel-b1-cdn.bc0a.com — Cisco Umbrella Rank: 21693 cookie-cdn.bc0a.com — Cisco Umbrella Rank: 68703 marvel-processor.bc0a.com — Cisco Umbrella Rank: 40466	349 KB
7	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5014 app.hubspot.com — Cisco Umbrella Rank: 5255 track.hubspot.com — Cisco Umbrella Rank: 2542	24 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2811 d.adroll.com — Cisco Umbrella Rank: 1489	87 KB
6	gstatic.com fonts.gstatic.com	109 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	362 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5944	295 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4527 forms-na1.hsforms.com — Cisco Umbrella Rank: 7529	5 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 4529	24 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4752	670 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	815 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	68 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 17554 ibc-flow.techtarget.com — Cisco Umbrella Rank: 18818	2 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4009	27 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	255 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	133 KB
2	hubapi.com 1 redirects api.hubapi.com — Cisco Umbrella Rank: 3795	2 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5002 forms.hscollectedforms.net — Cisco Umbrella Rank: 5136	26 KB
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 15450 tr-rc.lfeeder.com — Cisco Umbrella Rank: 20074	11 KB
2	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5891	21 KB
2	t.co t.co — Cisco Umbrella Rank: 511	496 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2680	2 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 1037	6 KB
2	sidekickopen24.com 1 redirects t.sidekickopen24.com — Cisco Umbrella Rank: 80115	3 KB
1	hubspotusercontent-na1.net 2459647.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 34477	6 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5222	22 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3599	3 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2438	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2425	21 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	376 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 732	395 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4985	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7363	165 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	3 KB
151	39

	Domain	Requested by
46	opti9tech.com	t.sidekickopen24.com opti9tech.com
7	marvel-b1-cdn.bc0a.com	1 redirects opti9tech.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagmanager.com	opti9tech.com www.googletagmanager.com js.hsadspixel.net
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	s.adroll.com	1 redirects opti9tech.com s.adroll.com
4	forms.hsforms.com	js.hsforms.net opti9tech.com
4	fonts.googleapis.com	opti9tech.com
3	track.hubspot.com
3	www.google.de	opti9tech.com
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	static.addtoany.com	opti9tech.com static.addtoany.com
2	www.facebook.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	api.hubapi.com	1 redirects js.hsadspixel.net
2	api.hubspot.com	js.usemessages.com
2	www.google.com	opti9tech.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	a.omappapi.com	opti9tech.com a.omappapi.com
2	t.co	opti9tech.com
2	cookie-cdn.bc0a.com	consents-cf.bc0a.com
2	snap.licdn.com	opti9tech.com snap.licdn.com
2	js.hs-scripts.com	opti9tech.com
2	unpkg.com	opti9tech.com
2	t.sidekickopen24.com	1 redirects
1	2459647.fs1.hubspotusercontent-na1.net
1	tr-rc.lfeeder.com	opti9tech.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	forms-na1.hsforms.com	opti9tech.com
1	sc.lfeeder.com	opti9tech.com
1	marvel-processor.bc0a.com	1 redirects opti9tech.com
1	d.adroll.com	s.adroll.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	opti9tech.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	opti9tech.com
1	ws.zoominfo.com	opti9tech.com
1	trk.techtarget.com	opti9tech.com
1	static.ads-twitter.com	opti9tech.com
1	dsrportal-cdn.bc0a.com	opti9tech.com
1	consents-cf.bc0a.com	opti9tech.com
1	js.hsforms.net	opti9tech.com
1	kit.fontawesome.com	opti9tech.com
1	cdnjs.cloudflare.com	opti9tech.com
1	marvel-b2-cdn.bc0a.com	opti9tech.com
151	56

This site contains links to these domains. Also see Links.

Domain
blog.opti9tech.com
cloud.opti9tech.com
console.opti9tech.com
info.opti9tech.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.addtoany.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-11` - `2024-05-10`	a year	crt.sh
opti9tech.com R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
cdn.bc0a.com GTS CA 1D4	`2023-06-11` - `2023-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
consents-cf.bc0a.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-25`	a year	crt.sh
dsrportal-cdn.brightedge.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
marvel-cdn.bc0a.com Amazon RSA 2048 M01	`2023-02-09` - `2024-03-09`	a year	crt.sh
cookie-cdn.bc0a.com Amazon RSA 2048 M02	`2023-02-09` - `2024-01-29`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
a.omappapi.com R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-05-30` - `2023-08-28`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M01	`2023-03-22` - `2024-04-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-19` - `2023-07-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://opti9tech.com/observr-ransomware-detection-and-protection/
Frame ID: 2BC3C599C37BA769C388FDA2C7F27AE8
Requests: 138 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 299B8850F658322DDF58C5647D841BE3
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8938984/threads/utk/cfc8b804eb9145b8b21716502a7effe4?uuid=a7c3b3c6a08f4b27af8738bf8ef97a0d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=opti9tech.com&inApp53=false&messagesUtk=cfc8b804eb9145b8b21716502a7effe4&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 66DE41571CCA14D79BFFE0DB495484FF
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9720BE43025BD391089C8011E52B9419
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware Detection and Protection Services with Observr | Opti9Footer-Email-Icon

Page URL History Show full URLs

https://t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5... Page URL
https://t.sidekickopen24.com/events/public/v1/encoded/track/tc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfz... HTTP 307
https://opti9tech.com/observr-ransomware-detection-and-protection/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

151
Requests

96 %
HTTPS

81 %
IPv6

39
Domains

56
Subdomains

52
IPs

4
Countries

3953 kB
Transfer

8804 kB
Size

29
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.opti9tech.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://cloud.opti9tech.com/
Title: OptiXdashboard

Search URL Search Domain Scan URL

URL: https://console.opti9tech.com/login
Title: OptiXDashboard: Login

Search URL Search Domain Scan URL

URL: https://info.opti9tech.com/free-consultation
Title: Talk to Our Team

Search URL Search Domain Scan URL

URL: https://www.facebook.com/opti9tech

Search URL Search Domain Scan URL

URL: https://twitter.com/Opti9Tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/opti9technologies

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/opti9tech

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4PJ954bBSQW7X2xQJ3WvfnkVY1Nm64wD2McW8VSr9P3bKvlCW5KqCDj7J_7dQW2yScv_3Q0Z4RVp8Ly_4HsW2mW4sgCXG7K59WGW42c-Wb4nwkdDW1LmvnY6B0R2BVtLKmN3rbMmRVRchlh1LGfn9W2LXPWk7nvJVTW2k5f_s4cmybSW1kp4Sd8FcYlMW8yb9F3905V7_W1Trwqr8PRn_qf9lD5Gl04 Page URL
https://t.sidekickopen24.com/events/public/v1/encoded/track/tc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4PJ954bBSQW7X2xQJ3WvfnkVY1Nm64wD2McW8VSr9P3bKvlCW5KqCDj7J_7dQW2yScv_3Q0Z4RVp8Ly_4HsW2mW4sgCXG7K59WGW42c-Wb4nwkdDW1LmvnY6B0R2BVtLKmN3rbMmRVRchlh1LGfn9W2LXPWk7nvJVTW2k5f_s4cmybSW1kp4Sd8FcYlMW8yb9F3905V7_W1Trwqr8PRn_qf9lD5Gl04?_ud=547ba12f-2620-4ad7-86f8-90c929552f8d&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://opti9tech.com/observr-ransomware-detection-and-protection/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://s.adroll.com/j/exp/YLJM5F4ZX5CJLOEFYM54AA/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 99

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D13534%26time%3D1689018310944%26url%3Dhttps%253A%252F%252Fopti9tech.com%252Fobservr-ransomware-detection-and-protection%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true&liSync=true&e_ipv6=AQLaQwRQZQmsmAAAAYlBViNRJDONozmqKd3WmY_CLI7s9bLZZrvcHo-Iwsl0_QAnw2JeCy5IRXju3w

Request Chain 107

https://marvel-b1-cdn.bc0a.com/f00000000272752/t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87fa-8f432d84cf7e&tw_document_href=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5ima&type=javascript&version=2.3.29 HTTP 302
https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000272752&url=https://t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87fa-8f432d84cf7e&tw_document_href=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5ima&type=javascript&version=2.3.29 HTTP 307
https://t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87fa-8f432d84cf7e&tw_document_href=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5ima&type=javascript&version=2.3.29

Request Chain 123

https://marvel-b1-cdn.bc0a.com/f00000000272752/blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666 HTTP 302
https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000272752&url=https://blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666

Request Chain 149

https://api.hubapi.com/avatars/v1/signed-uris/1ClQKDwgEEgtqZWxlY29zLmNvbRjl0PWABiD5p4gGKidicmFuZGluZzphcGk6d2ViOnVzZXItdHJhZmZpYzp1cy1lYXN0LTEyDTcwLjE3MS4xNjIuMTESGQB7DcdkkAPusSJ-W-5S3ZghZFBrMpZbev4 HTTP 307
https://2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/cdef1ad5-0030-4e22-b630-dfd7b23a4cef.png

151 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4PJ954bBSQW7X2xQJ3WvfnkVY1Nm64wD2McW8VSr9P3bKvlCW5KqCDj7J_7dQW2yScv_3Q0Z4RVp8Ly_4Hs...
t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/ 8 KB
3 KB 275ms
209ms Document
text/html 2606:4700::6812:1edf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4PJ954bBSQW7X2xQJ3WvfnkVY1Nm64wD2McW8VSr9P3bKvlCW5KqCDj7J_7dQW2yScv_3Q0Z4RVp8Ly_4HsW2mW4sgCXG7K59WGW42c-Wb4nwkdDW1LmvnY6B0R2BVtLKmN3rbMmRVRchlh1LGfn9W2LXPWk7nvJVTW2k5f_s4cmybSW1kp4Sd8FcYlMW8yb9F3905V7_W1Trwqr8PRn_qf9lD5Gl04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1edf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7e4b4e260dd52bcf-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 10 Jul 2023 19:45:07 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-envoy-upstream-service-time: 6
x-evy-trace-listener: listener_http
x-evy-trace-route-configuration: listener_http/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5c4cb998cf-dzssm
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: bf134b2a-baa3-4b1a-b0e5-f6618c407997
x-request-id: bf134b2a-baa3-4b1a-b0e5-f6618c407997
x-robots-tag: none

GET
H2

200

Primary Request / Show response
opti9tech.com/observr-ransomware-detection-and-protection/
Redirect Chain

https://t.sidekickopen24.com/events/public/v1/encoded/track/tc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4P...
https://opti9tech.com/observr-ransomware-detection-and-protection/

139 KB
32 KB

1689ms
1041ms

Document
text/html

151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/observr-ransomware-detection-and-protection/

Requested by

Host: t.sidekickopen24.com
URL: https://t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4PJ954bBSQW7X2xQJ3WvfnkVY1Nm64wD2McW8VSr9P3bKvlCW5KqCDj7J_7dQW2yScv_3Q0Z4RVp8Ly_4HsW2mW4sgCXG7K59WGW42c-Wb4nwkdDW1LmvnY6B0R2BVtLKmN3rbMmRVRchlh1LGfn9W2LXPWk7nvJVTW2k5f_s4cmybSW1kp4Sd8FcYlMW8yb9F3905V7_W1Trwqr8PRn_qf9lD5Gl04

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

3a41479834a47d638fc4e589a37d5112a9c3c5af6ccae3d9721db05517b4ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://t.sidekickopen24.com/Ctc/5E+23284/d12NvM04/Jl22-6q7W7lCdLW6lZ3mvVfzKb188tx6YW2G5T9s878LW2W6CsV4m5j5S2QW4wccXF1MvfQPW7l6nv87GWps_W8KtmS46D6TcVW5ZrTfr8sk-svW7g4PJ954bBSQW7X2xQJ3WvfnkVY1Nm64wD2McW8VSr9P3bKvlCW5KqCDj7J_7dQW2yScv_3Q0Z4RVp8Ly_4HsW2mW4sgCXG7K59WGW42c-Wb4nwkdDW1LmvnY6B0R2BVtLKmN3rbMmRVRchlh1LGfn9W2LXPWk7nvJVTW2k5f_s4cmybSW1kp4Sd8FcYlMW8yb9F3905V7_W1Trwqr8PRn_qf9lD5Gl04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 32538
content-type: text/html; charset=UTF-8
date: Mon, 10 Jul 2023 19:45:09 GMT
fastly-restarts: 1
link: <https://opti9tech.com/wp-json/>; rel="https://api.w.org/" <https://opti9tech.com/wp-json/wp/v2/pages/15713>; rel="alternate"; type="application/json" <https://opti9tech.com/?p=15713>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
vary: Accept-Encoding
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cacheable: YES
x-content-type-options: nosniff
x-fw-dynamic: TRUE
x-fw-hash: 2jvtrzhdey
x-fw-serve: TRUE
x-fw-server: Flywheel/5.1.0
x-fw-static: NO
x-fw-type: VISIT
x-fw-version: 5.0.0
x-served-by: cache-cph2320029-CPH, cache-cph2320022-CPH
x-timer: S1689018309.580235,VS0,VE993
x-xss-protection: 1

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7e4b4e278fad2bcf-FRA
date: Mon, 10 Jul 2023 19:45:07 GMT
link: <https://opti9tech.com/observr-ransomware-detection-and-protection/>; rel="canonical"
location: https://opti9tech.com/observr-ransomware-detection-and-protection/
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-envoy-upstream-service-time: 26
x-evy-trace-listener: listener_http
x-evy-trace-route-configuration: listener_http/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5c4cb998cf-qsmbr
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: d9e46a1f-caa5-454d-b1b5-88d7262ea71f
x-request-id: d9e46a1f-caa5-454d-b1b5-88d7262ea71f
x-robots-tag: none

GET
H2 200 marvel.js Show response
marvel-b2-cdn.bc0a.com/ 9 KB
4 KB 110ms
30ms Script
application/javascript 35.201.125.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://marvel-b2-cdn.bc0a.com/marvel.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.125.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.125.201.35.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

190db2ea37186511e3cdfaeb6e37e68830c90647a9c18840f33ce00c03a05bd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 18:59:03 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline';
age: 2766
x-guploader-uploadid: ADPycduxZdG-o9ePYb_3ygW1oMxbmvQqm2Oxvg7DqDt17WAIEeT7576KbrfKnqaiZ-FVWXmXireChK7ocvvKTpx-kAl6
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3142
last-modified: Wed, 12 Apr 2023 17:03:33 GMT
server: UploadServer
etag: "0b57832ab47cd1fea51ee8a2dfa4f649"
vary: Accept-Encoding
x-goog-hash: crc32c=EF0vLQ==, md5=C1eDKrR80f6lHuii36T2SQ==
x-goog-generation: 1681319013677342
content-language: en
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 3142
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 10 Jul 2023 19:59:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 98ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700;800&family=Roboto:wght@400;700&display=swap

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94509b811fb897c2707da9d21d7c9bc9e4bf814a278c7fb87130ef2c93636f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 19:45:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 19:45:09 GMT

GET
H2 200 extra.min.css
opti9tech.com/wp-content/plugins/menu-icons/css/ 815 B
659 B 574ms
566ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/menu-icons/css/extra.min.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320036-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 359
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 May 2023 07:37:42 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.646115,VS0,VE523
etag: W/"64575546-32f"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 style.min.css
opti9tech.com/wp-includes/css/dist/block-library/ 95 KB
15 KB 201ms
194ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320034-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 15209
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.646099,VS0,VE151
etag: W/"646b76dc-17ced"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 classic-themes.min.css
opti9tech.com/wp-includes/css/ 291 B
374 B 192ms
184ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/css/classic-themes.min.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320029-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 211
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.646114,VS0,VE141
etag: W/"646b76dc-123"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
550 B 99ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cantarell%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3234921a3552693754891221b6bd64195423276f1993d072c2b853a516c8a181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 19:45:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 19:45:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
978 B 100ms
37ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B1%2C400%3B1%2C500%3B1%2C600&display=swap

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1faa1cd48625508863dbfc42db88613746e3b04486f587e6ffa63e329349ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 19:45:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 19:45:09 GMT

GET
H2 200 js_composer.min.css
opti9tech.com/wp-content/plugins/js_composer/assets/css/ 452 KB
51 KB 845ms
838ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320029-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 51728
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2023 05:37:54 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.646083,VS0,VE784
etag: W/"63bba832-70ee5"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 addtoany.min.css
opti9tech.com/wp-content/plugins/add-to-any/ 1 KB
724 B 212ms
205ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/add-to-any/addtoany.min.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320021-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 504
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 May 2023 17:03:54 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.651263,VS0,VE146
etag: W/"6456887a-5ef"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 style.css
opti9tech.com/wp-content/themes/opti9/library/css/ 233 KB
43 KB 455ms
448ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/css/style.css?v=2.0.5

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b989762eb16dd3748d4066478a267eca606cc4e6b43bf923c0525ab364279bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320048-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 43802
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Aug 2022 16:14:13 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.651224,VS0,VE400
etag: W/"62ed41d5-3a5d4"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 aos.css
unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 97ms
34ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:09 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 24084025
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01GEJX237P7Q8CJ8FAGPPNDT19-fra
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e4b4e339f509164-FRA

GET
H2 200 DOMPurify.min.js Show response
opti9tech.com/wp-content/plugins/svg-support/vendor/DOMPurify/ 21 KB
9 KB 453ms
447ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/svg-support/vendor/DOMPurify/DOMPurify.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

50c36bc2a71485bc6939c1f5de3d1b38ff260d9de91dac1855df0b50c35d81bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320029-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 8759
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2023 05:37:41 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.651181,VS0,VE394
etag: W/"63bba825-52b1"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 90ms
32ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5edf4f2675338b776f8a3808f691baf84f14a4e4d958ce49472e3ab7e7acebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 151836
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 01:33:48 GMT
server: cloudflare
etag: W/"c09-5ffdb9fda5dcc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7e4b4e3a19ca9243-FRA

GET
H2 200 jquery.min.js Show response
opti9tech.com/wp-includes/js/jquery/ 88 KB
34 KB 736ms
730ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320037-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 34228
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.651160,VS0,VE666
etag: W/"646b76dc-15ed7"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 jquery-migrate.min.js Show response
opti9tech.com/wp-includes/js/jquery/ 13 KB
5 KB 213ms
207ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320055-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 5079
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.651858,VS0,VE149
etag: W/"646b76dc-3470"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 addtoany.min.js Show response
opti9tech.com/wp-content/plugins/add-to-any/ 129 B
290 B 215ms
212ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/add-to-any/addtoany.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320029-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 126
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 May 2023 17:03:54 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.690229,VS0,VE145
etag: W/"6456887a-81"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 ajaxdata.js Show response
opti9tech.com/wp-content/plugins/animated-number-counters/assets/js/ 4 KB
2 KB 211ms
205ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/animated-number-counters/assets/js/ajaxdata.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ca30cd0252a329ba1b347154b2d0252c11bb8c2ddbf4f5ca4e1330e37ad353a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320041-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 1366
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 01 Jul 2023 11:57:56 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.651386,VS0,VE148
etag: W/"64a014c4-fd8"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 jquery.counterup.js Show response
opti9tech.com/wp-content/plugins/animated-number-counters/assets/js/ 6 KB
2 KB 517ms
511ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/animated-number-counters/assets/js/jquery.counterup.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

a941d7b38d251a1561d58a3622ab9b43c6b1579453f6d4d9d72b1695b3d2be0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320023-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 2185
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 01 Jul 2023 11:57:56 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.694491,VS0,VE420
etag: W/"64a014c4-1939"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 anc-6310-output.js Show response
opti9tech.com/wp-content/plugins/animated-number-counters/assets/js/ 2 KB
833 B 639ms
633ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/animated-number-counters/assets/js/anc-6310-output.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

660cd41589dea18335e376ff9af2b73de1a534bc67db7e364d3dab7e2282ccf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320048-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 589
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 01 Jul 2023 11:57:56 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693949,VS0,VE543
etag: W/"64a014c4-613"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 core.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 649ms
643ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320058-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 7638
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.694444,VS0,VE548
etag: W/"646b76dc-53be"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 mouse.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 650ms
645ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/mouse.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320043-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 1165
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.695018,VS0,VE549
etag: W/"646b76dc-d4a"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 sortable.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 25 KB
7 KB 521ms
516ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/sortable.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320050-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 7322
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693939,VS0,VE422
etag: W/"646b76dc-6369"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 datepicker.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 36 KB
12 KB 659ms
654ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/datepicker.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320043-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 12057
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693937,VS0,VE551
etag: W/"646b76dc-8f79"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 resizable.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 18 KB
6 KB 661ms
657ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/resizable.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

10a410ffc4397a10a60c58a979d3dfc8957258714e1a50f0acb6612eb74b90cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320051-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 5937
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.694953,VS0,VE550
etag: W/"646b76dc-4911"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 draggable.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 636ms
631ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/draggable.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320042-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 5386
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.694380,VS0,VE536
etag: W/"646b76dc-4791"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 controlgroup.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 648ms
644ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/controlgroup.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320043-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 1679
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.694446,VS0,VE548
etag: W/"646b76dc-1126"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 checkboxradio.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 631ms
627ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/checkboxradio.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320050-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 1515
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693754,VS0,VE537
etag: W/"646b76dc-10d5"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 button.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 632ms
628ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/button.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

c2e7e1df5aa596aa4afbf50374723963b66d3c94348d1410f2256d4aa86ddbaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320030-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 2129
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693747,VS0,VE537
etag: W/"646b76dc-17f8"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 dialog.min.js Show response
opti9tech.com/wp-includes/js/jquery/ui/ 13 KB
4 KB 629ms
625ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-includes/js/jquery/ui/dialog.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

a4bddb9535f5e3fe9e500616b2f1e4b10e1a5930a197848966a7c316838570a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320055-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 4165
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 May 2023 14:06:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693734,VS0,VE534
etag: W/"646b76dc-329d"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 events-manager.js Show response
opti9tech.com/wp-content/plugins/events-manager/includes/js/ 312 KB
94 KB 930ms
927ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/events-manager/includes/js/events-manager.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

3eb2861edb732eb23c1000b154b8fcb87a47320fe43b815911379ff3f26f60db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320026-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 95906
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Feb 2023 21:34:00 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693712,VS0,VE829
etag: W/"63dd7dc8-4de3d"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 svgs-inline-min.js Show response
opti9tech.com/wp-content/plugins/svg-support/js/min/ 2 KB
829 B 637ms
634ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/svg-support/js/min/svgs-inline-min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

eabc19480b6212343af7996aa06029eb00e8a05d9709b4c8b05e3222558a12f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320059-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 687
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2023 05:37:40 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693699,VS0,VE543
etag: W/"63bba824-601"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 modernizr.custom.min.js Show response
opti9tech.com/wp-content/themes/opti9/library/js/libs/ 15 KB
7 KB 240ms
236ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/js/libs/modernizr.custom.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320044-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 6547
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:50:30 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.693688,VS0,VE146
etag: W/"618a98c6-3b16"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/ 8 KB
3 KB 95ms
35ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/2.0.3/waypoints.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5244872
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2331
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-1f6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lySjIISW254lPGGCnfH%2FVnCjEhl5uLY6HE6uf86V%2BH1POfZ39jAXuFelGX4zu42lEda7zPMYP7XAJcOCBrN7Sl6%2F8cDsesx8SOD5gR7F8ubQxJA4RhfHIYkPoSTTev60ZsLZmrL9i%2Fmw8Lzy3P4pX28"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e4b4e3399191e51-FRA
expires: Sat, 29 Jun 2024 19:45:09 GMT

GET
H2 200 jquery.counterup.min.js Show response
opti9tech.com/wp-content/themes/opti9/library/js/ 1 KB
797 B 624ms
621ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/js/jquery.counterup.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320028-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 584
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:50:33 GMT
server: Flywheel/5.1.0
x-timer: S1689018310.695252,VS0,VE529
etag: W/"618a98c9-42b"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
703 B 100ms
42ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Cantarell&family=Fira+Sans

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b392e6c585b57dd55999531457c433e876b75f9cd32de9e12d935b9da839abbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 19:45:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 19:45:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 19:45:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 97ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-7468330-8

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0571c46bf812fc66f8f0acc12f36156d9d7d0f204d4184f0d32c395d4ec609cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 19:45:10 GMT

GET
H2 200 7d204ba156.js Show response
kit.fontawesome.com/ 11 KB
5 KB 124ms
55ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/7d204ba156.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb59b8fd31fb2b78a5c2f65db025d55fe61ecff4bc78edea2c8c9119c88836e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:09 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7e4b4e33afb318e3-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F2mrHTeGZFGgu81e_YyB

GET
H2 200 8938984.js Show response
js.hs-scripts.com/ 2 KB
785 B 474ms
422ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8938984.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebbbc31b6d99a985e1ebcb5094fd925a9b84d68f4e41e4d20861d8cf2bbcbb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: br
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6a145f8a-10dc-4278-9278-22ff8ce8dbb9
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6a145f8a-10dc-4278-9278-22ff8ce8dbb9
last-modified: Mon, 10 Jul 2023 19:45:11 GMT
server: cloudflare
x-trace: 2B66E6D20E15669DE87A1FF0392D060068FF6E24E4000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://opti9tech.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-t5ghn
cf-ray: 7e4b4e3a0f252bba-FRA
expires: Mon, 10 Jul 2023 19:46:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 92ms
36ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11108322289

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0afe69b38300c421e72173e8cecf4255cd4de9540a68f659ed56a9b061195a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70802
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jul 2023 19:45:10 GMT

GET
H2 200 search-icn.svg
opti9tech.com/wp-content/uploads/2023/05/ 318 B
488 B 216ms
213ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2023/05/search-icn.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

fc145aa9a15eab9e015cd197e0f98afe788cdc6cba808f7fe4068f9c02853772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320043-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 244
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 May 2023 20:52:08 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.690172,VS0,VE147
etag: W/"64556c78-13e"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 icons8-close.svg
opti9tech.com/wp-content/uploads/2023/05/ 443 B
538 B 216ms
214ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2023/05/icons8-close.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

c19b90059c78d2591627fa7bd27c9dd8b4b72a41cfb8036fb3e7c4c6f7ca71ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320026-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 268
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 May 2023 09:14:41 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.690157,VS0,VE153
etag: W/"64561a81-1bb"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 angle-down.svg
opti9tech.com/wp-content/uploads/2023/05/ 2 KB
883 B 587ms
585ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2023/05/angle-down.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

4db1811644b9e91322f9a2b9085e6b8adea7fc5561a6bc942c4da9683c519b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320054-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 680
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 May 2023 14:48:16 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.690146,VS0,VE541
etag: W/"645668b0-61f"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 facebook.svg
opti9tech.com/wp-content/themes/opti9/library/images/ 341 B
567 B 453ms
451ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/images/facebook.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

a4a06a5da0c393e4502d6db6c51202152a0e83d3ba6fc83004d322de0621f9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320035-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 264
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:49:19 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.690369,VS0,VE408
etag: W/"618a987f-155"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 twitter.svg
opti9tech.com/wp-content/themes/opti9/library/images/ 1 KB
670 B 215ms
213ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/images/twitter.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

48b1756d6578994fc692f7affe7e0ddd7e1bc9f732fa4993677b040e5ccdc3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320028-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 459
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:49:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.696122,VS0,VE139
etag: W/"618a9880-4af"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 instagram.svg
opti9tech.com/wp-content/themes/opti9/library/images/ 794 B
507 B 585ms
583ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/images/instagram.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

39a80ac217b9731415590c2469199129b49081c1d5f0afd194b89d845c342743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320034-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 365
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:49:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.696110,VS0,VE535
etag: W/"618a9880-31a"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 linkedin.svg
opti9tech.com/wp-content/themes/opti9/library/images/ 2 KB
1 KB 445ms
443ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/images/linkedin.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

751d7a9955eeb7c587ac871403b477ff6ec87d1f1374116b2a6bd52b95a6e929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320037-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 1204
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 09 Nov 2021 15:49:23 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.696096,VS0,VE394
etag: W/"618a9883-996"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 527 KB
165 KB 75ms
33ms Script
application/javascript 2606:4700::6810:bb41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-encoding: br
age: 119
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7e4b4b527caf9b1f-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df557d754a89ef0210bd93ff6301921d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3372/bundles/project-v2.js
date: Mon, 10 Jul 2023 19:45:10 GMT
x-amz-version-id: r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 497da40d-3402-4fe0-9afb-e5f6e651d69e
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 497da40d-3402-4fe0-9afb-e5f6e651d69e
last-modified: Tue, 27 Jun 2023 09:59:09 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8qSmWPa9M35hWcc5LTyzkOvNo7mvS1By9CZpbEaa0APBsNacgL4kiM5HoWvgqeO%2FnV9ea4%2BhatRYP2PLtelC89GogXzl9guXBxGh927poEo27yK5rFS6id0h0mBLcy0PV2mdQrMLX0Cxo%2BX"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xhv87
cf-ray: 7e4b4e38eb926987-FRA
x-amz-cf-id: RXTZNVZv6SpNnrXOYVkhW99JjGuDauT6rj9wFPvIzNx2rR6n7EEGFQ==

GET
H2 200 animate.min.css
opti9tech.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/ 16 KB
3 KB 183ms
182ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

3be6d6194e274dcf0f20f4bf43fb5c9c3ebbcbf46a6e625d17d104ffe3da525a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320021-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 2719
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2023 05:37:55 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.639621,VS0,VE146
etag: W/"63bba833-3f31"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: text/css
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 8938984.js Show response
js.hs-scripts.com/ 2 KB
1 KB 454ms
403ms Script
application/javascript 2606:4700::6812:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8938984.js?integration=WordPress
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acdd7f8526d146b1f20c0e9118b606c631cb1379b882bc540b4f42e84c9c8e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: br
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 899ff54a-4311-481f-9a15-0bd8b5571f4b
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 899ff54a-4311-481f-9a15-0bd8b5571f4b
last-modified: Mon, 10 Jul 2023 19:45:11 GMT
server: cloudflare
x-trace: 2BB41A7ED98AD626E7F16A2EAB00994A96DDECFF18000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://opti9tech.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-jknpv
cf-ray: 7e4b4e3a0f272bba-FRA
expires: Mon, 10 Jul 2023 19:46:11 GMT

GET
H2 200 rtafar.local.js Show response
opti9tech.com/wp-content/plugins/real-time-auto-find-and-replace/assets/js/ 19 B
224 B 190ms
190ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

51ff2b4b46acab057eba32dc5fbd0bcf410f0ad2bb75d7a92b230bc627d930d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320051-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 39
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Jul 2023 13:57:50 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.654586,VS0,VE154
etag: "64a576de-13"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 rtafar.app.min.js Show response
opti9tech.com/wp-content/plugins/real-time-auto-find-and-replace/assets/js/ 88 KB
34 KB 203ms
200ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6ea54ab8237e36baf0fd3859de432e13a1109a989881046e4e5a91dd008e372a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320037-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 34858
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Jul 2023 13:57:50 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.685015,VS0,VE149
etag: W/"64a576de-15ee0"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 scripts.js Show response
opti9tech.com/wp-content/themes/opti9/library/js/ 13 KB
5 KB 195ms
192ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/themes/opti9/library/js/scripts.js?v=1.1.7

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

33d5545581adfd062e796932104369009524476c9375ee4840b2b7bf56dbf038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320048-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 5032
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Jun 2022 20:07:26 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.684976,VS0,VE148
etag: W/"62a798fe-35be"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 aos.js Show response
unpkg.com/aos@2.3.1/dist/ 14 KB
4 KB 32ms
29ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/aos@2.3.1/dist/aos.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2680850
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01H2GRQ6P9KHGCC7Z3QQ77RHN9-fra
server: cloudflare
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e4b4e39befb9164-FRA

GET
H2 200 js_composer_front.min.js Show response
opti9tech.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 194ms
192ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320034-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 6128
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2023 05:37:54 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.684972,VS0,VE148
etag: W/"63bba832-4e52"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 vc-waypoints.min.js Show response
opti9tech.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/ 9 KB
3 KB 437ms
434ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320040-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 3009
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Jan 2023 05:37:56 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.684947,VS0,VE396
etag: W/"63bba834-2415"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: application/javascript
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 becookiebar.js Show response
consents-cf.bc0a.com/consentbar/corejs/ 17 KB
5 KB 96ms
21ms Script
application/javascript 2600:9000:2490:b200:9:7608:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consents-cf.bc0a.com/consentbar/corejs/becookiebar.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:b200:9:7608:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 108e0f4306dff46cfbf2f16fe72b5def03659cd0d1a80c2cb910be719d0c0e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 16:42:36 GMT
content-encoding: br
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 10 Jul 2023 16:42:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 10955
etag: W/"ca7efbcac3c93e3c1be9251ac40e36c8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wuKqkq8Cfp71n8UG6zUeq68IN2iLxbVWkRBB21tCXGWwPP8Cbw2vBw==

GET
H2 200 be-dsr.js Show response
dsrportal-cdn.bc0a.com/corejs/ 5 KB
2 KB 88ms
20ms Script
application/javascript 2600:9000:2251:4600:14:6e14:cf80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dsrportal-cdn.bc0a.com/corejs/be-dsr.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:4600:14:6e14:cf80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ac93e967b5b51aa5bf999c5af69656336f7260cc078483b1249cefc3db0724c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:43:36 GMT
content-encoding: gzip
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified: Wed, 24 Nov 2021 09:13:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 36155
etag: W/"1421180701f1ecb079d55b56f6e2fb23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uT7gwFgHjAt5l4I17v5QgED42H_6DF_HD4GZZ7CZYM6vCXwvzEaNYw==

GET
H2 200 B50NF7ZDq37KMUvlO015jKJr.woff2
fonts.gstatic.com/s/cantarell/v17/ 11 KB
11 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cantarell/v17/B50NF7ZDq37KMUvlO015jKJr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cantarell%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2a3c29f26a1966cc1241fc5e22fae97dd82447aec55b99ff5637ed012ba2298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:14:05 GMT
x-content-type-options: nosniff
age: 189065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10796
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 20:01:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 15:14:05 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 100ms
35ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7d204ba156
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d204ba156.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 650886
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzmEeog%2BsMM2HFT5T6gQ%2FZcsaAR%2BN%2Fv91P8gfY%2Fe74%2FoHV8Z7bI2VYMxNAFITQeQAHgNpjSTkIw1a0A0XdjA%2BcTXnazYTmcDFap0U5JHBGETtg0yVGthpO6KoAIeZLbWX76YySRAZNG3KUm1Dp7Bx7pwAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7e4b4e3a18f33730-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: z_lz--iXojqM65s2slOhrV87MQMsmiyOzyoFniEja6NJLWtFd5O5aw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 97ms
32ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7d204ba156
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d204ba156.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 650886
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUVPLgwJL%2BIdpRWiFdx7qFwJGFPvKNMz3jii4aZgo4NuEHCJrybfNbLDpcBn%2B4F4OemLcLVQCVGU9hGMow6MpDqq2lP1VL%2Bf43yMqKsOndURLr%2Far22a%2B%2Fe47pkq%2B663tLPvj3ZLpkhpbffhSJuY0yfYow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7e4b4e3a18f73730-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JwYK-x5HAmjACVaCSd9GfrFiMYAITCbU_9xfDwhp3bbobYJ-wsic7w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 94ms
29ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7d204ba156
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7d204ba156.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 650886
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f512srRHNM%2BpmaT2PMX%2BIb4%2BkfNgYm9O0RsVOuT%2Fn4Tw%2FbJ4fnmtsJvloFvjVWPxkXIeCbwmQQFVyhA39fh%2BJafE8cbrfouDdwTz97AsscfladrSQjuPJfnwPVSI3MNvMvZlJLGlrG33pkTUa%2B3wLr%2Fl6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7e4b4e3a18f93730-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 8oWc4ob15-AbcOY3rgal3Tl0kDWsHjXkImdUt5tqW9aV7uTrXT_dlg==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
772 B 131ms
33ms Script
application/x-javascript 2a02:26f0:3100::1735:28c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=41287
accept-ranges: bytes
content-length: 560

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 90ms
24ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230030-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
53 KB 139ms
84ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNFGXZN

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

692b8dc1f46ea142d0acefd784f6744a460d25824c6d903beef69dca2e26f7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53747
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jul 2023 19:45:10 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 127ms
72ms Script
text/javascript 2606:4700::6812:c9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 9391
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 7e4b4e3a9fb41c05-FRA
expires: Mon, 10 Jul 2023 20:05:10 GMT

GET
H2 200 63e2641b53682d9a61eeefc1 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 223ms
170ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/63e2641b53682d9a61eeefc1

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dd1f45763a299f4ffe8d41f3e16f0da7cf4c0aff2edbc0c847ff0555330b1af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7e4b4e3a9c7b91e4-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/YLJM5F4ZX5CJLOEFYM54AA/ 87 KB
26 KB 89ms
24ms Script
text/javascript 2600:9000:225e:f600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/YLJM5F4ZX5CJLOEFYM54AA/roundtrip.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d800a565af37a06348f4a6f655aa8376452566711e60646ffd309061ed52650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 19:41:19 GMT
X-Amz-Version-Id: 6rjFiBURvdnPDBq8pHMHPdPSU9JPrW01
Content-Encoding: gzip
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Age: 232
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 10 Jul 2023 15:27:15 GMT
Server: AmazonS3
Etag: W/"2636c14a474a22620deeca1505ff25f2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: A9mqvhJyMMLIz7Rw3qCoh-cWSZuAjjcS89QFt1NF07aMH22UHfmUqA==

GET
H2 200 Background-Pattern.png
opti9tech.com/wp-content/uploads/2021/09/ 1 MB
1 MB 999ms
998ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2021/09/Background-Pattern.png

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/wp-content/themes/opti9/library/css/style.css?v=2.0.5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

d78545c0b7a7dfc2263d56c365a550af362c42781f34a77d454f467841288460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/wp-content/themes/opti9/library/css/style.css?v=2.0.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320042-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 1323077
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Sep 2021 19:51:12 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.716458,VS0,VE946
etag: W/"61391430-146490"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/png
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 24 KB
24 KB 61ms
46ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B1%2C400%3B1%2C500%3B1%2C600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 07:25:42 GMT
x-content-type-options: nosniff
age: 217168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24868
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 07:25:42 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 76ms
62ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B1%2C400%3B1%2C500%3B1%2C600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 04:57:54 GMT
x-content-type-options: nosniff
age: 226036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 04:57:54 GMT

GET
H2 200 B50IF7ZDq37KMUvlO01xN4d-E46f.woff2
fonts.gstatic.com/s/cantarell/v17/ 11 KB
11 KB 71ms
57ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cantarell/v17/B50IF7ZDq37KMUvlO01xN4d-E46f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cantarell%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400%3B1%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298f6ec1b9034ddefe6a8a80872b68f2e13785956bc5f514c9404dcfc0a9d4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 17:15:51 GMT
x-content-type-options: nosniff
age: 181759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11496
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 20:01:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 17:15:51 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 40ms
26ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B1%2C400%3B1%2C500%3B1%2C600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 15:17:25 GMT
x-content-type-options: nosniff
age: 275265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jul 2024 15:17:25 GMT

GET
H2 200 Icon-Video-white.svg
opti9tech.com/wp-content/uploads/2022/05/ 73 KB
50 KB 701ms
698ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2022/05/Icon-Video-white.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

665ca4a39a0dd97940da4ae12cbf97924504a3eae9a103788c8689f78fc59259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320046-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 51219
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 May 2022 19:56:14 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.740103,VS0,VE655
etag: W/"6272da5e-1227d"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Cloud-Operations-OptiXdashboard-icon.svg
opti9tech.com/wp-content/uploads/2022/04/ 632 KB
276 KB 747ms
745ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2022/04/Cloud-Operations-OptiXdashboard-icon.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

576e599f21710e4bdf4c0a2795749995460e7e14e7dc9afe7779ef17ba43a7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320055-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 281729
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Apr 2022 23:54:20 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.740092,VS0,VE678
etag: W/"6263402c-9df81"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Icon-OptiXdashboard-2-white.svg
opti9tech.com/wp-content/uploads/2022/05/ 79 KB
55 KB 446ms
443ms Image
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opti9tech.com/wp-content/uploads/2022/05/Icon-OptiXdashboard-2-white.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

bd80945acfbae02f79c5c3b1ca2e99e05e94299e748a5ce28ad4146a0ec63bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320030-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 56282
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 May 2022 19:57:17 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.740072,VS0,VE400
etag: W/"6272da9d-13d04"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Opti9-Logo-Color-768x207.png
marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2021/11/ 22 KB
23 KB 130ms
46ms Image
image/webp 2600:9000:2250:1600:0:f267:a5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2021/11/Opti9-Logo-Color-768x207.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:0:f267:a5c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87877912c219724121e2d01a10dd4c150aef465878a1a2481a0d1b9717db2d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 14:23:04 GMT
x-amz-version-id: XblcWrjcrWMYIBPwqFej45S5RumAF8aX
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-request-id: 7A9VD93FW02BCVDB
x-amz-cf-pop: FRA60-P2
age: 19327
x-cache: Hit from cloudfront
content-length: 23028
x-amz-id-2: a1VpH13VhPr1FqKIW922DgNlQiqZAr+WjFllAPohe5ae9zuRlnlyMv5Gdvjh8aYCBHXcMprRp6s=
x-amz-expiration: expiry-date="Wed, 04 Dec 2024 00:00:00 GMT", rule-id="delete-old-images"
last-modified: Wed, 09 Mar 2022 22:58:13 GMT
server: AmazonS3
etag: "c37ae54d29e1b49b2268ae8b3ee073b7"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gx880euOrF7dmzjiDA2OX9IRU5dp3AwPPuHGr_8dbMCBxLxj4k2DwA==

GET
H2 200 Opti9-Icon-Color-300x186.png
marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2021/11/ 11 KB
12 KB 164ms
95ms Image
image/webp 2600:9000:2250:1600:0:f267:a5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2021/11/Opti9-Icon-Color-300x186.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:0:f267:a5c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe49b82c9b2f9e36646ca1713e72b1cd81e0e03a5044e12eeefd6074e363cb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: lOKGYxlU_84DpsaVy2IsOAHigX4DzCRi
date: Mon, 10 Jul 2023 19:41:19 GMT
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-request-id: 2X0JXV0VF6H9KP1K
x-amz-cf-pop: FRA60-P2
age: 232
x-cache: Hit from cloudfront
content-length: 11264
x-amz-id-2: gPYnAI+WvwxseClEc7tnMluzcb2RmtZp3rkNYGkFSMARZJwlDnbB90Q24RxKO876l9XMBzlnNdo=
x-amz-expiration: expiry-date="Wed, 04 Dec 2024 00:00:00 GMT", rule-id="delete-old-images"
last-modified: Wed, 09 Mar 2022 22:58:12 GMT
server: AmazonS3
etag: "9458697858a8fdc193555f37234a10cb"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FhwEi1sCqQtuVmhbs6Q-8ZK_nGk3LV6K86jbHoeCCsnZF_R944sHUg==

GET
H2 200 Observr-Mockup.png
marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2022/05/ 56 KB
56 KB 153ms
68ms Image
image/webp 2600:9000:2250:1600:0:f267:a5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2022/05/Observr-Mockup.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:0:f267:a5c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8444d677a0636a851042ed831fdf6c1c8f8356f464606f016b3d9b4e6f36166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 14:23:11 GMT
x-amz-version-id: j6tXfEYvC.8vsalqgvZNBVOJOfPiP8Ur
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-request-id: JMZ1GMSVS1SPYK1K
x-amz-cf-pop: FRA60-P2
age: 19320
x-cache: Hit from cloudfront
content-length: 57154
x-amz-id-2: r1qiqTl6/53EvizSbnzm2oya9b9hklxlqIgMdcezfZZ/E6O+liL51exVQzLTZk5Zf3wu4nr6FB8=
x-amz-expiration: expiry-date="Thu, 20 Feb 2025 00:00:00 GMT", rule-id="delete-old-images"
last-modified: Thu, 26 May 2022 14:28:40 GMT
server: AmazonS3
etag: "0d3e6c222cdf569f90e3aa21c1cb27db"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jV6lEWplRok3fmlv-FGl68pyCypufeAjdrUnf95LC_lGqHnEgp6xbg==

GET
H2 200 Backups-Illustration-2048x1462.png
marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2021/09/ 128 KB
129 KB 127ms
96ms Image
image/webp 2600:9000:2250:1600:0:f267:a5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2021/09/Backups-Illustration-2048x1462.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:0:f267:a5c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6ba469e76d0b61a0544433dd0a31056bc0187c8866357d8dd24000d67bdc18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 14:23:11 GMT
x-amz-version-id: y2rRnxRh.GKv94_Vte6ul1pg.VqVzvw7
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-request-id: JMZBX26JTNRTEMEN
x-amz-cf-pop: FRA60-P2
age: 19320
x-cache: Hit from cloudfront
content-length: 131272
x-amz-id-2: /IY6RH9ywF+l6IwftGk66klaa43VWM+dF4M0ABWpDNsNxOPQENAHTNbjj9KPMc6zu77Olu1Fm4g=
x-amz-expiration: expiry-date="Thu, 05 Dec 2024 00:00:00 GMT", rule-id="delete-old-images"
last-modified: Thu, 10 Mar 2022 08:56:59 GMT
server: AmazonS3
etag: "7be8891a927de9a66b2394667feebde0"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SdYs_EMQ_fPLHq7eJxFHPncJQWMa2youJH5jlS307dPb1ITh1AAUdA==

GET
H2 200 OptiXdashboard-Illustration-Cropped-2048x1809.png
marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2022/05/ 76 KB
76 KB 110ms
84ms Image
image/webp 2600:9000:2250:1600:0:f267:a5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2022/05/OptiXdashboard-Illustration-Cropped-2048x1809.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:0:f267:a5c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f597babc98bd8a421cd1aa35ad4b361ed91295d717b8781e074210a767d0ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 14:23:10 GMT
x-amz-version-id: fRBvQ9zoB8yONPqSQ67bqqgNj7G8A4z5
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-request-id: BCE9R4T5X3GTRCKC
x-amz-cf-pop: FRA60-P2
age: 19320
x-cache: Hit from cloudfront
content-length: 77602
x-amz-id-2: czrjk0bkEreC0qa6Hb/HmoHOpzSWd2ZPnFGSWb3fZxCYeAfQorNSzeHeMv6pbJPelNtmQmCmswo=
x-amz-expiration: expiry-date="Wed, 29 Jan 2025 00:00:00 GMT", rule-id="delete-old-images"
last-modified: Wed, 04 May 2022 20:22:06 GMT
server: AmazonS3
etag: "aec5badde291735408dd83fc7bedd60c"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VaZ19uI9kNd6LleHX1cXE_WctnAkyEFKAEK6XmmcSH-1MyE4UQdxFw==

GET
H2 200 OptiXdashboard-Illustration-2-768x820.png
marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2022/05/ 40 KB
40 KB 74ms
59ms Image
image/webp 2600:9000:2250:1600:0:f267:a5c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marvel-b1-cdn.bc0a.com/f00000000272752/opti9tech.com/wp-content/uploads/2022/05/OptiXdashboard-Illustration-2-768x820.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1600:0:f267:a5c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b918e8432adf14c5e699cde8388f2813cdea86e3713d74704118dbcbb8bb3e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 14:23:11 GMT
x-amz-version-id: JpMqG9UQbdi5TWOtP2JtJUouAOJDQ6XX
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-request-id: JMZ1EC8C2AS85A9N
x-amz-cf-pop: FRA60-P2
age: 19320
x-cache: Hit from cloudfront
content-length: 40826
x-amz-id-2: r8b8jfYg0n0OLk2YXWsvQEQjH45l9JiCkh6otQH2ek2UIGlu5CfuiZZThCHJxHgtZUXKaWFtb38=
x-amz-expiration: expiry-date="Wed, 29 Jan 2025 00:00:00 GMT", rule-id="delete-old-images"
last-modified: Wed, 04 May 2022 17:38:05 GMT
server: AmazonS3
etag: "dc5c93f0f2339203fcb96747d8fddf0e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 396bgfSSSzWKoYhwTQEYjZ5qnIC5eOEhX1IKASmOwa1CU6cczPZoYw==

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/8938984/98bc35eb-c068-44e7-8467-602d591d536b/ 2 KB
2 KB 225ms
176ms XHR
application/json 2606:4700::6811:d6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8938984/98bc35eb-c068-44e7-8467-602d591d536b/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c744346f2c0109f8a28ca6f7f143e0db5c68de2500b27a9869fca37f708390e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Mon, 10 Jul 2023 19:45:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 34d16716-dfe0-47f4-b839-c7f34fc0bb89
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 11
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 34d16716-dfe0-47f4-b839-c7f34fc0bb89
Server: cloudflare
X-Trace: 2B23EAD8072F905D55FED57D490DC6F6A82FB0571C000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://opti9tech.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7e4b4e3a98b49b8e-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 299B 677 B
541 B 31ms
31ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1562626
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7e4b4e3a7a1d9243-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 10 Jul 2023 19:45:10 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.ae8c9494.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 244ms
220ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.ae8c9494.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e184cdc472fa48e761950148678d41ab9cecea77994f660fff0b1bd3469eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 01:33:47 GMT
server: cloudflare
etag: W/"112eb-5ffdb9fd3494c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7e4b4e3a9e6f92ba-FRA

OPTIONS
H2 200 addcookieeventtoqueue
cookie-cdn.bc0a.com/ Frame 0
0 393ms
130ms Preflight
application/json 3.128.224.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie-cdn.bc0a.com/addcookieeventtoqueue
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.224.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-224-79.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://opti9tech.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 300
apigw-requestid: H3PnKgEICYcEP5Q=
content-length: 2
content-type: application/json
date: Mon, 10 Jul 2023 19:45:11 GMT
testdata: ok

POST
H2 200 addcookieeventtoqueue Show response
cookie-cdn.bc0a.com/ 146 B
277 B 174ms
173ms Fetch
application/json 3.128.224.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie-cdn.bc0a.com/addcookieeventtoqueue
Requested by: Host: consents-cf.bc0a.com
URL: https://consents-cf.bc0a.com/consentbar/corejs/becookiebar.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.224.79 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-224-79.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e9b0d5ecd09ee50f38a0a33085608503187934e52a97516800a9f158be7882ca

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 10 Jul 2023 19:45:11 GMT
content-length: 146
apigw-requestid: H3PnLi_riYcEP0Q=
testdata: ok
content-type: application/json

GET
H2 200 adsct
t.co/i/ 43 B
378 B 247ms
192ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87fa-8f432d84cf7e&tw_document_href=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5ima&type=javascript&version=2.3.29

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 173
date: Mon, 10 Jul 2023 19:45:10 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 714b4d38303a88d5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 84b1c47bcf2e8928f956096562c2cf9fb6492f0cc203faceacbe6557076f407f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 182ms
121ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87fa-8f432d84cf7e&tw_document_href=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5ima&type=javascript&version=2.3.29

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 102
date: Mon, 10 Jul 2023 19:45:10 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ff08115ecab7da4f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c7579ec5c25183e4c2416dbf2dad82f5d5228fbbcd644ac2e98cb9c43c843274
content-length: 43

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 38ms
38ms Script
application/x-javascript 2a02:26f0:3100::1735:28c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=21587
accept-ranges: bytes
content-length: 4807

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
84 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XC0MBWDMNH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7468330-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25e5325c6ea8417640101905e0e9e17f74c86fd4a8d04eebff28161cef852c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 10 Jul 2023 19:45:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7468330-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Jul 2023 18:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4191
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 10 Jul 2023 20:35:19 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 49 KB
18 KB 551ms
176ms Script
application/javascript 2400:52e0:1a01::987:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::987:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-987 /
Resource Hash: fb46e1656b437798d146bcfa5453bd05c5fb1442297ce3dbc03d9bf1f05f2e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cdn-storagebalancer: LA-244
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: br
cdn-edgestorageid: 1002
perma-cache: HIT
cdn-storageserver: DE-573
cdn-cachedat: 07/07/2023 21:09:28
cdn-pullzone: 293267
last-modified: Fri, 07 Jul 2023 21:09:27 GMT
server: BunnyCDN-LA1-987
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64a87f07-c29e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: b327fd158493ac1357f48bb2f3205275
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11108322289/ 3 KB
2 KB 119ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11108322289/?random=1689018310888&cv=11&fst=1689018310888&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&auid=1741454125.1689018311&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11108322289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

421d9f1d5977f0c3d67b01b3bada32c436dc02392f788da64c769b6e956a865f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1366
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 121 KB
47 KB 46ms
40ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-NXSMN3X

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNFGXZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97eaac93a310f2c490be7132817c4bc489fbbebe2e6194c0fb7ba677e829e095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48317
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jul 2023 19:45:10 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/YLJM5F4ZX5CJLOEFYM54AA/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

23ms
23ms

Script
application/javascript

2600:9000:225e:f600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: HTTP/1.1
Server: 2600:9000:225e:f600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Mon, 10 Jul 2023 10:41:13 GMT
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Age: 76579
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: n1GiBsGiOyozjxvNDfMJiKvqhKehcLUGUQWMrGQ5DT_iamsUwfBdew==

Redirect headers

Date: Mon, 10 Jul 2023 19:41:19 GMT
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Age: 231
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: x50otNN4PmqlBvL7vmllXVblpf-XjVNWU2PQ3fdTWAFGiEDqF9jfSA==

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
465 B 134ms
133ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=22067224&r=1689018310941&ref=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 22067224
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvfN7cX_EU8UJTlL8kHEpfbgXZuLzmq89Lv5CvKTw9twRhnNVwYAirHahJOTdo29H4AShvCAFBG7AaWzSh622Zc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Mon, 10 Jul 2023 20:45:11 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 186ms
126ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=22067224&r=1689018310941&ref=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://opti9tech.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 10 Jul 2023 19:45:11 GMT
expires: Mon, 10 Jul 2023 19:45:11 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ADPycdtlwm8py_b8a10zxlcT3ve381FokulkrCbvHmh6LWo5qJXK3N2uz9EJjVPxadvQTpeI6DTJVycKgpCV0zwgDUY0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/13534/domain/opti9tech.com/ 36 B
376 B 73ms
20ms XHR
application/json 2600:9000:20eb:3800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/13534/domain/opti9tech.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 14:23:03 GMT
content-encoding: gzip
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 19328
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=29980
x-amz-cf-id: _00OSH9Y5dpxR6V63rHMfysOr-PC9RF4qkaPSL9B_jGGoKzvD3f55Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D13534%26time%3D1689018310944%26url%3Dhttps%253A%252F%252Fopti9tech.com%252Fobserv...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true&liSync=true&e_ipv6=AQL...

0
267 B

231ms
146ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true&liSync=true&e_ipv6=AQLaQwRQZQmsmAAAAYlBViNRJDONozmqKd3WmY_CLI7s9bLZZrvcHo-Iwsl0_QAnw2JeCy5IRXju3w
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7CD31B5F66CF487BABD9FC2208F95F3E Ref B: DUS30EDGE0814 Ref C: 2023-07-10T19:45:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAJzh9In3ME1mLdHk5uw==

Redirect headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5CB4E6D596724E769CEF77F20FFC524A Ref B: FRAEDGE1313 Ref C: 2023-07-10T19:45:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=13534&time=1689018310944&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cookiesTest=true&liSync=true&e_ipv6=AQLaQwRQZQmsmAAAAYlBViNRJDONozmqKd3WmY_CLI7s9bLZZrvcHo-Iwsl0_QAnw2JeCy5IRXju3w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAJzh53NKZ//rJ2MzecQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 77ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XC0MBWDMNH&gtm=45je3750&_p=750790725&_gaz=1&cid=502106391.1689018311&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689018310&sct=1&seg=0&dl=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&dt=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XC0MBWDMNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://opti9tech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 94ms
28ms Ping
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XC0MBWDMNH&cid=502106391.1689018311&gtm=45je3750&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XC0MBWDMNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://opti9tech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 94ms
47ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XC0MBWDMNH&cid=502106391.1689018311&gtm=45je3750&aip=1&z=461598549

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
177 B 32ms
31ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=750790725&t=pageview&_s=1&dl=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&ul=en-us&de=UTF-8&dt=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABQAAAACAAI~&jid=953413228&gjid=786499846&cid=502106391.1689018311&tid=UA-7468330-8&_gid=423481835.1689018311&_r=1&gtm=457e3750&jsscut=1&z=2077689299

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://opti9tech.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YLJM5F4ZX5CJLOEFYM54AA Show response
d.adroll.com/consent/check/ 456 B
549 B 149ms
46ms Script
application/javascript 2a05:d018:cc3:fe04:dcb6:b520:ea2:2b32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/YLJM5F4ZX5CJLOEFYM54AA?pv=85658584215.22292&arrfrr=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&_s=6968563bef010dad4370469a413b1d54&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YLJM5F4ZX5CJLOEFYM54AA/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:dcb6:b520:ea2:2b32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 2b9c8313efc8a559ec201309ea77d2741755bc8f619194c9e53cc5214bf88e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
server: nginx/1.22.1
content-length: 456
content-type: application/javascript

GET
H2 200 /
www.google.com/pagead/1p-user-list/11108322289/ 42 B
455 B 85ms
34ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11108322289/?random=1689018310888&cv=11&fst=1689015600000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&frm=0&tiba=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1026237465&rmt_tld=0&ipr=y

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11108322289/ 42 B
154 B 33ms
33ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11108322289/?random=1689018310888&cv=11&fst=1689015600000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&frm=0&tiba=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1026237465&rmt_tld=1&ipr=y

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

https://marvel-b1-cdn.bc0a.com/f00000000272752/t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&...
https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000272752&url=https://t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C...
https://t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87...

43 B
118 B

207ms
206ms

Image
image/gif

104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 176
date: Mon, 10 Jul 2023 19:45:11 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6cb525195b866af7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 84b1c47bcf2e8928f956096562c2cf9fb6492f0cc203faceacbe6557076f407f
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:10 GMT
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
location: https://t.co/i/adsct?bci=3&eci=2&event_id=f7b91aeb-1485-4588-a8ef-79d64ae0c82d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5414054-4f4e-49a5-87fa-8f432d84cf7e&tw_document_href=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5ima&type=javascript&version=2.3.29
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 187ms
157ms Image
image/gif 2606:4700::6811:d6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2de1e921-4de6-4fd2-9277-14efea498809
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2de1e921-4de6-4fd2-9277-14efea498809
server: cloudflare
x-trace: 2B4FFBB90CEDACC3B513855C1815539CB66D2BC153000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-dfxrz
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7e4b4e3ccc356977-FRA

GET
H2 200 Footer-Email-Icon.svg Show response
opti9tech.com/wp-content/uploads/2021/09/ 6 KB
2 KB 660ms
659ms XHR
image/svg+xml 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://opti9tech.com/wp-content/uploads/2021/09/Footer-Email-Icon.svg

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

2ef54873da22db0e83d14b75d16866feb67e46835ae4fe7037af5accc036f6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS, MISS
fastly-restarts: 1
x-xss-protection: 1
x-served-by: cache-cph2320046-CPH, cache-cph2320022-CPH
x-fw-type: VISIT
content-length: 2400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Sep 2021 19:51:14 GMT
server: Flywheel/5.1.0
x-timer: S1689018311.148954,VS0,VE542
etag: W/"61391432-18b3"
x-fw-hash: 2jvtrzhdey
x-fw-version: 5.0.0
content-type: image/svg+xml
vary: Accept-Encoding, Authorization
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;700;800&family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 231284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 03:30:27 GMT

GET
H2 200 lftracker_v1_p1e024BL2BK8GB6d.js Show response
sc.lfeeder.com/ 30 KB
11 KB 236ms
144ms Script
application/javascript 2600:9000:2250:2600:4:d7e1:700:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_p1e024BL2BK8GB6d.js
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2600:4:d7e1:700:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10bbe2192f5c2f1b203ab4f12da4f7ade71d3c86dd3ecfc56610737f29eecdac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: S6.SeYkBdXH0qmv3fUZ4gwwC3RkB6f7C
content-encoding: gzip
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
date: Mon, 10 Jul 2023 19:45:12 GMT
last-modified: Mon, 26 Jun 2023 07:07:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"2a95212c3a281b75fcaa3f03da7c076f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: MnEDumpJ6pXYJseqWBAVkfRYVUzF9DLgJgYZVPXDxkpQ7HQ6U7D4tw==

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
983 B 202ms
153ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 19:45:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: eaf8f3e7-0658-4a87-8191-7bba1f27f42d
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: eaf8f3e7-0658-4a87-8191-7bba1f27f42d
Server: cloudflare
X-Trace: 2B4C666021912A1C0DB24E56F23373A1980AD4E273000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-jn5ls
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7e4b4e3d2d412c36-FRA

GET
H2 200 8938984.js Show response
js.hs-analytics.net/analytics/1689018300000/ 66 KB
21 KB 260ms
208ms Script
text/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1689018300000/8938984.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8938984.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883468372a4905c82ca5f076b633ec184f64120687666abf6f703f7154d8652d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: FTDBGBYH0YBS0GND
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0bdbcbcb-6bb7-4944-a394-e77284f1e898
x-envoy-upstream-service-time: 70
x-amz-id-2: Q2JAQuSSiO8+0vR/lAn1fd/Gd/nDH3tQ/9fi5aow9wBr48IPK3JeqcmuBZPTmtiUPfdied/ZxAI=
x-evy-trace-listener: listener_https
x-request-id: 0bdbcbcb-6bb7-4944-a394-e77284f1e898
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 15:01:39 GMT
server: cloudflare
etag: W/"a1eaf7bd31e62d51f0573a4e7a5bd813"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7e4b4e3d39ac1d88-FRA
expires: Mon, 10 Jul 2023 19:50:11 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8938984/ 209 KB
64 KB 458ms
408ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8938984/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8938984.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a8c3b760bff35666239e596a7d5cbad2f6e3eb5d527d827522b02cea8281b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-amz-version-id: _6DBCx2FMLq3Kwe9EAzhDB.LTGuGMrTI
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: G6FP2TPQA8AMEF8M
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: ad774892-fa18-4b5d-9355-4ae6d910c3c5
x-envoy-upstream-service-time: 98
x-amz-id-2: 3ad7oOA0O8hqQNRLU0FRUn67zgzEBNcAkSrGX1XfmDtvU4TCldVuknq0rMYtX0upv8z6K63t7LU=
x-evy-trace-listener: listener_https
x-request-id: ad774892-fa18-4b5d-9355-4ae6d910c3c5
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 22 Jun 2023 17:29:31 GMT
server: cloudflare
etag: W/"38646b28a9eb9056749f7750315160f6"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://hostedbizz.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7e4b4e3d3fda37c8-FRA
expires: Mon, 10 Jul 2023 19:50:11 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 199ms
142ms Script
application/javascript 2606:4700::6811:69c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8938984.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
Origin: https://opti9tech.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-amz-version-id: 3rNMTio6eswfsQ6sgXOFNNmyULDAVi34
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f2f39af8-f30d-4720-9024-d4976c39e92b
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.380/bundles/project.js&cfRay=7e4b4e3d3cb19060-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f2f39af8-f30d-4720-9024-d4976c39e92b
last-modified: Mon, 10 Jul 2023 09:43:19 UTC
server: cloudflare
etag: W/"85b7f9af32b27bd6cc93e80bfb2911df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-wd7jg
cf-ray: 7e4b4e3d3cb19060-FRA
x-amz-cf-id: NMiwVjb-mubtOiL03ZF1GPoFAf_aF8CCPlKfskwQsdf_mwxurpKNiw==
x-hs-target-asset: collected-forms-embed-js/static-1.380/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 86ms
33ms Script
application/javascript 2606:4700::6810:75be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8938984.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:75be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-amz-version-id: tZNqk9JR4hpL4HhK3M1JevHxbsFiShRO
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 451
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.382/bundles/pixels-release.js&cfRay=7e4b433a5c2c39ec-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 5b8faf8f-adf0-4b82-83a0-3a069fd10c93
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5b8faf8f-adf0-4b82-83a0-3a069fd10c93
last-modified: Tue, 20 Jun 2023 11:26:10 UTC
server: cloudflare
etag: W/"15e730192a32cd4563797f160ff1fd6f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-mm66x
cf-ray: 7e4b4e3d3b7d1942-FRA
x-amz-cf-id: G6JA_xE_XFEzWh3W9jbHW6NH5Xx4dioVluY_Lj-OJoeieKSde1tk3w==
x-hs-target-asset: adsscriptloaderstatic/static-1.382/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
22 KB 84ms
31ms Script
application/javascript 2606:4700::6811:65ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8938984.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:65ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c4495857616105157baa89caee2ef427fcb4fab4183d4e4b6b686e97ca4eea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
x-amz-version-id: cEbcZKKjYfgnQYQfQwG6R0hUhblxYW3W
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 29
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13538/bundles/project.js&cfRay=7e4b4d88f81bbb8b-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a6e35c8d-f92e-4680-bf92-ae19e057aba7
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a6e35c8d-f92e-4680-bf92-ae19e057aba7
last-modified: Fri, 30 Jun 2023 06:08:01 UTC
server: cloudflare
etag: W/"c8d00711b661f5000343a50b4d377d25"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
cf-ray: 7e4b4e3d39b11d88-FRA
x-amz-cf-id: G4uDvn02xDIEf7IkwyZ2rTmzvdB-f68KQ08d2EZq2oBIokyWYdJ6Tg==
x-hs-target-asset: conversations-embed/static-1.13538/bundles/project.js

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 418 KB
56 KB 23ms
22ms Script
text/javascript 2600:9000:225e:f600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YLJM5F4ZX5CJLOEFYM54AA/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding: gzip
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Date: Mon, 10 Jul 2023 19:42:25 GMT
Age: 184
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 21:39:27 GMT
Server: AmazonS3
Etag: W/"3306a47faf7223d93fb356e8a73d1942"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: zwsyp8xjot0mxVzQJDN6d-msxVetJ1fBfQrFJRfcNdRqj5v-_AKMyg==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 25ms
25ms Image
image/png 2600:9000:225e:f600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Sun, 09 Jul 2023 23:35:13 GMT
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Age: 84179
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: mw0RXtd1cOLwMD8s3o4BEsIQqAyC4Yeo-L-M_RUkJxDlN6gpTQiGCA==

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 208ms
143ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=8938984&conversations-embed=static-1.13538&mobile=false&messagesUtk=cfc8b804eb9145b8b21716502a7effe4&traceId=cfc8b804eb9145b8b21716502a7effe4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://opti9tech.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://opti9tech.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e4b4e3ded41900a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 10 Jul 2023 19:45:11 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4%2FJb%2BTIfVQr0FG2A%2FtBRQPHzT1aEOKB0LR6rpKjRUXqn9tk0c8TiOiPCN66OtMwzTcg5XZs55kLCxfiGRsomyWH%2Fd7Ne7qLTu8Ds8nKaNLtcnXH9O5SAQRuvD4urWe7r9KrnQ3ROkZcjQJd7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-5grng
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: a0492db0-64cf-42f6-a4f4-b98337eb3260
x-request-id: a0492db0-64cf-42f6-a4f4-b98337eb3260
x-trace: 2BE9FDD8C86900DCFE9BD247C355223769DB317D90000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 249ms
248ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ae7b6b69d2b9586954b5ae37b9b43ba1182c5afb0ad70eff7a8289e5b6515a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bd84e0bb-4843-406d-92db-d0ea7ea75ebc
x-envoy-upstream-service-time: 76
alt-svc: h3=":443"; ma=86400
content-length: 1471
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bd84e0bb-4843-406d-92db-d0ea7ea75ebc
server: cloudflare
x-trace: 2B7C04E38B70D48A91BB862110354AFDD2C48155B9000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://opti9tech.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-fmst8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qHger%2FMgXzFX5gRkN%2BYxoj%2Fj1jMDiut7TzVFpHoBFrBKgpFvKAmiMpGcIx0CsoOkh64X4nwe9Ctq666laOw5NtmiHXUXNaAIMASzXAD5oaqrKtSTS%2F09OB0grea2SQWSbHao%2FAQQbqP6aCAGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7e4b4e3ede45900a-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
BLOB 200
OK 55fb6dbe-174e-47a5-98db-bcf6f845e666
https://opti9tech.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET

loadUrl
marvel-processor.bc0a.com/snowcloud/v1/api/
Redirect Chain

https://marvel-b1-cdn.bc0a.com/f00000000272752/blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666
https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000272752&url=https://blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666

0
0

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
430 B 156ms
140ms XHR
application/json 2606:4700::6811:69c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=8938984&utk=
Requested by: Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3989ff60864a602a2e76ad112d92c41825317af29412b1f1667bd9d431c618bf

Request headers

Accept: application/json, text/plain, */*
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f9c50aa7-d2c7-4051-935d-91dd60804188
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f9c50aa7-d2c7-4051-935d-91dd60804188
server: cloudflare
access-control-max-age: 180
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://opti9tech.com
x-evy-trace-virtual-host: all
content-type: application/json;charset=utf-8
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7e4b4e3e7e569060-FRA

GET
H2 200 /
tr-rc.lfeeder.com/ 43 B
292 B 158ms
80ms Image
image/gif 13.224.189.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr-rc.lfeeder.com/?sid=p1e024BL2BK8GB6d&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTc0NjgzMzAtOCJdLCJnYU1lYXN1cmVtZW50SWRzIjpbIlVBLTc0NjgzMzAtOCIsIkFXLTExMTA4MzIyMjg5IiwiRy1YQzBNQldETU5IIl0sImdhQ2xpZW50SWRzIjpbIjUwMjEwNjM5MS4xNjg5MDE4MzExIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjEuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9vcHRpOXRlY2guY29tL29ic2VydnItcmFuc29td2FyZS1kZXRlY3Rpb24tYW5kLXByb3RlY3Rpb24vIiwicGFnZVRpdGxlIjoiUmFuc29td2FyZSBEZXRlY3Rpb24gYW5kIFByb3RlY3Rpb24gU2VydmljZXMgd2l0aCBPYnNlcnZyIHwgT3B0aTkiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImZlOTA0M2Q0ZTU0N2VjZmIiLCJzY3JpcHRJZCI6InAxZTAyNEJMMkJLOEdCNmQiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLmNjNDA1ZjY5MzhkMjFjNjMuMTY4OTAxODMxMTQxMyIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJvbl9zY3JpcHRfbG9hZCJ9
Requested by: Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-9.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: uUYmu9Uo2U4uJSsud_Ekg-ZAgEeD_fCU8ZhS_6lMo_oC8T7sQBhh2g==

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
590 B 154ms
153ms Image
image/gif 2606:4700::6811:d6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=4

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 95cd034c-9554-4029-8de6-46e312a93675
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 95cd034c-9554-4029-8de6-46e312a93675
server: cloudflare
x-trace: 2BFA6F7F4CDA830689664A93BFDAD76CC864E1BE84000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-dfxrz
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7e4b4e3f6f9d6977-FRA

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 10 KB
3 KB 177ms
177ms Stylesheet
text/css 2400:52e0:1a01::987:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::987:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-987 /
Resource Hash: b140cee43460772fc3680cd083d2fedf86e3d7bcfbb68194323e51d09abfcee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cdn-storagebalancer: LA-295
date: Mon, 10 Jul 2023 19:45:11 GMT
content-encoding: br
cdn-edgestorageid: 1110
perma-cache: MISS
x-amz-request-id: P7GSJ551BJTQAF89
x-amz-server-side-encryption: AES256
cdn-cachedat: 07/07/2023 21:09:27
cdn-pullzone: 293267
x-amz-id-2: nc58hXN/v+H2XZG6MIHTI3NXS/qDKdY4H+jWG/JNO74LKPGQAICjKLA62KYRkORM5S0Gw8Qi5ms=
last-modified: Thu, 06 Jul 2023 19:11:31 GMT
server: BunnyCDN-LA1-987
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"514882db6c701bf47409b5010f143121"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 89ed9221ed945d1dc880c0b31e8a7cf3
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 189 B
1 KB 489ms
150ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8938984

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30c05e805f05173df7aafedaeea93a3d69f2e8ad8a6553db9d7b9b1e791cbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3d9aeaf0-a234-4c8e-81f1-bcb49ede87b5
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3d9aeaf0-a234-4c8e-81f1-bcb49ede87b5
server: cloudflare
x-trace: 2B72646CEAB556CA855664400F0A62D6E53CAE9B77000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://opti9tech.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-vrfj9
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcW4xrTJNgTIuOzx8ZVgiPD1MdK2%2Flat5sU6xw8YTkIKv6ze5r89hinlbaAu81skonMcsQqfNmjBhy5x7MM3odZizbNH%2FInVx5OnJoWLNVVW50tSLLkFcG9FmPAKkIR5LiUINtEjGN7HbRpE"}],"group":"cf-nel","max_age":604800}
cf-ray: 7e4b4e421c34900c-FRA
access-control-allow-headers: *

GET
H2 200 cfc8b804eb9145b8b21716502a7effe4 Show response
app.hubspot.com/conversations-visitor/8938984/threads/utk/ Frame 66DE 53 KB
19 KB 282ms
223ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/8938984/threads/utk/cfc8b804eb9145b8b21716502a7effe4?uuid=a7c3b3c6a08f4b27af8738bf8ef97a0d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=opti9tech.com&inApp53=false&messagesUtk=cfc8b804eb9145b8b21716502a7effe4&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

909b5ea9cda76da3a0bcd2f1187035cfaf1898127feebf6681f796991727ab70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 645
alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 7e4b4e40d9923a6d-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.15990/html/index.html&cfRay=7e4b4e40d9923a6d&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F8938984%2Fthreads%2Futk%2Fcfc8b804eb9145b8b21716502a7effe4%3Fuuid%3Da7c3b3c6a08f4b27af8738bf8ef97a0d%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dopti9tech.com%26inApp53%3Dfalse%26messagesUtk%3Dcfc8b804eb9145b8b21716502a7effe4%26url%3Dhttps%253A%252F%252Fopti9tech.com%252Fobservr-ransomware-detection-and-protection%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&cfenv=prod&pdt=2023-07-10&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 10 Jul 2023 19:45:12 GMT
etag: W/"17c3d38cac78b624a43a555971fdf1a7"
last-modified: Fri, 30 Jun 2023 06:08:01 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7e4b4e40d9923a6d&resource=conversations-visitor-ui/static-1.15990/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-amz-cf-id: Wjw6gA7IRlL8_2Lq43hUSMHRpW59jsgn3I5fgcHHP3vvIPwdrhfcBQ==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: yaWeuZufcTQHrAWTYxpqM9G5GYgJf96n
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-8rxrz
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.15990/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 225ade88-bef8-4cd7-aa29-2631fb3303b3
x-request-id: 225ade88-bef8-4cd7-aa29-2631fb3303b3

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.338/ Frame 66DE 44 KB
17 KB 299ms
45ms Script
application/javascript 2606:4700::6812:8d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.338/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8938984/threads/utk/cfc8b804eb9145b8b21716502a7effe4?uuid=a7c3b3c6a08f4b27af8738bf8ef97a0d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=opti9tech.com&inApp53=false&messagesUtk=cfc8b804eb9145b8b21716502a7effe4&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef39ee441c4e7792c5cda9a8bd86ddce96d9b17bda0cc9f7187f1a70ce9b3ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
x-amz-version-id: uq4ahwTgbmdDVq3iqHPHE8OZSufTo1wc
via: 1.1 9dcbfb7225622c2aeed01d74cae329de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: DFW56-P3
age: 1038691
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 15:18:57 GMT
server: cloudflare
etag: W/"d4a36ffcc533bcbae2a557884d3059e8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nTM%2F%2B45EwZjS8kIg%2BzKbU%2BqLwSd6F2tQTXt9mWtUJ4DF5hOMd%2BphtcwUtFL5MXA7yCvaJdww8LABCSV8zZtBSWYBC%2ByniGrm518usDfFB0mbprvFixLtlJEZunQaiRPLqnzOlgy%2FGmkOvVV0xzqc1rTPHE%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7e4b4e445e673a67-FRA
x-amz-cf-id: WCB6sbsj641bNkTUZYeHeQqqPFvy0eG6CW_nsGKruKsQOlnSKL3EdQ==
expires: Tue, 09 Jul 2024 19:45:12 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame 66DE 20 KB
4 KB 301ms
48ms Stylesheet
text/css 2606:4700::6812:8d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
x-amz-version-id: eTttM9S_vWGkXsa3G13R54bOHuRyRlPL
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1522518
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 22:24:16 GMT
server: cloudflare
etag: W/"8b2053a9d9199e217c1f3e61d80f5d90"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJifNRD8UJo%2Bb%2FU4MhXzT2TZ2U7L%2F9Nxd%2Bd2CNrafD7JTau6X5Q2W0clYlrHY5tpkbvIAZX9K%2FYBCLH5qyGZAIsiunObrSNpC9w2MPcseT86eta8o62Oow4J%2FIIcl27g09olmhLZbt2fDXr8KJCCBNHepXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7e4b4e445a8d1cc7-FRA
x-amz-cf-id: F69-l_lgR8CvzYkALyJjbsbMoXGo16KCrraz0StpySiZ-WJRV87_8A==
expires: Tue, 09 Jul 2024 19:45:12 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.427/ Frame 66DE 295 KB
94 KB 304ms
51ms Script
application/javascript 2606:4700::6812:8d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.427/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c75fd2e843221da87f399a0f8470249260657792d8136d51c8d57e4274e2b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
x-amz-version-id: VUEPzEAnhIbHLTlqmFbj6aB9sYA9LJcM
via: 1.1 f7ed3df0e52b293c6e9c3d70718876fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P4
age: 1066205
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 28 Jun 2023 10:15:34 GMT
server: cloudflare
etag: W/"91d6934409e5fa7ce79402c0941cb496"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slVi6SqZn1hPl8jxEjqEzlX5lvu%2B6adfU1gGlJ6yJV9lLDCFtZ4Xxrh5UrxWSCbAIHhq19ZC5hsWw1Oa4Ga%2BquoYSGT55sx2%2BawvhubVB73EWg5HESvBDdL2v%2FqfP3DVHPDuc0YDJf8YFzqEibu3tSu%2BV7o%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7e4b4e445e6e3a67-FRA
x-amz-cf-id: DYgHrhpEBzk54qJtkH6MqNq8gUd98aGDcKuvA2CRvQDISZqKWznvMQ==
expires: Tue, 09 Jul 2024 19:45:12 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15990/bundles/ Frame 66DE 610 KB
179 KB 337ms
84ms Script
application/javascript 2606:4700::6812:8d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15990/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8d393e6230b2bee34220f5de34b004a2b37e2fdf7bf6d94cd105648252d9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
x-amz-version-id: LmtB_4AMdjp0ZEdC14N5TK0jhgdFrlnR
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 869819
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 30 Jun 2023 17:32:40 GMT
server: cloudflare
etag: W/"1c812097d042c3ae61cffb80672ead3f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qvBHHVS%2BsG3eNO2YoCl0fDou2WxAqcCP%2BP7aVNqGyXVHAcWm2WN%2BcJEy1kDyjjR7zUCJorZ6LNozb9CFWEKDmSJDoWri%2BIn4M08W9czbv10NOgqR93cul%2BcOUynqI%2BuMa0MzLtZnghrY2rSTr%2FvmBgPgd8%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7e4b4e445e6f3a67-FRA
x-amz-cf-id: 3pJR91UkKsVFD3J9d7p_gelrS-6vwnGm2NqF8G4kDnfS00DYGdhtOg==
expires: Tue, 09 Jul 2024 19:45:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
54 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071339262

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfd7a0e6ecc4ede42396076364ee42996cd73bd215550022b5180ff09aca8afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55128
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jul 2023 19:45:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
54 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1071339262&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7468330-8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c69a07fa92b5b3e6550810c0c0361235cfde7af0fd8e3f271d65646d47fb9a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55172
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jul 2023 19:45:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071339262/ 3 KB
2 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071339262/?random=1689018312365&cv=11&fst=1689018312365&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1741454125.1689018311&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071339262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

164c1a90aee049a19542ac6eaae1df77aa5f9a795a49fd3d775194596cddc53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1366
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071339262/ 42 B
108 B 41ms
40ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071339262/?random=1689018312365&cv=11&fst=1689015600000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&frm=0&tiba=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=47419688&rmt_tld=0&ipr=y

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071339262/ 42 B
108 B 38ms
38ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071339262/?random=1689018312365&cv=11&fst=1689015600000&bg=ffffff&guid=ON&async=1&gtm=45be3750&u_w=1600&u_h=1200&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&frm=0&tiba=Ransomware%20Detection%20and%20Protection%20Services%20with%20Observr%20%7C%20Opti9&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=47419688&rmt_tld=1&ipr=y

Requested by

Host: opti9tech.com
URL: https://opti9tech.com/observr-ransomware-detection-and-protection/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 19:45:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.15945/ Frame 66DE 776 B
863 B 36ms
35ms Script
application/javascript 2606:4700::6812:8d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.15945/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15990/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4f491dba594ca9a2c0bf654e450c3bd5a22871a10470820e1cdffc35d4184ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:12 GMT
x-amz-version-id: SlRthUIKq4Bq28o.5dF3tzmkla37nKt5
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1137574
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Jun 2023 13:11:01 GMT
server: cloudflare
etag: W/"395b3a2954ff1c20d3a32379eb98bb24"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbNK6EXxSi9rehrH%2F3vEYBua%2FkelVRKPxQlGMHygHLMYw3tuBJk7F4NcbWMJZDAtMwMD006focl5XzlJs9SjqawN1jZKiaE1LXzMMpm6vhP6fV%2FI%2Fp89JlibuYJTeJsgs7d1hI%2BoIt72wXz6kndcAvYuDw4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7e4b4e459fe23a67-FRA
x-amz-cf-id: qIjCpY0oIqiewy80HTBdGJGWB7X67vlWSbtrqsvPBFnZ-KQUPn6Dtg==
expires: Tue, 09 Jul 2024 19:45:12 GMT

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 66DE 0
1 KB 360ms
360ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15990

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15990/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/8938984/threads/utk/cfc8b804eb9145b8b21716502a7effe4?uuid=a7c3b3c6a08f4b27af8738bf8ef97a0d&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=opti9tech.com&inApp53=false&messagesUtk=cfc8b804eb9145b8b21716502a7effe4&url=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 Jul 2023 19:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 48464068-2774-4753-8680-b3f5949624f2
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 48464068-2774-4753-8680-b3f5949624f2
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf9BL31%2FRj7yPZrE%2FtUHQHl6PfLum6H%2FAJvyoJC8L3%2BNbUFardXjvZMCCXaydzaARTq3X6zP2xbM6yViMN%2BnQpadmckZMCRqEKpmBE4ILZPVDR5ZU4VTbMDnzfYGeBvfIa9pqFbJc6QQTck4LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-2nhmb
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 7e4b4e47eaf33a6d-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 69ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Jul 2023 19:45:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: IAH8sKJAmggwDPvj5DGty88tvdKurHBuqKc7DH66f3YCRRMPOogRXuaU8HGoqwNJ5an6rnSa+8TDhZ1l0Gc3Sw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
519 B 148ms
139ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=8938984&ct=standard-page&rcu=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&pu=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&t=Ransomware+Detection+and+Protection+Services+with+Observr+%7C+Opti9&cts=1689018313221&vi=422be2ec9dd370eeff6fe722c56286bd&nc=true&u=100357441.422be2ec9dd370eeff6fe722c56286bd.1689018313218.1689018313218.1689018313218.1&b=100357441.1.1689018313218&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a3da19d4-20c3-428b-8fc3-5c90f1a7705b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3da19d4-20c3-428b-8fc3-5c90f1a7705b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmTxbuj4%2B6dGs6Iy6m4GGak6G1tYiiA9fnwzdRwBAK1ScwWWxlURGbIzeyajaMS0mOnhf1vM8mtk1mb7%2BoXwGb6VXUvcaudTaFxL2U4vPfXF2SGX9esXDjoIMUCdG97xW94thwWQ7iYd4VBacL3l"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-xtt4j
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e4b4e49cd4c3a6d-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
526 B 155ms
152ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=98bc35eb-c068-44e7-8467-602d591d536b&fci=6b674c1e-48d9-4770-b92b-7455b0f418b2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=8938984&ct=standard-page&rcu=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&pu=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&t=Ransomware+Detection+and+Protection+Services+with+Observr+%7C+Opti9&cts=1689018313222&vi=422be2ec9dd370eeff6fe722c56286bd&nc=true&u=100357441.422be2ec9dd370eeff6fe722c56286bd.1689018313218.1689018313218.1689018313218.1&b=100357441.1.1689018313218&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f224e10c-ee16-4e51-8375-9d3b443f79b0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f224e10c-ee16-4e51-8375-9d3b443f79b0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rf0Fmvrx%2BS8h5xbM4lSRCukFjGtkK4Qznx1DRbhthPJ6IJT01tMPhEAcOlbFmJxrEt64xiiod%2FWLSRwFsPhpmtvz%2BylgHR1N6JBm79ASwtudF20dMA8KW6ZXpP7RUJxZayrAt%2FgU60YtcMc5s3Ux"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-zkwrk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e4b4e49cd4a3a6d-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
592 B 144ms
141ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=98bc35eb-c068-44e7-8467-602d591d536b&fci=6b674c1e-48d9-4770-b92b-7455b0f418b2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=8938984&ct=standard-page&rcu=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&pu=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&t=Ransomware+Detection+and+Protection+Services+with+Observr+%7C+Opti9&cts=1689018313223&vi=422be2ec9dd370eeff6fe722c56286bd&nc=true&u=100357441.422be2ec9dd370eeff6fe722c56286bd.1689018313218.1689018313218.1689018313218.1&b=100357441.1.1689018313218&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5e0a7e0d-c8df-4564-be04-59d1bf181fb0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5e0a7e0d-c8df-4564-be04-59d1bf181fb0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldmrvAR0LLfMl9piQFjNji2aIVRZZ%2ByeI6Vpew3LyFdSyWC11o2tp%2BKL%2FfsoXm4M7hsgTbokQGGYouHlaWJbArYIeswNIINsX1ZkNztvjJ82yptq6MQrxhYKiYaeeMAj5u7njTFjDUArXtrm5C6w"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-z7z79
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e4b4e49cd493a6d-FRA
x-robots-tag: none

GET
H2 200 262480102069310 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 155ms
155ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/262480102069310?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3ffc594c74777e95bec8d0b09c947b00f9a710d555e05251ef5112da943a26a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Jul 2023 19:45:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Kal9k+dIDGXzfRcJsIAuK1Ih0pEY/OfLiS1LDY4sbHB1Id/4M8rIUXs7n93zYTc0ghJvGm0UdAtlX/lTaFGBXA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 60ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262480102069310&ev=PageView&dl=https%3A%2F%2Fopti9tech.com%2Fobservr-ransomware-detection-and-protection%2F&rl=&if=false&ts=1689018313552&sw=1600&sh=1200&ud[external_id]=422be2ec9dd370eeff6fe722c56286bd&v=2.9.111&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1689018313551.14096882&it=1689018313348&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Jul 2023 19:45:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
589 B 151ms
151ms Image
image/gif 2606:4700::6811:d6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 67d1228c-3e1d-4b20-bc89-79c08c68748f
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 67d1228c-3e1d-4b20-bc89-79c08c68748f
server: cloudflare
x-trace: 2B5CCE6F34AC0173EC39263A227C2CB4AFA0ED13A2000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-llkhw
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7e4b4e4f0b4f6977-FRA

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 9720 0
70 B 21ms
20ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://opti9tech.com
Referer: https://opti9tech.com/observr-ransomware-detection-and-protection/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://opti9tech.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 19:45:14 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

cdef1ad5-0030-4e22-b630-dfd7b23a4cef.png
2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/ Frame 66DE
Redirect Chain

https://api.hubapi.com/avatars/v1/signed-uris/1ClQKDwgEEgtqZWxlY29zLmNvbRjl0PWABiD5p4gGKidicmFuZGluZzphcGk6d2ViOnVzZXItdHJhZmZpYzp1cy1lYXN0LTEyDTcwLjE3MS4xNjIuMTESGQB7DcdkkAPusSJ-W-5S3ZghZFBrMpZbev4
https://2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/cdef1ad5-0030-4e22-b630-dfd7b23a4cef.png

5 KB
6 KB

158ms
98ms

Image
image/webp

2606:4700::6812:f0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/cdef1ad5-0030-4e22-b630-dfd7b23a4cef.png
Protocol: H2
Server: 2606:4700::6812:f0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926524b67967c7e076313e254f6a70cfc890f580bc2c2166a1ea1a82fc14476f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-110251694937,P-2459647,FLS-ALL
x-amz-request-id: XNMGRE6KBEN0VR60
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110251694937,P-2459647,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="cdef1ad5-0030-4e22-b630-dfd7b23a4cef.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "5c1fd5e4b048e38a50ef606f15a327b8"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681053292394
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Mon, 10 Jul 2023 19:45:15 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 26oth2eiu22PRYztJOPUYdPNVvJW.qJg
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=6211
x-cache: RefreshHit from cloudfront
cache-tag: F-110251694937,P-2459647,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 4732
x-amz-id-2: CNAOe0PobzKYPACiuW/Ny4LZw5fqHN5fb7zkJKbXhYl/8H9K8NCWgoh3Gp/nQZ8HP6/2Nmy/LHs=
last-modified: Sun, 09 Apr 2023 15:14:53 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 7e4b4e54ab864d76-FRA
x-amz-cf-id: KqR3499Uixu2X-FIcYT_xqRr26Wa9BUUvCabH9V6_EktF4w-MQ7uXA==

Redirect headers

date: Mon, 10 Jul 2023 19:45:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b565feb1-cab7-4de4-a34f-3064bc2d078c
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b565feb1-cab7-4de4-a34f-3064bc2d078c
server: cloudflare
x-trace: 2B89FF4E63E5F7A8BC99BF22D11FB5739601AB8E3B000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJL1lgDs1X3IenTeno28DtFUrn2VzzbE7CgQ3RA4U3jgDYcgBgxdIHhD1K74rlnaA46USQPYVPQ%2FtpBGby7IT70%2BMOhBfgS6QtaKd3BcHmcObU3nPow2AYHp%2BZ2QiFrH5FFtg0%2Bb%2BhatNsNr"}],"group":"cf-nel","max_age":604800}
location: https://2459647.fs1.hubspotusercontent-na1.net/hubfs/2459647/cdef1ad5-0030-4e22-b630-dfd7b23a4cef.png
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-z9vjn
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
cf-ray: 7e4b4e535e222c42-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: marvel-processor.bc0a.com
URL: https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000272752&url=https://blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
opti9tech.com/	1970-01-20 22:46:18	Name: BE_COOKIE_UDID Value: 11d18f2d-3aae-4dfd-a28c-401c562e66b9
.techtarget.com/	1970-01-20 13:10:20	Name: __cf_bm Value: r5XfnCKgF1f1XK7f8wooF1ztrZLhUSokZAWwcPR_fBY-1689018310-0-ARZpt0RPVsPlxYOJyBfmZuST4uU7rtjVrEwd4y4Pdsifpqs9l+YPc8/yr7TmPh54T1jW9V3gly7irXpGy+7azss=
.opti9tech.com/	1970-01-20 15:19:54	Name: _gcl_au Value: 1.1.1741454125.1689018311
.opti9tech.com/	1970-01-20 22:46:18	Name: _ga_XC0MBWDMNH Value: GS1.1.1689018310.1.0.1689018310.60.0.0
.ws.zoominfo.com/	1970-01-20 21:55:54	Name: visitorId Value: dc5484fcf76e7f21cfad446a2f7c0983db1b8851907f714cbbddbe51e1e3c8fe
.zoominfo.com/	1970-01-20 13:10:20	Name: __cf_bm Value: aK9qOiVnA_B_EempUGpKGYAjNSETiCKu1A2AIOxv0Cs-1689018310-0-AfBkSffSor0Hzw02VtyUSoQ0WeUn/U4c8eIWVUxBzADYP8pPMf0ftPoGTgxf90Gspur79WNHE2RcUYAhbVm34RU=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: W1oA0KUkVvOHtLr9OHTUNMNSFpT3WkAJs3zKW7VjMPY-1689018310968-0-604800000
.opti9tech.com/	1970-01-20 22:46:18	Name: _ga Value: GA1.2.502106391.1689018311
.opti9tech.com/	1970-01-20 13:11:44	Name: _gid Value: GA1.2.423481835.1689018311
.opti9tech.com/	1970-01-20 13:10:18	Name: _gat_gtag_UA_7468330_8 Value: 1
opti9tech.com/	1970-01-20 13:11:44	Name: ln_or Value: eyIxMzUzNCI6ImQifQ%3D%3D
.twitter.com/	1970-01-20 22:46:18	Name: personalization_id Value: "v1_ItgjhbKTzSBAZKklQG1VlQ=="
.t.co/	1970-01-20 22:46:18	Name: muc_ads Value: d9f2827c-2e3d-4b38-92bb-19376a19b43f
.linkedin.com/	1970-01-20 15:19:54	Name: li_sugr Value: ecfb09e8-fc98-4606-b870-a5d5f7b9a059
.linkedin.com/	1970-01-20 21:55:54	Name: bcookie Value: "v=2&00e300e8-936d-4d49-8357-73ac89317d43"
.linkedin.com/	1970-01-20 13:11:44	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2952:u=1:x=1:i=1689018311:t=1689104711:v=2:sig=AQEoIudeB6rNJ6gVjsTpPZwB8g_D4-wQ"
.linkedin.com/	1970-01-20 13:53:30	Name: UserMatchHistory Value: AQJQbS8GUFaZIwAAAYlBViJFkJCGcCvjUUHWA2asLfOboPUgr5-onJzuIM4JRVVdXeIW2bOMkLQ2EQ
.linkedin.com/	1970-01-20 13:53:30	Name: AnalyticsSyncHistory Value: AQINtcm6gpDdxQAAAYlBViJF3RxFNnwI3FuX9MXT7x2FwVFy6b0yox4Xswfk1LqpyCyt2aM7RB-mZO6lzsGDuQ
.opti9tech.com/	1970-01-20 21:55:54	Name: _lfa Value: LF1.1.cc405f6938d21c63.1689018311413
.www.linkedin.com/	1970-01-20 21:55:54	Name: bscookie Value: "v=1&20230710194511f7ed5508-680f-4337-83d5-84f13c516519AQH6xo7q2hoi2xDBu74dQKjbGDsKII07"
.linkedin.com/	1970-01-20 17:29:30	Name: li_gc Value: MTswOzE2ODkwMTgzMTE7MjswMjG82V4uwI1ord74hnoxRwRPi4H1Yc5z6mv7ZKdthGR5kA==
.hubspot.com/	1970-01-20 13:10:20	Name: __cf_bm Value: dIsi.mlAOv0kkclsd_h0TBi2aFkEx_pmYdFdzkebdVE-1689018312-0-AUw3IMIbVxVuT24DHULB7pe2bxavGaZIumA/Cl/z9q8cObsROhUuz0FTI3AHDr4yL8UXvPWdHsZWLLGmCjfIAIw=
.doubleclick.net/	1970-01-20 22:31:54	Name: IDE Value: AHWqTUkljaj9cDWtVgk6AF0ePtZjr2phS4FckHqVdnenhLc3AcwwrNAZPbMI5pEa
.opti9tech.com/	1970-01-20 17:29:30	Name: messagesUtk Value: cfc8b804eb9145b8b21716502a7effe4
.opti9tech.com/	1970-01-20 17:29:30	Name: __hstc Value: 100357441.422be2ec9dd370eeff6fe722c56286bd.1689018313218.1689018313218.1689018313218.1
.opti9tech.com/	1970-01-20 17:29:30	Name: hubspotutk Value: 422be2ec9dd370eeff6fe722c56286bd
.opti9tech.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.opti9tech.com/	1970-01-20 13:10:20	Name: __hssc Value: 100357441.1.1689018313218
.opti9tech.com/	1970-01-20 15:19:54	Name: _fbp Value: fb.1.1689018313551.14096882

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://marvel-processor.bc0a.com/snowcloud/v1/api/loadUrl?customer=f00000000272752&url=https://blob:https://opti9tech.com/55fb6dbe-174e-47a5-98db-bcf6f845e666 Message: Failed to load resource: net::ERR_INVALID_REDIRECT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2459647.fs1.hubspotusercontent-na1.net
a.omappapi.com
analytics.twitter.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
consents-cf.bc0a.com
cookie-cdn.bc0a.com
d.adroll.com
dsrportal-cdn.bc0a.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
ka-f.fontawesome.com
kit.fontawesome.com
marvel-b1-cdn.bc0a.com
marvel-b2-cdn.bc0a.com
marvel-processor.bc0a.com
opti9tech.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
s.adroll.com
sc.lfeeder.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.hsappstatic.net
stats.g.doubleclick.net
t.co
t.sidekickopen24.com
tr-rc.lfeeder.com
track.hubspot.com
trk.techtarget.com
unpkg.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
marvel-processor.bc0a.com
104.244.42.5
104.244.42.67
13.107.42.14
13.224.189.9
146.75.116.157
151.101.130.159
2001:4860:4802:34::36
2400:52e0:1a01::987:1
2600:9000:20eb:3800:2:53b2:240:93a1
2600:9000:2250:1600:0:f267:a5c0:93a1
2600:9000:2250:2600:4:d7e1:700:93a1
2600:9000:2251:4600:14:6e14:cf80:93a1
2600:9000:225e:f600:6:9280:1080:93a1
2600:9000:2490:b200:9:7608:8a80:93a1
2606:4700:10::ac43:2794
2606:4700::6810:75be
2606:4700::6810:7daf
2606:4700::6810:8cce
2606:4700::6810:a852
2606:4700::6810:bb41
2606:4700::6811:180e
2606:4700::6811:65ac
2606:4700::6811:69c7
2606:4700::6811:cccc
2606:4700::6811:d4f3
2606:4700::6811:d6f3
2606:4700::6812:1734
2606:4700::6812:19c4
2606:4700::6812:1edf
2606:4700::6812:853b
2606:4700::6812:8d65
2606:4700::6812:c9f
2606:4700::6812:f0f
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e6::ac40:ca1c
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2004
2a00:1450:400c:c0b::9d
2a02:26f0:3100::1735:28c0
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:cc3:fe04:dcb6:b520:ea2:2b32
3.128.224.79
34.111.208.231
35.201.125.192
35.201.70.94
0571c46bf812fc66f8f0acc12f36156d9d7d0f204d4184f0d32c395d4ec609cd
0afe69b38300c421e72173e8cecf4255cd4de9540a68f659ed56a9b061195a01
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
108e0f4306dff46cfbf2f16fe72b5def03659cd0d1a80c2cb910be719d0c0e2d
10a410ffc4397a10a60c58a979d3dfc8957258714e1a50f0acb6612eb74b90cd
10bbe2192f5c2f1b203ab4f12da4f7ade71d3c86dd3ecfc56610737f29eecdac
12e184cdc472fa48e761950148678d41ab9cecea77994f660fff0b1bd3469eea
164c1a90aee049a19542ac6eaae1df77aa5f9a795a49fd3d775194596cddc53e
190db2ea37186511e3cdfaeb6e37e68830c90647a9c18840f33ce00c03a05bd0
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1c75fd2e843221da87f399a0f8470249260657792d8136d51c8d57e4274e2b32
1f597babc98bd8a421cd1aa35ad4b361ed91295d717b8781e074210a767d0ada
1faa1cd48625508863dbfc42db88613746e3b04486f587e6ffa63e329349ae40
25e5325c6ea8417640101905e0e9e17f74c86fd4a8d04eebff28161cef852c57
26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a
298f6ec1b9034ddefe6a8a80872b68f2e13785956bc5f514c9404dcfc0a9d4ff
2b9c8313efc8a559ec201309ea77d2741755bc8f619194c9e53cc5214bf88e21
2d800a565af37a06348f4a6f655aa8376452566711e60646ffd309061ed52650
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef54873da22db0e83d14b75d16866feb67e46835ae4fe7037af5accc036f6d7
3234921a3552693754891221b6bd64195423276f1993d072c2b853a516c8a181
33d5545581adfd062e796932104369009524476c9375ee4840b2b7bf56dbf038
357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8
36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66
3989ff60864a602a2e76ad112d92c41825317af29412b1f1667bd9d431c618bf
39a80ac217b9731415590c2469199129b49081c1d5f0afd194b89d845c342743
3a41479834a47d638fc4e589a37d5112a9c3c5af6ccae3d9721db05517b4ed0b
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
3be6d6194e274dcf0f20f4bf43fb5c9c3ebbcbf46a6e625d17d104ffe3da525a
3eb2861edb732eb23c1000b154b8fcb87a47320fe43b815911379ff3f26f60db
421d9f1d5977f0c3d67b01b3bada32c436dc02392f788da64c769b6e956a865f
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
48b1756d6578994fc692f7affe7e0ddd7e1bc9f732fa4993677b040e5ccdc3c7
4db1811644b9e91322f9a2b9085e6b8adea7fc5561a6bc942c4da9683c519b1f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
50c36bc2a71485bc6939c1f5de3d1b38ff260d9de91dac1855df0b50c35d81bd
51ff2b4b46acab057eba32dc5fbd0bcf410f0ad2bb75d7a92b230bc627d930d6
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
56c4495857616105157baa89caee2ef427fcb4fab4183d4e4b6b686e97ca4eea
576e599f21710e4bdf4c0a2795749995460e7e14e7dc9afe7779ef17ba43a7fb
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
660cd41589dea18335e376ff9af2b73de1a534bc67db7e364d3dab7e2282ccf3
665ca4a39a0dd97940da4ae12cbf97924504a3eae9a103788c8689f78fc59259
692b8dc1f46ea142d0acefd784f6744a460d25824c6d903beef69dca2e26f7d6
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6ea54ab8237e36baf0fd3859de432e13a1109a989881046e4e5a91dd008e372a
6ebbbc31b6d99a985e1ebcb5094fd925a9b84d68f4e41e4d20861d8cf2bbcbb2
751d7a9955eeb7c587ac871403b477ff6ec87d1f1374116b2a6bd52b95a6e929
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
87877912c219724121e2d01a10dd4c150aef465878a1a2481a0d1b9717db2d2d
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
883468372a4905c82ca5f076b633ec184f64120687666abf6f703f7154d8652d
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8ac93e967b5b51aa5bf999c5af69656336f7260cc078483b1249cefc3db0724c
909b5ea9cda76da3a0bcd2f1187035cfaf1898127feebf6681f796991727ab70
926524b67967c7e076313e254f6a70cfc890f580bc2c2166a1ea1a82fc14476f
94509b811fb897c2707da9d21d7c9bc9e4bf814a278c7fb87130ef2c93636f6f
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f
97eaac93a310f2c490be7132817c4bc489fbbebe2e6194c0fb7ba677e829e095
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833
a4a06a5da0c393e4502d6db6c51202152a0e83d3ba6fc83004d322de0621f9b5
a4bddb9535f5e3fe9e500616b2f1e4b10e1a5930a197848966a7c316838570a0
a941d7b38d251a1561d58a3622ab9b43c6b1579453f6d4d9d72b1695b3d2be0c
aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acdd7f8526d146b1f20c0e9118b606c631cb1379b882bc540b4f42e84c9c8e68
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b140cee43460772fc3680cd083d2fedf86e3d7bcfbb68194323e51d09abfcee8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a3c29f26a1966cc1241fc5e22fae97dd82447aec55b99ff5637ed012ba2298
b392e6c585b57dd55999531457c433e876b75f9cd32de9e12d935b9da839abbd
b6ba469e76d0b61a0544433dd0a31056bc0187c8866357d8dd24000d67bdc18c
b918e8432adf14c5e699cde8388f2813cdea86e3713d74704118dbcbb8bb3e0f
b989762eb16dd3748d4066478a267eca606cc4e6b43bf923c0525ab364279bbd
b9ae7b6b69d2b9586954b5ae37b9b43ba1182c5afb0ad70eff7a8289e5b6515a
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd80945acfbae02f79c5c3b1ca2e99e05e94299e748a5ce28ad4146a0ec63bf5
bf817ee4b2d4e9d98e05e1382d295f8f10fef43770cd4e291d924a5d0afc8cc2
bfd7a0e6ecc4ede42396076364ee42996cd73bd215550022b5180ff09aca8afd
c19b90059c78d2591627fa7bd27c9dd8b4b72a41cfb8036fb3e7c4c6f7ca71ca
c2e7e1df5aa596aa4afbf50374723963b66d3c94348d1410f2256d4aa86ddbaf
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
c69a07fa92b5b3e6550810c0c0361235cfde7af0fd8e3f271d65646d47fb9a19
c744346f2c0109f8a28ca6f7f143e0db5c68de2500b27a9869fca37f708390e1
ca30cd0252a329ba1b347154b2d0252c11bb8c2ddbf4f5ca4e1330e37ad353a4
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
ce8d393e6230b2bee34220f5de34b004a2b37e2fdf7bf6d94cd105648252d9d6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d4a8c3b760bff35666239e596a7d5cbad2f6e3eb5d527d827522b02cea8281b1
d78545c0b7a7dfc2263d56c365a550af362c42781f34a77d454f467841288460
da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1
db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd1f45763a299f4ffe8d41f3e16f0da7cf4c0aff2edbc0c847ff0555330b1af9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8444d677a0636a851042ed831fdf6c1c8f8356f464606f016b3d9b4e6f36166
e9b0d5ecd09ee50f38a0a33085608503187934e52a97516800a9f158be7882ca
eabc19480b6212343af7996aa06029eb00e8a05d9709b4c8b05e3222558a12f1
eb59b8fd31fb2b78a5c2f65db025d55fe61ecff4bc78edea2c8c9119c88836e4
ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39ee441c4e7792c5cda9a8bd86ddce96d9b17bda0cc9f7187f1a70ce9b3ed5
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f30c05e805f05173df7aafedaeea93a3d69f2e8ad8a6553db9d7b9b1e791cbb4
f3ffc594c74777e95bec8d0b09c947b00f9a710d555e05251ef5112da943a26a
f4f491dba594ca9a2c0bf654e450c3bd5a22871a10470820e1cdffc35d4184ef
f54b61a120e0240c98428d76beab031099f4f0379cbc623de071277255088fdc
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5edf4f2675338b776f8a3808f691baf84f14a4e4d958ce49472e3ab7e7acebb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fb46e1656b437798d146bcfa5453bd05c5fb1442297ce3dbc03d9bf1f05f2e81
fc145aa9a15eab9e015cd197e0f98afe788cdc6cba808f7fe4068f9c02853772
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fe49b82c9b2f9e36646ca1713e72b1cd81e0e03a5044e12eeefd6074e363cb62

opti9tech.com Open in urlscan Pro 151.101.130.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

96 %HTTPS

81 %IPv6

39 Domains

56 Subdomains

52 IPs

4 Countries

3953 kBTransfer

8804 kBSize

29 Cookies

9 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

opti9tech.com Open in urlscan Pro
151.101.130.159 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

96 %
HTTPS

81 %
IPv6

39
Domains

56
Subdomains

52
IPs

4
Countries

3953 kB
Transfer

8804 kB
Size

29
Cookies

151 HTTP transactions
0 data transactions