www.cybereason.com Open in urlscan Pro
45.60.64.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW4...
Effective URL:
https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_me...
Submission: On June 08 via manual (June 8th 2022, 9:53:56 am UTC) from US — Scanned from DE

Summary HTTP 230 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 66 IPs in 5 countries across 50 domains to perform 230 HTTP transactions. The main IP is 45.60.64.106, located in United States and belongs to INCAPSULA, US. The main domain is www.cybereason.com. The Cisco Umbrella rank of the primary domain is 360319.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 6th 2022. Valid for: a year.

This is the only time www.cybereason.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1f69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	45.60.64.106 45.60.64.106	19551 (INCAPSULA) (INCAPSULA)
18	2606:4700::68... 2606:4700::6811:f3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4005:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	108.138.7.27 108.138.7.27	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
4	104.79.88.164 104.79.88.164	16625 (AKAMAI-AS) (AKAMAI-AS)
62	18.66.112.39 18.66.112.39	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	23.20.88.204 23.20.88.204	14618 (AMAZON-AES) (AMAZON-AES)
1	108.157.4.87 108.157.4.87	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.19 108.138.7.19	16509 (AMAZON-02) (AMAZON-02)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:249... 2600:9000:2490:6a00:12:3734:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	206.19.49.24 206.19.49.24	7018 (ATT-INTER...) (ATT-INTERNET4)
2 2	54.220.105.73 54.220.105.73	16509 (AMAZON-02) (AMAZON-02)
1 2	52.222.214.56 52.222.214.56	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	18.66.97.17 18.66.97.17	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	54.171.41.113 54.171.41.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1375	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	3.67.218.133 3.67.218.133	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	50.16.7.188 50.16.7.188	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
230	66

2 2606:4700::6812:1f69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cpjwr04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 45.60.64.106 (United States)

ASN19551 (INCAPSULA, US)

www.cybereason.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6811:f3cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

3354902.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4005:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

10272547.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10428681.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a27 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.79.88.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 18.66.112.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-39.fra56.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.88.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-88-204.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-87.dus51.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-19.fra56.r.cloudfront.net

px.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:6a00:12:3734:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN7018 (ATT-INTERNET4, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.105.73 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-105-73.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-56.fra56.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-17.fra56.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.41.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-41-113.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1375 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.218.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-218-133.eu-central-1.compute.amazonaws.com

dpx.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.7.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-7-188.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	driftt.com js.driftt.com — Cisco Umbrella Rank: 4817	755 KB
31	cybereason.com www.cybereason.com — Cisco Umbrella Rank: 360319	2 MB
18	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 6870	61 KB
10	doubleclick.net 3 redirects 10272547.fls.doubleclick.net 10428681.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	7 KB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 483 p.typekit.net — Cisco Umbrella Rank: 613	142 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6117 adservice.google.de — Cisco Umbrella Rank: 8526	2 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 616	3 KB
6	drift.com metrics.api.drift.com — Cisco Umbrella Rank: 5193 bootstrap.api.drift.com — Cisco Umbrella Rank: 5516	451 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 534 e.clarity.ms — Cisco Umbrella Rank: 2332 c.clarity.ms — Cisco Umbrella Rank: 1052	26 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	linkedin.com 3 redirects platform.linkedin.com — Cisco Umbrella Rank: 3007 px.ads.linkedin.com — Cisco Umbrella Rank: 320 www.linkedin.com — Cisco Umbrella Rank: 560 px4.ads.linkedin.com — Cisco Umbrella Rank: 5318	163 KB
4	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1177	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 584 script.hotjar.com — Cisco Umbrella Rank: 713 vars.hotjar.com — Cisco Umbrella Rank: 832 in.hotjar.com — Cisco Umbrella Rank: 1585	67 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 324 c.bing.com — Cisco Umbrella Rank: 210	13 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 643 syndication.twitter.com — Cisco Umbrella Rank: 881 analytics.twitter.com — Cisco Umbrella Rank: 506	134 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	199 KB
4	gstatic.com fonts.gstatic.com	134 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 277 fonts.googleapis.com — Cisco Umbrella Rank: 42	35 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1168 api.company-target.com — Cisco Umbrella Rank: 2918	2 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 391	3 KB
3	airpr.com 1 redirects px.airpr.com — Cisco Umbrella Rank: 14026 dpx.airpr.com — Cisco Umbrella Rank: 11726	3 KB
3	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5898 track.hubspot.com — Cisco Umbrella Rank: 2049 forms.hubspot.com — Cisco Umbrella Rank: 3005	2 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3134	267 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	428 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 464	1019 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2598
2	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 12149 apt.techtarget.com — Cisco Umbrella Rank: 16098	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 114	17 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	156 KB
2	hubspotusercontent-na1.net 3354902.fs1.hubspotusercontent-na1.net	724 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	11 KB
2	hubspotlinks.com 1 redirects cpjwr04.na1.hubspotlinks.com — Cisco Umbrella Rank: 443530	3 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 555	98 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1512	157 B
1	t.co t.co — Cisco Umbrella Rank: 505	338 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 1967	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1960	20 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 3970	88 KB
1	ml-api.io attr.ml-api.io — Cisco Umbrella Rank: 16716	241 B
1	ml-attr.com 1 redirects s.ml-attr.com — Cisco Umbrella Rank: 13865	279 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4518	19 KB
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 26888
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4378	110 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9398	2 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2578	6 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2164	964 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5462	1 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1389	7 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 608	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 760	3 KB
230	50

	Domain	Requested by
62	js.driftt.com	cpjwr04.na1.hubspotlinks.com js.driftt.com
31	www.cybereason.com	cpjwr04.na1.hubspotlinks.com www.cybereason.com cdn2.hubspot.net
18	cdn2.hubspot.net	www.cybereason.com
9	use.typekit.net	www.cybereason.com
6	www.google.de	www.cybereason.com
6	www.google-analytics.com	www.googletagmanager.com www.cybereason.com www.google-analytics.com
5	www.google.com	1 redirects www.cybereason.com
4	metrics.api.drift.com	js.driftt.com
4	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com www.cybereason.com
4	connect.facebook.net	www.cybereason.com cpjwr04.na1.hubspotlinks.com connect.facebook.net
4	fonts.gstatic.com	fonts.googleapis.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	e.clarity.ms	www.clarity.ms e.clarity.ms
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	secure.adnxs.com	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.cybereason.com
3	fonts.googleapis.com	cdn2.hubspot.net
2	bootstrap.api.drift.com	js.driftt.com
2	c.clarity.ms	1 redirects
2	dpx.airpr.com	1 redirects
2	pixel.sitescout.com	www.cybereason.com
2	adservice.google.de	adservice.google.com
2	www.facebook.com	www.cybereason.com
2	segments.company-target.com	1 redirects www.cybereason.com
2	match.prod.bidr.io	2 redirects
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	adservice.google.com	10272547.fls.doubleclick.net 10428681.fls.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	10428681.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10272547.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	platform.twitter.com	www.cybereason.com platform.twitter.com
2	www.googletagmanager.com	www.cybereason.com www.googletagmanager.com
2	3354902.fs1.hubspotusercontent-na1.net	www.cybereason.com
2	cdnjs.cloudflare.com	www.cybereason.com cdn2.hubspot.net
2	cpjwr04.na1.hubspotlinks.com	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	c.bing.com	1 redirects
1	track.hubspot.com
1	analytics.google.com	www.googletagmanager.com
1	www.clarity.ms	bat.bing.com
1	in.hotjar.com	script.hotjar.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com	www.cybereason.com
1	apt.techtarget.com	www.cybereason.com
1	alb.reddit.com	www.cybereason.com
1	vars.hotjar.com	static.hotjar.com
1	analytics.twitter.com	www.cybereason.com
1	t.co	www.cybereason.com
1	syndication.twitter.com	platform.twitter.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.cybereason.com
1	www.linkedin.com	1 redirects
1	js.hs-banner.com	www.cybereason.com
1	js.hs-analytics.net	www.cybereason.com
1	js.hsleadflows.net	www.cybereason.com
1	attr.ml-api.io	www.cybereason.com
1	s.ml-attr.com	1 redirects
1	px.airpr.com	cpjwr04.na1.hubspotlinks.com
1	tag.demandbase.com	cpjwr04.na1.hubspotlinks.com
1	lltrck.com	cpjwr04.na1.hubspotlinks.com
1	fast.wistia.com	www.googletagmanager.com
1	up.pixel.ad	www.googletagmanager.com
1	cdn.pdst.fm	cpjwr04.na1.hubspotlinks.com
1	trk.techtarget.com	cpjwr04.na1.hubspotlinks.com
1	js.hs-scripts.com	www.googletagmanager.com
1	ws.zoominfo.com	cpjwr04.na1.hubspotlinks.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	p.typekit.net	www.cybereason.com
1	app.hubspot.com	www.cybereason.com
1	platform.linkedin.com	www.cybereason.com
1	ajax.googleapis.com	www.cybereason.com
230	75

This site contains links to these domains. Also see Links.

Domain
www.securitymagazine.com
cybersecurityventures.com
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
*.cybereason.com GeoTrust RSA CA 2018	`2022-04-06` - `2023-05-07`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-04-15` - `2022-07-14`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2021-07-25` - `2022-08-26`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.airpr.com Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Frame ID: BBAC57ECB984135C0D7D2EA68C120EAD
Requests: 149 HTTP requests in this frame

Frame: https://10272547.fls.doubleclick.net/activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Frame ID: E179CD605D54421EDBB0CA72804A4290
Requests: 1 HTTP requests in this frame

Frame: https://10428681.fls.doubleclick.net/activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Frame ID: 463423EB0508E84D3294271F69900B64
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.cybereason.com
Frame ID: F7B0A24CF9CC319A94C898B19881AD71
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: CCDAA13F1B49740AC57E7AFB1F74F250
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Frame ID: A20ECBFDBE60CAB6E7A2EFE09706930D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Frame ID: DDAF9FF50F17B56D2175951708250C3F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Frame ID: 7A3552A234F12B957F04D28271627BEE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Frame ID: 180BC6F98D6DF0627418B7F40FA686F8
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=1efd62a0-71af-4800-9f4c-14cc1c50584b&no_iframe=1&mt_adid=241675&source=mathtag
Frame ID: C94EE1E6F4032B7A46F3F3852F12A005
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4AF6E56B08FB1EABE5730F1F3F1D22C4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: F00846DB3A1C8B4AB4C12A3564CB3F11
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 63CE25F48B1FF3FFB0F2E28B948D87D8
Requests: 32 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
Frame ID: 8FAC755A03FED602B4C36F9039D994C1
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Report: Ransomware Attacks and the True Cost to Business 2022

Page URL History Show full URLs

https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7... Page URL
https://cpjwr04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6... HTTP 307
https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campai... Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

230
Requests

97 %
HTTPS

53 %
IPv6

50
Domains

75
Subdomains

66
IPs

5
Countries

5315 kB
Transfer

10845 kB
Size

58
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.securitymagazine.com/articles/97166-ransomware-attacks-nearly-doubled-in-2021#:~:text=Ransomware%20attacks%20rose%20by%2092.7,2020%20and%202%2C690%20in%202021.
Title: nearly doubled

Search URL Search Domain Scan URL

URL: https://cybersecurityventures.com/cybersecurity-market-report/
Title: estimated to exceed $20 billion

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022&utm_medium=social&utm_source=twitter&url=https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022&utm_medium=social&utm_source=twitter&source=tweetbutton&text=

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022&utm_medium=social&utm_source=facebook

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022&utm_medium=social&utm_source=linkedin

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybereason

Search URL Search Domain Scan URL

URL: https://twitter.com/cybereason

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cybereason/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOm7AaB0HiNH4Phe66sK0Ew

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cybereason

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1 Page URL
https://cpjwr04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1?_ud=97bc3ad4-87d1-462c-8386-0332974587d2&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email HTTP 302
https://10272547.fls.doubleclick.net/activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Request Chain 83

https://10428681.fls.doubleclick.net/activityi;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email HTTP 302
https://10428681.fls.doubleclick.net/activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Request Chain 96

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dcybereason.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=cybereason.com&pId=6301533842501427413

Request Chain 102

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_campaign%3DRansomware%26utm_content%3D215671684%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D215671686 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D72596%26time%3D1654682031295%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fblog%252Freport-ransomware-attacks-and-the-true-cost-to-business-2022%253F_hsenc%253Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%2526utm_campaign%253DRansomware%2526utm_content%253D215671684%2526utm_source%253Dhs_email%2526utm_medium%253Demail%2526_hsmi%253D215671686%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_campaign%3DRansomware%26utm_content%3D215671684%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D215671686&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_campaign%3DRansomware%26utm_content%3D215671684%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D215671686&liSync=true&e_ipv6=AQLEV_gNGeiFawAAAYFCvBaFqJQZhvpNe04Ks0rNMsdq2dvyPt5XOygpEpqltnWS3cGvCs5pFYHp2UP4kOkyRuNgVqo_

Request Chain 121

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAC8sU7FQOMAAHpTLYS-Pg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAC8sU7FQOMAAHpTLYS-Pg&verifyHash=f2120582652b6fd4e3c534aba000bd7df079cf81

Request Chain 125

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&auid=633080062.1654682031&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=r3GgYtTrF-SG9fgProaicA&sscte=1&crd=&eitems=ChAI8JGBlQYQgfGb0qH9zI8_Eh0AHGY_oOR5v1Y8liJhx1HByaR2brAOgkKBk5f_ZA HTTP 302
https://www.google.com/pagead/1p-conversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&auid=633080062.1654682031&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=r3GgYtTrF-SG9fgProaicA&cid=CAQSKQCNIrLMaw_NX_kbYyKo0lf1qAkypf1r19eMHI00vWKb8FDKmTQxLxkc&eitems=ChAI8JGBlQYQgfGb0qH9zI8_Eh0AHGY_oF3H0Qst_1CnazHd4GNR_biA_EfDkM9MBA&random=1371042519&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&auid=633080062.1654682031&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=r3GgYtTrF-SG9fgProaicA&cid=CAQSKQCNIrLMaw_NX_kbYyKo0lf1qAkypf1r19eMHI00vWKb8FDKmTQxLxkc&eitems=ChAI8JGBlQYQgfGb0qH9zI8_Eh0AHGY_oF3H0Qst_1CnazHd4GNR_biA_EfDkM9MBA&random=1371042519&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 146

https://dpx.airpr.com/px?hostname=www.cybereason.com&profile=660386&ga_account_id=UA-56367941-1&ga_account_type=UA&ga_c=1525061032.1654682031&an=true HTTP 302
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4671256506 HTTP 302
https://dpx.airpr.com/anpx?adnxs_uid=6301533842501427413&airpr_id=4671256506

Request Chain 153

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=2DBAFC09A74A4FC8833E8FECB7E43E33&RedC=c.clarity.ms&MXFR=0650E1E1D5536EFB27CFF05CD15360B2 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=2DBAFC09A74A4FC8833E8FECB7E43E33&MUID=0003C4E16AA86E480C9FD55C6BC36F1B

230 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fz...
cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/ 10 KB
3 KB 492ms
441ms Document
text/html 2606:4700::6812:1f69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7180be1d8e452373-ZRH
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 08 Jun 2022 09:53:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 1627a017-cce7-4569-962d-e8ac40af1bf4
x-robots-tag: none

GET
H2

200

Primary Request report-ransomware-attacks-and-the-true-cost-to-business-2022 Show response
www.cybereason.com/blog/
Redirect Chain

https://cpjwr04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlc...
https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3Crz...

49 KB
13 KB

257ms
191ms

Document
text/html

45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email

Requested by

Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.64.106 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

c99347d36fc2a70c8f86d0c4e696f807bd37a475609bf6eeb27611350edb5a3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: s-maxage=14400, max-age=0
cf-ray: 7180be223eceabc9-CPH
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 09:53:50 GMT
edge-cache-tag: CT-70038802552,CT-73426571528,CT-74707766790,CG-3354902,CG-5272851739,P-3354902,L-42870461961,CW-34473990280,CW-41681847227,CW-41682410610,CW-42867014566,CW-43300360745,CW-44252461159,E-34470223313,E-34470224480,E-34470477360,E-35275979682,E-35291999472,E-42363645447,E-42507089303,E-42507091846,E-42760289143,PGS-ALL,SW-0,B-5272851739,GC-36042052587
etag: W/"5998bca9780b8bcd20a6f70e89ce66ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 07 Jun 2022 23:24:18 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9VEYGXWr99VG%2FTNZqS7Wqv7Gu0naHKP5QyVmYClmFHkpDUHCGOGSnU5J120Esi86x6awLf3C8JIAHxRK%2FNZYT50hRliWSusGFIlfEUjHKW2d0sZfQT2JelAiVEd40wTq%2FAXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=14400, max-age=0
x-hs-cf-cache-status: HIT
x-hs-combine-css: Disabled
x-hs-content-campaign-id: 713f7bc1-34fa-492d-bc53-37511afa2db0
x-hs-content-id: 74707766790
x-hs-hub-id: 3354902
x-hs-prerendered: Tue, 07 Jun 2022 23:24:18 GMT
x-iinfo: 10-8420878-8420880 NNNN CT(0 6 0) RT(1654682029758 20) q(0 0 0 0) r(2 2) U12
x-powered-by: HubSpot

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7180be20ad5e2373-ZRH
date: Wed, 08 Jun 2022 09:53:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email>; rel="canonical"
location: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
x-hubspot-correlation-id: 1c7a9d2d-f853-479c-987e-13a500921435
x-robots-tag: none

GET
H2 200 index.js Show response
www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/ 11 KB
4 KB 34ms
29ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7b007525d142bbc02dda59ccd34237bfa93685d7e75fe089b44ac1e8bcdef02f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 12:04:14 GMT
x-cdn: Imperva
etag: W/"fabb1243bed29fd93cc5e0ce02ce9114"
content-type: application/javascript
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 229) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27952120, public
content-length: 3750
expires: Thu, 27 Apr 2023 22:22:29 GMT

GET
H2 200 project.js Show response
www.cybereason.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
735 B 31ms
29ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:49 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
x-cdn: Imperva
etag: W/"61ca66de658cab9587e4636894680d5d"
content-type: application/javascript
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 232) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=27959867, public
content-length: 556
expires: Fri, 28 Apr 2023 00:31:36 GMT

GET
H2 200 module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41681847227/1644941386203/ 3 KB
1 KB 138ms
111ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41681847227/1644941386203/module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cec59b071d9d61e74c42ac4db8d2815aaace7e51983afe2481c14b97f332258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1644941386203
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173838
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVJysdmvDTd5MGUuwAIwgsYFMzcDEUZqYZcKDrVCcfSq%2BAqFCsveZuf2YY%2Fds50Yf07a7lWTqyHY2ykzTfG6k51v4ulTkEFyMq%2Bxkm9bwASMfTkWcBpRJ1uZwmm%2BmcPqht9a1H4Wh9gJfItTvSc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 15 Feb 2022 16:09:47 GMT
server: cloudflare
etag: W/"38a0b2ad68cbd188720dcc11cc435ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23cee7cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41682410610/1644941443237/ 6 KB
2 KB 140ms
113ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41682410610/1644941443237/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6c9f9a48bd0a163671773a199c876dc64d66947d47ac509c95e29177046c9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1644941443237
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173838
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlOZaEhBVzYiXyuDMzz5XasG8pa8%2F5rfE1BdEqVGA9BWeNf7eiNNnwaqCaHNAgv1p1MCw5ZAhsWdNF3ZuT5lpi4oRLomxmUAkK3SfKkeR64Y4vf8SxeK3AqgWt3M6mrsQS0ELQABtSor5jUCFk4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 15 Feb 2022 16:10:44 GMT
server: cloudflare
etag: W/"af924b62631098b8dc817f28551a6908"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23def0cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_43300360745_CR_-_Malicious_Life_Network_--_Related_Posts.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/43300360745/1649424828375/ 1 KB
782 B 136ms
110ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/43300360745/1649424828375/module_43300360745_CR_-_Malicious_Life_Network_--_Related_Posts.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f533e083f3d896349ecf4b75a3b17a2e5155b309318af9dc44965ce50c66a1dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1649424828375
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173838
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsOhD7wf0QqHxY%2F5fE7sNGgLMURHDR0TwTX0dfR%2FqnOUvA0ohAJca4fSWZthHMBYYc%2F9yMJ5LN2Z0dsmfRb8IRbRAqwDkMrU%2BR%2FB7OIzmHv9fMONvRpv%2BmHpQi9HF3Z%2FPdnEtc3n3ZBfcbIvX9E%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Fri, 08 Apr 2022 13:33:49 GMT
server: cloudflare
etag: W/"65a7b4b8acda13ea823f6b3cd6887d8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23def2cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_34473990280_CR_-_Footer_Full__en_US.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/34473990280/1645325324081/ 3 KB
1 KB 136ms
109ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/34473990280/1645325324081/module_34473990280_CR_-_Footer_Full__en_US.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97163b731eeaba18956ab2503090d85d58ef9cf7ec7d95dab7d872f188257963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1645325324081
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 224060
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Du1R3r2WeSLvNBOqu5556IDShreR4IRbCRW8wqMAdDqqlloiN1xi35e1fWHnxM9kPZoQqwrLRQd41ZWfTp2gtBypFu06BDNPfLLUXCw51VYP%2B2rnNpMdHpYvSfqEvm16BIGYl%2BYHORTtdgWPUw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 14
last-modified: Sun, 20 Feb 2022 02:48:45 GMT
server: cloudflare
etag: W/"5e970d579e1eb0f2b04f3bb72f88b645"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23def3cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 14

GET
H2 200 vyv2ljd.js Show response
use.typekit.net/ 19 KB
7 KB 200ms
132ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vyv2ljd.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

efaf50dd0be48360746de27c8624174b9689a29834970fe93656ec22cc9b770c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 08 Jun 2022 09:53:50 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6894

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 20:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Jun 2023 20:31:28 GMT

GET
H2 200 ionicons.eot
www.cybereason.com/hubfs/__dam/fonts/ 118 KB
68 KB 21ms
19ms Font
application/vnd.ms-fontobject 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/__dam/fonts/ionicons.eot
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a4803d7bdeb478a5b9238fe74d8aaa98dafe2e8e68fccbd0e3f4dced823f27f0

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 09:38:01 GMT
x-cdn: Imperva
etag: W/"2c2ae068be3b089e0a5b59abb1831550"
content-type: application/vnd.ms-fontobject
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 270) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=761617, public
content-length: 68926
expires: Fri, 17 Jun 2022 05:27:27 GMT

GET
H2 200 Criteria-CF-Regular.woff2
www.cybereason.com/hubfs/dam/fonts/criteria/ 14 KB
14 KB 37ms
35ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Regular.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fcba0ef5c17fd435aaa6cfac66375e7bfae52f5116b7a6e126c8b0f38b841613

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Thu, 13 Jan 2022 17:33:57 GMT
x-cdn: Imperva
etag: "8c4e317165d35f99602a1c625d63a040"
content-type: application/font-woff2
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 273) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=761616, public
content-length: 14572
expires: Fri, 17 Jun 2022 05:27:26 GMT

GET
H2 200 Criteria-CF-Medium.woff2
www.cybereason.com/hubfs/dam/fonts/criteria/ 14 KB
15 KB 38ms
35ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Medium.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f24560f5b81158a42b8d38ffe5795d9959eb2308ee6780ea912a6594bb999d1e

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Thu, 13 Jan 2022 17:33:57 GMT
x-cdn: Imperva
etag: "32457643e2ecf8bcf7fdba1110db901c"
content-type: application/font-woff2
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 276) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=761616, public
content-length: 14772
expires: Fri, 17 Jun 2022 05:27:26 GMT

GET
H2 200 Peristyle-Black.woff2
www.cybereason.com/hubfs/dam/fonts/peristyle/ 14 KB
14 KB 38ms
35ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/peristyle/Peristyle-Black.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9d943fe5fde08d5b742d383b625031f75e3e89035369f2cde2778f4c6cf5c119

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Fri, 15 Oct 2021 16:32:36 GMT
x-cdn: Imperva
etag: "a17b2e1c032fa4a5eea1eeb1416eb385"
content-type: application/font-woff2
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 278) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=761616, public
content-length: 14136
expires: Fri, 17 Jun 2022 05:27:26 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 507 KB
159 KB 63ms
16ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: 0070c51109c7c72b5f5c7c3beeb46123e0888f2f91fdd3abc9235788f8420651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 3024
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 162497
x-li-uuid: AAXg6/pkJo7pMUU3mrNfyg==
server: ECAcc (ama/8AAA)
last-modified: Wed, 08 Jun 2022 09:03:26 GMT
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-ltx1
expires: Wed, 8 Jun 2022 10:03:26 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1654544177307/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 135ms
110ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1654544177307/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf91aba0819de75da11aa3e7036e1f001cb826d138c6f05c567ab5b7bbe4c8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654544178057
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 137812
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhExcVP8EUUkyQ2lKk37A8jEbwNDbCDGNz2%2B%2FWX0EoD2NAaInsJVMgASrFe6zOzGwui3DE4XLk2SNnXToAKqiTr9ahVG9tGelN8SRBHUXUg%2BSR6seeZASEPjDCPM1upyjn24lLLGZ%2F2remxCIX8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 06 Jun 2022 19:36:19 GMT
server: cloudflare
etag: W/"b801103145a8fda148a857dad870411a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23def5cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-master__cta.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470223313/1654619379339/__CR_Web_Platform/CSS/ 3 KB
1 KB 143ms
119ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470223313/1654619379339/__CR_Web_Platform/CSS/cr-master__cta.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b102421ba1f94d4650cf36d5bba6617af062b9927195914f3cb4ac7a21b003a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654619380343
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 61494
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9O2WlCPOSK%2BWv5y%2FeFGJGmwSbg%2FBLxzfVYLrl7%2F4W8GKpeRkLXK02uLe59H7po6vb1RXYNO%2FJZEo7NnzXGyUkMs4QwTSNzJhExZGq9DefPKjygu2aJuPS0cGft7nj7y74be6Fy%2FEDPB6KXtqGs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 07 Jun 2022 16:29:41 GMT
server: cloudflare
etag: W/"bd44d34aaf60e5e360d1f5d1d005765f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23def7cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-master__main.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/ 48 KB
9 KB 148ms
124ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28577842d17fb5a5239b7e0e6f6b6049066fe0518f6535411c5e77f49c78750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654619504667
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 61495
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjhuCvOW86aFAc55BBPxBYlXNvQlXNBT4mlJX%2FypYJrXvS3SeWuchBOvFOpyr3HSLPiB206l3XqtAAL8lA%2BX0F%2BQu7pO3S8wcKF8pCCbLGhH2iPvuE9kyUKu%2BOnSTOR02hqq5oeshKiASeomo8k%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 07 Jun 2022 16:31:45 GMT
server: cloudflare
etag: W/"05d64d89a45b1e5d712ca3c8898419b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23def8cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 ionicons.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ 50 KB
8 KB 136ms
112ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ionicons.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1642096258332
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1400249
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wC6LsZU3MM01bhGb9oe8vJkkYES9pwSUIRdHVF51M563%2B0RytLf24j5Zti0ElzeVSdadGn5r%2FGI4PEiC5JnA%2FeiSJ%2BE0rK2tbD1PzfhLOvc%2F3hVzuGdEaUW5d9CVDC2YO6JAdjyhIIYOIQSU9dc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
last-modified: Thu, 13 Jan 2022 17:50:59 GMT
server: cloudflare
etag: W/"71c8c946791f3411c42a4cb1e9cdb5ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23defacc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-mln__build.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42760289143/1654107482327/__CR_Web_Platform/CSS/ 20 KB
4 KB 136ms
112ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42760289143/1654107482327/__CR_Web_Platform/CSS/cr-mln__build.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1d17f49687e707b10a61608d1a9cc4e01ab1e3e116bb03dffb058671ee7d092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654107483525
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 561603
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIQ%2FwfbK4bG%2F8DU0oGtLoZJuHALkrUqGQU2ehE9Q%2B33OAd1eJ9o%2FSfoC%2Fv1J%2FW8fgkHHAmyeQYiPW9tkVGzpo2EX3Sm1vakLFK4GwY6%2BrrKT2L6Mg0v343Mge79GN1nqEci7YYrqrFnscmlzfLM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 01 Jun 2022 18:18:04 GMT
server: cloudflare
etag: W/"f63856775f345cf13be72533fa213899"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P2
cf-ray: 7180be23df06cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 cr-framework__bulma-columns.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/ 19 KB
3 KB 142ms
118ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/cr-framework__bulma-columns.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556893
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 229922
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LolqF3P9Lh6S9PyMT4argOOnBD6TDVRftdHGHcmtkOopZBltiqN7VcGYLvVZw6pB%2Fat2EIw0Zx9%2BLFe5M5jQxevqxV7I%2FTlb08Tv65fjVcaAzPcgdkOCFlUFFDz%2F7Il1r5ylyPV2hwpcTHaS3QY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"636c18615b58fca9536b2e1c578c6db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23df09cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-framework__bulma.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35291999472/1654531651565/__CR_Web_Platform/CSS/bulma/ 63 KB
10 KB 134ms
111ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35291999472/1654531651565/__CR_Web_Platform/CSS/bulma/cr-framework__bulma.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c545256f2217ee841db63336dddc318198118b706001a05985fc1f9efc6551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1654531652721
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 148018
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXArum1iFYu9Bt4fAzMa%2FkO3s4zkY6gIgDWT0xw5khrXUcSRnt7I9Ax9SKRDoa%2Bj%2B9lYU9o0LpjmXAWa760j%2FaV%2FLosjitJJrOFtI4ndpk47M%2BDD1gO5vKqxsT6zlvQuyTfLvKwLWRlhKEPWKIY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Mon, 06 Jun 2022 16:07:33 GMT
server: cloudflare
etag: W/"84c377016cc8d5f4c82d61754c144d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23df0ccc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 hamburger-animation.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42363645447/1635957556555/__CR_Web_Platform/CSS/ 22 KB
3 KB 137ms
114ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42363645447/1635957556555/__CR_Web_Platform/CSS/hamburger-animation.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9130ee8c979a74ab038cf5e8a06db5cb94253eab35ea5242f515d605f4781ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556622
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 522293
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHmfjiTx%2BjzEKIavg2O1ZmHoNPpnG6p1TPGdvKMUJJBjgf4Lpp%2F9wmxGIDISrC2Et7dRRyFZUJH9qWYpp3%2BOlhZouCOhoKOCJkE2nDokAjifQtHYYmUvXV2hPkP0E4E%2BSYSrGCsMPTCg583GklE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"a0b451fd96744fa455495e022542ab86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23df0dcc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 animate.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42507091846/1635957557027/__CR_Web_Platform/CSS/ 52 KB
5 KB 131ms
108ms Stylesheet
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42507091846/1635957557027/__CR_Web_Platform/CSS/animate.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957557027
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 881288
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0gBxK5zS3U222FefUnfzD8bcob2EoN60AoLgqsnN48u8S%2FwuuMxs0zwZ2xu7jAdNGMv3cD1xERpBgjn3A%2FuocrhveP0YNVRxGPSlUo47f3lNHbqsWs4A%2FD9vTm79a4Aj8tFC7J6M8WZcsGvU7k%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 03 Nov 2021 16:39:18 GMT
server: cloudflare
etag: W/"55009d64191e6f9e712a841773ee6611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be23df10cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 49ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 569893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeFaRB3G2OBSeiVq1wLrx7oUoJPcsxsR5cDOtS%2BVlmpT9IyqC%2BXii%2BvBbAA0Fyn2djyaKOfmCHJ9prC0QEmWrNF9gtkVP2wfT%2BKGVWB0F5%2FLk48jhZoT7rr9gNtleRfd9Rp2CYc8G0vyMnFkogi6ufY4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7180be23d89f01db-ZRH
expires: Mon, 29 May 2023 09:53:50 GMT

GET
H2 200 marker-animation.js Show response
www.cybereason.com/hubfs/dam/plugins/ 6 KB
2 KB 50ms
50ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/plugins/marker-animation.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 99985c50b5c9c935c272df6687cc04da7fa72a790343424fce7c361a4b26c8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 17:09:14 GMT
x-cdn: Imperva
etag: W/"c789451d244987df6815383a74c748e9"
content-type: application/javascript
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 280) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1146049, public
content-length: 2303
expires: Tue, 21 Jun 2022 16:14:39 GMT

GET
H2 200 cr-logo-inline--primary-black.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 5 KB
5 KB 20ms
19ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-black.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fd6c0f5026c29648ab8887658f23e6c57faedfe7f9d85e702823ae5dfcbdc8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Fri, 03 Dec 2021 18:08:59 GMT
x-cdn: Imperva
etag: "0200a44af913040fda048d2ccd029463"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 576) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1146618, public
content-length: 5084
expires: Tue, 21 Jun 2022 16:24:08 GMT

GET
H2 200 cr-malicious-life-logo-v2.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 35 KB
35 KB 21ms
18ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-malicious-life-logo-v2.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1ef8b59b832109ecbec2f9ed52e8073e2ab73862fa5e6697e1fe05d1c8358a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Wed, 15 Dec 2021 18:41:35 GMT
x-cdn: Imperva
etag: "4f8f695cfdda0e2a9e41271fd3ef4840"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 580) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1007737, public
content-length: 35653
expires: Mon, 20 Jun 2022 01:49:27 GMT

GET
H2 200 cr-blog-icon--search-dark-gray.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 440 B
614 B 25ms
21ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-blog-icon--search-dark-gray.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e90344957225c9e0caa52e2591fd6066740e0650bc100c422435762160fb2e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Wed, 03 Mar 2021 03:19:57 GMT
x-cdn: Imperva
etag: "5285e68f20ece59da650da19c81751e2"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 584) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1015130, public
content-length: 440
expires: Mon, 20 Jun 2022 03:52:40 GMT

GET
H2 200 blog-post-text%20%28114%29.png
3354902.fs1.hubspotusercontent-na1.net/hubfs/3354902/ 614 KB
616 KB 149ms
102ms Image
image/png 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3354902.fs1.hubspotusercontent-na1.net/hubfs/3354902/blog-post-text%20%28114%29.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822bd73fe9551f44fd3d5b2b562a2bb2fb2dbc3eeb08c266a14b60f33f3b2da2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-74984743473,P-3354902,FLS-ALL
age: 14211
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74984743473,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: ZVC7JC3AQ67WR0PE
etag: "611db625c70ae297e51bc8d9fc69dd1a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1654013094580
date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 629021
x-amz-id-2: rmrqTEGXc3uMZ8W3X4xfcyjmsGcj+yH+oYHdwmCJCJY8SG7085tKf1phkFiSZYVyA1A7SfhV124=
last-modified: Tue, 31 May 2022 16:04:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: 16EcVdwgNkVfygNx81.FURW4zWBRWrLT
accept-ranges: bytes
cf-ray: 7180be25de3e01eb-ZRH
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: CQ0e7TFCheg4SIVrrVdfxrdsUod3qdJLLjk8qQkp-Y2CDM5MlMupNA==

GET
H2 200 twitter-gray.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 749 B
626 B 26ms
23ms Image
image/svg+xml 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/twitter-gray.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f9db6465a204cc4186368b72a0ba4f063e64569aa4fc96e0f40c7ac69423121b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 02:23:43 GMT
x-cdn: Imperva
etag: W/"5c103d0cd978b3a8d7ccab6bff714599"
content-type: image/svg+xml
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 587) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=763160, public
content-length: 438
expires: Fri, 17 Jun 2022 05:53:10 GMT

GET
H2 200 facebook-gray.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 372 B
453 B 27ms
24ms Image
image/svg+xml 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/facebook-gray.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d82231820461c83d1b0966caae71bd2732bd89e9a910fdb90d193c3dca16dbc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 02:23:43 GMT
x-cdn: Imperva
etag: W/"8c22d0d78005c386bf29edacfdd2360d"
content-type: image/svg+xml
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 588) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=763159, public
content-length: 299
expires: Fri, 17 Jun 2022 05:53:09 GMT

GET
H2 200 linkedin-gray.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 742 B
766 B 29ms
26ms Image
image/svg+xml 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/linkedin-gray.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 12127e3110351f54262db955bafe353593dd58c89c7f6b6fc159c10515e93c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 01:13:30 GMT
x-cdn: Imperva
etag: W/"446340b1a8e73ee28b1a47837a13fdf3"
content-type: image/svg+xml
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 590) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=763159, public
content-length: 630
expires: Fri, 17 Jun 2022 05:53:09 GMT

GET
H2 200 Apple-profile-400x400_.jpg
www.cybereason.com/hubfs/Cybereason%20Logos/ 27 KB
27 KB 31ms
29ms Image
image/jpeg 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Cybereason%20Logos/Apple-profile-400x400_.jpg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 92cf1a22d54d30668279a73c1cdc940b6cee41af209a1469beb3fe8215104bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Mon, 07 Mar 2022 21:49:37 GMT
x-cdn: Imperva
etag: "a9fa69d91bd2826f20530208301dce87"
content-type: image/jpeg
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 592) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1147473, public
content-length: 27797
expires: Tue, 21 Jun 2022 16:38:23 GMT

GET
H2 200 icon-social-gray-linkedin.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 228 B
402 B 35ms
33ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/icon-social-gray-linkedin.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3a45ea5b3d2f06d7dc15fbbd31895b161abb6c6803eecefb7916d109ede06cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Tue, 06 Apr 2021 20:18:21 GMT
x-cdn: Imperva
etag: "5b58aca254cf940946a8b643ac56bc3b"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 596) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1015133, public
content-length: 228
expires: Mon, 20 Jun 2022 03:52:43 GMT

GET
H2 200 icon-social-gray-twitter.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 749 B
619 B 37ms
35ms Image
image/svg+xml 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/icon-social-gray-twitter.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f9db6465a204cc4186368b72a0ba4f063e64569aa4fc96e0f40c7ac69423121b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 18:50:54 GMT
x-cdn: Imperva
etag: W/"5c103d0cd978b3a8d7ccab6bff714599"
content-type: image/svg+xml
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 599) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=776504, public
content-length: 438
expires: Fri, 17 Jun 2022 09:35:34 GMT

GET
H2 200 blog-post-text%20%2867%29.png
www.cybereason.com/hubfs/ 488 KB
489 KB 38ms
36ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/blog-post-text%20%2867%29.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3db2b0fd0b52252f59fca3ea611988258ac4ad0c8aa2dfda8ad90081c659496c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Fri, 01 Apr 2022 20:18:53 GMT
x-cdn: Imperva
etag: "94b26763bc35d66268dd6efb591cf139"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 600) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1149336, public
content-length: 500015
expires: Tue, 21 Jun 2022 17:09:26 GMT

GET
H2 200 blog-post-text%20%28102%29.png
www.cybereason.com/hubfs/ 504 KB
505 KB 47ms
45ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/blog-post-text%20%28102%29.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ce0e4023a88f7e16aadc962374286b414b00cad60d2d90878f631c6f37933a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Thu, 12 May 2022 17:04:12 GMT
x-cdn: Imperva
etag: "49a01411fecaaefad7a055a6bfbeb673"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 602) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1322015, public
content-length: 516163
expires: Thu, 23 Jun 2022 17:07:25 GMT

GET
H2 200 lior-blog-post-May-23-2022-12-08-48-13-PM.png
www.cybereason.com/hubfs/ 247 KB
248 KB 54ms
53ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/lior-blog-post-May-23-2022-12-08-48-13-PM.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 89f2c0c3f337120cffabbad513474acd34ce323fce4613619a9677a09730784b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Mon, 23 May 2022 12:08:49 GMT
x-cdn: Imperva
etag: "d8a386be5b89dc2806781a994ab04371"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 605) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=440099, public
content-length: 253183
expires: Mon, 13 Jun 2022 12:08:49 GMT

GET
H2 200 cr-logo-inline--primary-white.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 5 KB
5 KB 64ms
62ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-white.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8f657cd3617d00d51bbc4dee693b71bde939c80310034a8d82641804d4eb7e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Fri, 03 Dec 2021 18:09:12 GMT
x-cdn: Imperva
etag: "9fa007f86be3dd9a921a2d00bf86f36e"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 607) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1010722, public
content-length: 4953
expires: Mon, 20 Jun 2022 02:39:12 GMT

GET
H2 200 animatedModal.min.js Show response
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42507089303/1644440411417/__CR_Web_Platform/JS/animatedModal/ 2 KB
1 KB 28ms
28ms Script
application/javascript 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42507089303/1644440411417/__CR_Web_Platform/JS/animatedModal/animatedModal.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f94c946a13b9ebe43281550b7d0c00edf4694ad06bcb4c8679bee6d48df5115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1644440411792
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173837
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiBFxhZmDtizzpxMzdksRhOVeItBhwahb%2FRXN3UaAAmbieAqOT5oBYaNtkqdmbj6iLQTH6DTMaj8jkC%2FSE0euzkX1OrxnfmRI4QZx04xMQReeKM4MeR5VFdwT0BoSUbo4p%2BX1mqaAjeVMZ5Jdtc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Wed, 09 Feb 2022 21:00:12 GMT
server: cloudflare
etag: W/"690ad93d1d2a9fc11f9df295692413fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be249fdecc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.js Show response
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41681847227/1644941386128/ 374 B
573 B 39ms
39ms Script
application/javascript 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41681847227/1644941386128/module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119bf322a2ce6d2a82422b51404bc54b375c881f12a120205598d1691fa48820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1644941386128
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173837
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkFqQCvn%2BgKWY1HawhRWuOVIqy%2Be9AbwY76sALS%2FKRGHj9LBcIamYjWxgiikw4iRjVPUdOJ52UMird3%2BAmWXwPxlYmYKBbIOLxaeQxYSrABDIZUvtMfQK1mEjMo6N9MqlSgUi3NI2zOXALXoj9w%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 15 Feb 2022 16:09:47 GMT
server: cloudflare
etag: W/"1d7f81aaf24568ea5d90a82b829960fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be24c803cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.js Show response
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41682410610/1644941443113/ 305 B
863 B 36ms
36ms Script
application/javascript 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41682410610/1644941443113/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ba9d76c09ad6dd52135d52c368f6d87ac40b5b4ce418e41a105fb221c7e470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1644941443113
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173837
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8row3QOcSN1p%2BLS4fz8i%2BDkcynYjDGL87Fr54cJRn0%2F9EHpj0BCFF1z3NadCZjngCQskFIM9yv8SKyguuJNXwk2Js1YxCeCw70G7CEAgLSCILZfnditCJJb335brwVksQV%2BspE0ulM0lOU3Fp4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Tue, 15 Feb 2022 16:10:44 GMT
server: cloudflare
etag: W/"86f1ecf1077302d6bd359676a0142438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be24e829cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 module_43300360745_CR_-_Malicious_Life_Network_--_Related_Posts.min.js Show response
cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/43300360745/1649424828285/ 401 B
654 B 28ms
28ms Script
application/javascript 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/43300360745/1649424828285/module_43300360745_CR_-_Malicious_Life_Network_--_Related_Posts.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9ce59aa6f3f2c6d0be658bec3e8515959f544fed27adc4506480cb9ead5157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1649424828285
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173837
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cM%2BaNieVnvzkG0a%2BcWAoYpKnk858W9POb2YVLzqKeCQut6IWnzTfXiYw9ucYxRc7CXxm26BBf1B9%2BJ%2BTev2RLflH3IDEW3W3%2BD3qprGZc2ADqODvN4Faz7pRp7cQ8F%2FjG%2F%2Bc2Ro1O%2BKxK%2FEN%2BE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
last-modified: Fri, 08 Apr 2022 13:33:49 GMT
server: cloudflare
etag: W/"c559951fe9a2b257ae98f9aeb1c4d6a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be2588fbcc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 3354902.js Show response
www.cybereason.com/hs/scriptloader/ 1 KB
708 B 232ms
231ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: eed566ecc6708178d1d1af4a3b1a13fe926c717f81e21609dfa520fa83a73af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 09:50:56 GMT
x-cdn: Imperva
etag: "f08b8460"
content-type: application/javascript;charset=utf-8
x-iinfo: 10-8420878-8409091 3CNN RT(1654682029758 611) q(0 0 0 -1) r(0 2)
cache-control: max-age=14, public
content-length: 512
expires: Wed, 08 Jun 2022 09:54:04 GMT

GET
H2 200 _Incapsula_Resource Show response
www.cybereason.com/ 147 KB
21 KB 76ms
75ms Script
application/javascript 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1114241328
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c45ec140843e9eb2fde6f1c87877b4893ffefba0a1e13c00c0abe6d07f171128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21115
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 404 KB
87 KB 75ms
52ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

667fc29c529238b24d67890aed5daf31a27b46775d9c5214ceb1adf24a5b93aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88749
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Jun 2022 09:53:51 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
4 KB 19ms
18ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5296540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBqyx6ELcAUtWbwpO%2BeqkjcmWFGgPxF5xV1q%2FYBDHGFvhlwvpL4IPf%2FxZIKf3SuqyZvicn0wr1h2zqdfGlMyK2CKUJBzlEuoEmn4Gi%2BDBsmcS1mjHAQvjtWk2gavysKDEHBePKY7TsFjx55QqvEnLMD3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7180be251b2901db-ZRH
expires: Mon, 29 May 2023 09:53:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 64ms
24ms Stylesheet
text/css 2a00:1450:4005:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbd7f1d813cc432777765f0866d0e138226bee883d39f872182999519463c680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:39:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 09:53:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 09:53:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
990 B 67ms
27ms Stylesheet
text/css 2a00:1450:4005:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

327bff03815a03aa28f368d2736190b3a501918044016aade71ab4163d2c3350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 09:53:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 09:53:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 09:53:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 69ms
29ms Stylesheet
text/css 2a00:1450:4005:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdb0cc0715f6956f1d044503fa5793eec23a76b79c2d74fbff3be44315f137a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 09:53:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 09:53:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 09:53:50 GMT

GET
H2 200 ionicons.min.css
cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ 50 KB
8 KB 32ms
31ms Other
text/css 2606:4700::6811:f3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ionicons.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d99ad8103f148a1cf63a25d1369e0bd7d220f97ca36ac12cf8a8c7b2060fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1642096258332
date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1400249
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9hZLVBYmDexkVd4wt2U74bH1wryzGbX06IaQLGpsqkG3Ghkm2JAETueNgQ9KzWq%2FxvBDx72WJbqaHiJr7XZatmXb3NseeDMCfk5eyhYujuCCt7by3nixG%2FE%2BU5U2CF9X1Z0qzPJ4qzTVfI8xAc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
last-modified: Thu, 13 Jan 2022 17:50:59 GMT
server: cloudflare
etag: W/"71c8c946791f3411c42a4cb1e9cdb5ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 7180be259913cc4e-ZRH
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-blog-hero-owl-transparent.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 670 KB
670 KB 69ms
69ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-blog-hero-owl-transparent.png
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/module_assets/41682410610/1644941443237/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 266d85b7ad351501b8651b0e659d6d74fbe07085d3226cd3f7601f6522fbdf97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Fri, 19 Feb 2021 04:27:31 GMT
x-cdn: Imperva
etag: "cd208635457bf65f33aa7c8849efcf21"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 620) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1040464, public
content-length: 685987
expires: Mon, 20 Jun 2022 10:54:54 GMT

GET
H2 200 ionicons.ttf
www.cybereason.com/hubfs/__dam/fonts/ 184 KB
108 KB 78ms
78ms Font
font/ttf 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/__dam/fonts/ionicons.ttf
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/35275979682/1642096258129/__CR_Web_Platform/CSS/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://cdn2.hubspot.net/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 09:38:00 GMT
x-cdn: Imperva
etag: W/"24712f6c47821394fba7942fbb52c3b2"
content-type: font/ttf
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 624) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=763125, public
content-length: 109926
expires: Fri, 17 Jun 2022 05:52:35 GMT

GET
H2 200 cr-ml-sidebar-subscribe-bg.jpg
www.cybereason.com/hubfs/dam/images/images-web/backgrounds/ 34 KB
34 KB 79ms
79ms Image
image/jpeg 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/backgrounds/cr-ml-sidebar-subscribe-bg.jpg
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42760289143/1654107482327/__CR_Web_Platform/CSS/cr-mln__build.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9967a27efc89a8cefe9665100ec51cded3a8c89f95cdca1285bfce207666cd11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Thu, 31 Mar 2022 18:30:54 GMT
x-cdn: Imperva
etag: "c2444af5dedceb18b268a01a640beb72"
content-type: image/jpeg
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 631) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1015133, public
content-length: 34358
expires: Mon, 20 Jun 2022 03:52:43 GMT

GET
H2 200 cr-mln-network__footer-subscribe-bg.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 38 KB
38 KB 79ms
79ms Image
image/png 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-mln-network__footer-subscribe-bg.png
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/42760289143/1654107482327/__CR_Web_Platform/CSS/cr-mln__build.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 38b5fa249791d286db654d516dfb6173cc332a8d725c41b58d08c642b26bc641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.hubspot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Wed, 10 Mar 2021 19:10:18 GMT
x-cdn: Imperva
etag: "c28026bc6a6d55f395e2227b7b19c8c9"
content-type: image/png
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 632) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1040449, public
content-length: 38595
expires: Mon, 20 Jun 2022 10:54:39 GMT

GET
H2 200 Criteria-CF-Bold.woff2
www.cybereason.com/hubfs/dam/fonts/criteria/ 14 KB
14 KB 78ms
78ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Bold.woff2
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 17a31aae550a664382ab9d8085efc03a10a4548985f33ac4e5a533d5ab5e9339

Request headers

Referer: https://cdn2.hubspot.net/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Thu, 13 Jan 2022 17:33:57 GMT
x-cdn: Imperva
etag: "ba487b98622054117d0be2f92f3f45b2"
content-type: application/font-woff2
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 633) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=761619, public
content-length: 14332
expires: Fri, 17 Jun 2022 05:27:29 GMT

GET
H2 200 FlamCondBook.woff2
www.cybereason.com/hubfs/dam/fonts/flama/ 14 KB
14 KB 79ms
79ms Font
application/font-woff2 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/flama/FlamCondBook.woff2
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/3354902/hub_generated/template_assets/34470477360/1654619503566/__CR_Web_Platform/CSS/cr-master__main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2ca281bdcd543e2e3559e6505c323c8d64df73f2a594a043780df3007e16d161

Request headers

Referer: https://cdn2.hubspot.net/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:50 GMT
last-modified: Fri, 10 Dec 2021 14:25:11 GMT
x-cdn: Imperva
etag: "9b97cc4b573f2e8b6ead12339a15b141"
content-type: application/font-woff2
x-iinfo: 10-8420878-0 0CNN RT(1654682029758 634) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=763125, public
content-length: 14544
expires: Fri, 17 Jun 2022 05:52:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 123702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 23:32:09 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ 47 KB
47 KB 43ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 10:55:16 GMT
x-content-type-options: nosniff
age: 169115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47924
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 10:55:16 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 22:12:36 GMT
x-content-type-options: nosniff
age: 42075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 22:12:36 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 40ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 22:57:24 GMT
x-content-type-options: nosniff
age: 39387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 22:57:24 GMT

GET
H2 200 Cap.png
3354902.fs1.hubspotusercontent-na1.net/hub/3354902/hubfs/ 108 KB
108 KB 127ms
127ms Image
image/png 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3354902.fs1.hubspotusercontent-na1.net/hub/3354902/hubfs/Cap.png?width=307&name=Cap.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d73ee5231558c291a9caaa166ff86c86afb3bf799f5a9f7d525dbc9af106eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 10229
x-amz-server-side-encryption: AES256
edge-cache-tag: F-75096022384,P-3354902,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 110314
last-modified: Wed, 01 Jun 2022 15:40:57 GMT
server: cloudflare
etag: "bfbbe5a52f3de02bdbb8110a11e05269"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 7180be25ee5801eb-ZRH
x-amz-cf-id: uK0Fm8UaPHIEgi5uOtrSTAsmuC3Psc544n9_jthjFZdfllO7pLUw6A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a8d1303c55f6e52d7e2e0aca925b3ca4a5522564858c8db758ae1fbaccaf683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VOIR90HzgyrciwIPOMx2hA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 1EhYUDGSDamKrIyj/qim5CE/rMvyMycXgVHtVnrdW30mc/zgYWJXsyR0cWrrn28WDwArdklxhst2Vj0XZpARbA==
x-fb-trip-id: 686109401
x-fb-content-md5: 990e67c1f8950f9b93a86ee4f4f668ed
x-frame-options: DENY
date: Wed, 08 Jun 2022 09:53:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "823a35c5e2de5887927a56706d9a0f60"
timing-allow-origin: *
expires: Wed, 08 Jun 2022 10:03:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 70ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7F) /
Resource Hash: dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Content-Encoding: gzip
Age: 1424
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29459
x-tw-cdn: VZ
Last-Modified: Thu, 02 Jun 2022 18:12:37 GMT
Server: ECS (amb/6B7F)
Etag: "5d21dece96ce474f5f1ac122cbdef6eb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
758 B 195ms
153ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3354902&callback=jsonpHandler

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.128/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: fb913a5e-2fe0-41ff-bd5f-bdea1675679e
x-trace: 2B95A22109057C341B754A1CEBDF13F034BC15C54A000000000000000000
date: Wed, 08 Jun 2022 09:53:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=7180be265c1c0229&resource=unknown"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 7180be265c1c0229-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/343335/00000000000000003b9b0ad0/27/ 16 KB
16 KB 52ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343335/00000000000000003b9b0ad0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 599dd661a1d9e0af96d614fab0ea7396bf06de4265029166a265c2b10cc1a1b0

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "eedb93b5a9ba82f97df21a2548066c304a8baad8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16112

GET
H2 200 l
use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/ 16 KB
16 KB 53ms
14ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f3f2822ba3d24c1f7f53bff8959801c644b2c1c556eb8c15ca36a86717f1ae7d

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "2d91046573f0e4458e7737f18f00bb9c13388e11"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16256

GET
H2 200 l
use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/ 15 KB
15 KB 77ms
38ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f64368e7be69abe40585911860d83acfa8b14179d3008b2594166ae4c10ec0fd

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "865da7d2ecc4da3cb6bd5574f01738cfc5c8bb11"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15452

GET
H2 200 l
use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/ 16 KB
16 KB 75ms
36ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 72493a3f42ed0260f03b6ffd3ea131be38a1070845bfae24927f643a3fcf3255

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "8c3ee2b4e977df4e0f73e1b985c24fba9611fc49"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16660

GET
H2 200 l
use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/ 17 KB
17 KB 53ms
15ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c8d63abd4075c4ebd692fbd02e35fb72950f214a6486607c1819d4279ad526f

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "7b5be73a29b093f7ae3c099f5a521c9274f6db28"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17152

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 62ms
24ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dd8ce52adc4b0ab60f82c29ba12f25e2f6446245fc8c0b5f4bd6dab3146f9ef7

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16464

GET
H2 200 l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ 23 KB
23 KB 66ms
28ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfbead/0000000000000000000146b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "122498e3424e674610da39fb441d661549879239"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23244

GET
H2 200 l
use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/ 15 KB
15 KB 64ms
27ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0b454edb897d49bf8a73b07627b670a55f0972988094770495a308e5a5e39d1b

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
server: nginx
etag: "13c2813ff67959226aaa4eccfcdd1399bd756b8d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15336

GET
H2 200 _Incapsula_Resource
www.cybereason.com/ 1 B
35 B 18ms
17ms Image
text/plain 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8861011741280373
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 70ms
13ms Image
image/gif 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=vyv2ljd&ht=tk&h=www.cybereason.com&f=32224.32226.32227.32228.32230.32231.10875.32265&a=657783&js=1.21.0&app=typekit&e=js&_=1654682031195
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 38ms
24ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5b7914f92dd9c77baec4404d16a0b58278fae7accf416127a819e981d9e6760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70539
x-xss-protection: 0
expires: Wed, 08 Jun 2022 09:53:51 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 71ms
22ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:53:51 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 51ms
13ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=62415
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 51 KB
15 KB 54ms
12ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
last-modified: Fri, 27 May 2022 19:44:22 GMT
etag: "37e15fed72b47b0100cbd5c7aaa9d3a0+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 14634
x-served-by: cache-iad-kiad7000037-IAD, cache-muc13975-MUC

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 60ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DD1F9F1FC9C43A58B0E698F0D42BD32 Ref B: FRAEDGE1419 Ref C: 2022-06-08T09:53:51Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 08 Jun 2022 09:53:50 GMT
accept-ranges: bytes
content-length: 11333

GET
H3

200

activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ran... Show response
10272547.fls.doubleclick.net/ Frame E179
Redirect Chain

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-...
https://10272547.fls.doubleclick.net/activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fw...

783 B
617 B

31ms
17ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10272547.fls.doubleclick.net/activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

40e8d65119746071200412ecf015650420a49b24ce8e70e230e5fddb8b8cabc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10272547.fls.doubleclick.net/activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-704918.js Show response
static.hotjar.com/c/ 4 KB
2 KB 29ms
6ms Script
application/javascript 108.138.7.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-704918.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-27.fra56.r.cloudfront.net

Software

Resource Hash

67304a4844f34ebf2c2ab371244540a16840967f6960401f428f81fa99002508

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 42
etag: W/c29fac35c8638421f40c068f14dd128f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: 1z7v434nrBKsLyB9bXAoBo8SN4PEyHOZ6SFmvfcTpxmMV-UgnEo-mg==
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 24 KB
7 KB 73ms
15ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 18 Apr 2022 22:30:59 GMT
server: snooserv
etag: "5dcf2f59e7a6e0d30193fedad78db790"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7461

GET
H3

200

activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ranso... Show response
10428681.fls.doubleclick.net/ Frame 4634
Redirect Chain

https://10428681.fls.doubleclick.net/activityi;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ra...
https://10428681.fls.doubleclick.net/activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww...

781 B
610 B

19ms
19ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10428681.fls.doubleclick.net/activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

13e2a5a8ee95f08416f5a6912e9a421718cac05f05fbc16e28f349b8c0c7f1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 585
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10428681.fls.doubleclick.net/activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: Nh/JmbKzYMwdMzjg82MgX14TJ6PSK29myYk8/bjPbr1S89LvBLXgYXO1MiIciuBfx18JRDKejAVJW4E9qfbjaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Jun 2022 09:53:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1cwYCUDAYD26hHzYzki9 Show response
ws.zoominfo.com/pixel/ 2 KB
1 KB 188ms
159ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/1cwYCUDAYD26hHzYzki9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2a5d6f871f9fabe69b64bceff2b790c267bba22dbc20c4253eae35251d002fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7180be278f062397-ZRH
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H2 200 3354902.js Show response
js.hs-scripts.com/ 1 KB
964 B 205ms
162ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3354902.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88203821dc4d76384c4906959385931277e18718ad49e1199cd42986043d9415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 29d80b64-e5c0-45a4-98b9-cda370ae9ee4
last-modified: Wed, 08 Jun 2022 09:48:26 GMT
server: cloudflare
x-trace: 2BAB4EACE844C05CEA70678C898D6E3955799528E8000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7180be2799f801fc-ZRH
expires: Wed, 08 Jun 2022 09:54:51 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 111ms
54ms Script
text/javascript 2606:4700:4400::6812:2a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 240
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Wed, 08 Jun 2022 09:59:50 GMT
cache-control: max-age=1200
cf-ray: 7180be27ae430229-ZRH
cf-bgj: minify

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 45ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:15:41 GMT
content-encoding: gzip
age: 2290
x-guploader-uploadid: ADPycdv_0oaK03d2fNlO6PbhFd5oHBf6IY4bS7lgqerLACZlX9htQQjPLk1UvgRo7OqMoYvlmG8oMbbhDJSd1ZDnZeTHJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 08 Jun 2022 10:15:41 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 91ms
6ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 61286
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 88743c01ce36d16db226b8639edf0d99

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 329ms
98ms Script
text/javascript 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506452&mt_adid=241675&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master iad-pixel-x30 config:1.0.0 /
Resource Hash: 7e630cbe5f6138331df37c8fa469abe8d70a9164185d57bea60b8550743a495b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Server: MT3 4419 e1034d5 master iad-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Wed, 08 Jun 2022 09:53:50 GMT

GET
H2 200 zdcd6x8yhg85.js Show response
js.driftt.com/include/1654682100000/ 232 KB
66 KB 188ms
126ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1654682100000/zdcd6x8yhg85.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

16671e7758a3a7e476ac182e51962a2aebabc2f1935305aaf615f17ab060560b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 17:25:31 GMT
server: nginx
etag: W/"b9ca5ce67de123d2ed6f5dcd22cf4c3c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AUrVZYpvVBKAjSEqVbpk.o3JEg2c_Yov
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SXiGlhWZb4Xzd_aQh7wf9kQej2V0l1h95l3eHMf_g92lxOgKMVNY_g==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 596 KB
110 KB 63ms
16ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee68d3fe6e95c3ca3adb8de966913bf8bd389898f22b89eb333cb6cdedb2922f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
vary: Accept-Encoding
age: 2510
x-cache: HIT, HIT
content-length: 112525
x-served-by: cache-iad-kiad7000071-IAD, cache-mxp6983-MXP
access-control-allow-origin: *
x-browser-version: 102
last-modified: Tue, 07 Jun 2022 18:46:24 GMT
x-timer: S1654682031.339020,VS0,VE0
etag: "629f9d00-1b78d"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 190

GET
H2 403 lt-v2.min.js
lltrck.com/ 0
0 303ms
98ms Script
text/html 23.20.88.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/lt-v2.min.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.88.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-88-204.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 6e1424cff90e9cd4.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 77ms
12ms Script
application/javascript 108.157.4.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/6e1424cff90e9cd4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-87.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d279982ef90edd594effd108c4e40326550e04992973d3b529504b70ce163219

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 2PXYmVCDou2wZ_QlW8Kfmtc8oBtjc4ln
content-encoding: gzip
etag: W/"d54f5faec95283d00dc24a7086ee2dc3"
age: 1636
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 17:06:13 GMT
server: AmazonS3
date: Wed, 08 Jun 2022 09:41:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 1x7FgZdXYUkWFCh-v2aeMe9RhzNebHRBP5cEZPPwT_8ltvVvZdr9JQ==

GET
H2 200 airpr.js Show response
px.airpr.com/ 7 KB
2 KB 38ms
6ms Script
application/javascript 108.138.7.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.airpr.com/airpr.js
Requested by: Host: cpjwr04.na1.hubspotlinks.com
URL: https://cpjwr04.na1.hubspotlinks.com/Ctc/LV+113/cpjwR04/VWGxQy3DYfLBW4D_Mzp6Nh0QMW6YVQGc4L0HTYN4qMxLZ3q90_V1-WJV7CgWnwW7jj9078Ht66SW495LNr72hNP2W3lBVVN7GLzLvVTjh2P4jlcQwW75sBD_6GYSVnW7rzZ_T5kCJ2KW2chSCm7CR-KPW7mWY5z66Kf70W3J1d5m6412qHW4wBG151Csjg-W3M8Fzl62pgzmW2NZfdz3GXhzHW4Wk7L46mKvv8W1BqXSz938X_dW3kW2Bw13KCRSW2z5X_G88DYr5W29gRfb4XS9_rN2KGZphfryN8W7vY_F579f3RxW5S78NB5lfrrgW5k9btw7mH0PRW6WFskQ90V99sW3FFS5X42NlbgN8PBX5f7nC--W574C7l2_srtdVWft786ZSsGYW8sGtBG1QZVSdW5RLSf-2RJyZBW3JFXYQ3Jkmg_W3tqYqT4Z5TsP3k7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-19.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:55:53 GMT
content-encoding: gzip
last-modified: Sat, 21 Apr 2018 18:03:55 GMT
server: nginx
age: 7078
etag: "5adb7d0b-853"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA56-P6
content-length: 2131
x-amz-cf-id: UYEc61cMW-yT7E7G7om39hQX0bKCg3aUgnZgUOe6m505iHHEQ3sMhw==
expires: Wed, 08 Jun 2022 20:13:38 GMT

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dcybereason.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=cybereason.com&pId=6301533842501427413

0
241 B

194ms
170ms

Image
application/json

2600:9000:2490:6a00:12:3734:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=cybereason.com&pId=6301533842501427413
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Server: 2600:9000:2490:6a00:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
apigw-requestid: TZazgi0-IAMESZA=
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json
content-length: 0
x-amz-cf-id: DgA9LJKL0uiLTH4tutOPD3wFRYNObamg121gt9PlFQ6HjIlpt9jbMw==

Redirect headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 09:53:51 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9f61559c-bca6-4537-ba7f-7ebd344d8626
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=cybereason.com&pId=6301533842501427413
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 298 KB
84 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=0e33dd73e6fd645c3b0b81b93e8a1fba

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a516ad71751bc94bdba5137e19bd99fd9aeae8406e2bcf1c209267ccb1d5c8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Y8eIoIXsJjl3o+uSUYW8IA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86082
x-fb-rlafr: 0
x-fb-debug: /EsA42wUy/SiEpJ3DVGxhjG57EB43GXMSYIiiiwEXhKRV/LVsTbQvRe+AxZjAJvbxpHuP+XOMjjPpG/9Wg+Mmg==
x-fb-content-md5: 7999e9bdde1562cd72af523f36319808
x-frame-options: DENY
date: Wed, 08 Jun 2022 09:53:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8e3d08c9a84adeaf53de3818cbcb3222"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 08 Jun 2023 07:25:09 GMT

GET
H/1.1 200
OK widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html Show response
platform.twitter.com/widgets/ Frame F7B0 319 KB
104 KB 13ms
12ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.cybereason.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B82) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 145526
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 08 Jun 2022 09:53:51 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Jun 2022 18:01:40 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B82)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 547 KB
88 KB 87ms
50ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ddf3bce83b11af6e050f824bb5e154741057fecd0d79b9e26a262755ad58be2

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Origin: https://www.cybereason.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 349b149961d8d2361c29d4be4b5847f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 78122
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1091/bundle/main/lead-flows-release.js&cfRay=71794ae1adf223f7-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 7180be283f130211-ZRH
last-modified: Thu, 02 Jun 2022 09:22:51 UTC
server: cloudflare
etag: W/"d0e7428efcc3691296896936278c2a97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: Trl1mZOSoldPXKe79dlBjPknEVROE7M_
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: -wCiMxVgzd0wXSsqgS1mMYPOcLZK_y8Zk0rlKaA3wR_UVzOs3SB5IA==
x-hs-target-asset: lead-flows-js/static-1.1091/bundle/main/lead-flows-release.js

GET
H2 200 3354902.js Show response
js.hs-analytics.net/analytics/1654681800000/ 63 KB
20 KB 235ms
208ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1654681800000/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dedfa3bec8945460a650762fced4491c16b71bea466a644880e5050868faa51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: MGJXJAXK3YMC3E6Q
x-amz-server-side-encryption: AES256
cf-ray: 7180be28382e2397-ZRH
x-amz-id-2: 4mOS692yB4vBcXgCneERgNo46AZLuhx5FXuVGa5OdZBUMHO49CiG3/GGKOauTF6s7AZiSxBHT2Q=
last-modified: Sun, 05 Jun 2022 00:35:41 GMT
server: cloudflare
etag: W/"ae5e39e4d246730134e78f15b3afdec2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 08 Jun 2022 09:58:51 GMT

GET
H2 200 3354902.js Show response
js.hs-banner.com/ 60 KB
16 KB 176ms
145ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc208cfe441aa1f4eae4d081b8e1ab25087958ee2143f09d8fc57dd128e0178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 2ZKJQEDY4V6ANKC6
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: H0PCpgMSBsB49+FwYDR0CnZFK6XBA8QR5Kf7ehRwLLp5PvNUCTpMwO00+ZYYGzTxfybSPCmytDE=
timing-allow-origin: *
last-modified: Fri, 27 May 2022 23:22:12 GMT
server: cloudflare
etag: W/"1a899aff8fe35f15ccf8533946fc5966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: DgOtbUz9IhMoA48v8SFH4Kcmio5tsV_z
access-control-allow-origin: https://www.cybereason.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 7180be285ca70215-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 08 Jun 2022 09:58:51 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2A...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D72596%26time%3D1654682031295%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2A...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2...

0
265 B

200ms
142ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_campaign%3DRansomware%26utm_content%3D215671684%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D215671686&liSync=true&e_ipv6=AQLEV_gNGeiFawAAAYFCvBaFqJQZhvpNe04Ks0rNMsdq2dvyPt5XOygpEpqltnWS3cGvCs5pFYHp2UP4kOkyRuNgVqo_
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 37585FE9E8F84F308258974AFEE558A6 Ref B: VIEEDGE2805 Ref C: 2022-06-08T09:53:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXg7K66hQ9kiVTfA95mAA==
x-li-fabric: prod-lva1

Redirect headers

date: Wed, 08 Jun 2022 09:53:51 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BC7AD76D50724415A51C10A231B56EF7 Ref B: FRAEDGE1313 Ref C: 2022-06-08T09:53:51Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1654682031295&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3F_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_campaign%3DRansomware%26utm_content%3D215671684%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D215671686&liSync=true&e_ipv6=AQLEV_gNGeiFawAAAYFCvBaFqJQZhvpNe04Ks0rNMsdq2dvyPt5XOygpEpqltnWS3cGvCs5pFYHp2UP4kOkyRuNgVqo_
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXg7K63szZEtlPA3kfjkQ==

GET
H2 200 modules.e20d55506f3679282458.js Show response
script.hotjar.com/ 243 KB
63 KB 30ms
6ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e20d55506f3679282458.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

5418abfb61c7201ead45d21f215b481b45ee7c13ee78608dbbe1c6244543406b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 167265
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64038
access-control-allow-origin: *
last-modified: Mon, 06 Jun 2022 11:25:40 GMT
etag: "1318b31283773d19556416b861d6cbe8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tZO725SSdnKUC7ZArdqPrf4IKEVAsD9_SfgBhyf-1I8lMGWJpHAquQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
349 B 34ms
13ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SSF38JVRVJ&gtm=2oe660&_p=1054187520&_z=ccd.tdB&gcs=G100&cid=1525061032.1654682031&ul=en-us&sr=1600x1200&_s=1&sid=1654682031&sct=1&seg=0&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&dt=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F7B0 331 B
474 B 146ms
112ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e79824d9e367763e3abfec50ab53b01f2bbdc23c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d7fc2fc075c61f6fa34d79a0cbbf1e34.html?origin=https%3A%2F%2Fwww.cybereason.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

f83df770a7c9763424b29bfe7462c8f8e807d18dc0b4570f4ada501240007fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 09:53:51 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d71a6d3f1d3af27f6a6495c9111383573092cea0e0734c78ae6a20db8373f40c
content-length: 193

GET
H3 200 116645602292181 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/116645602292181?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f02358e1929d9c1155f8b73036785b64ebc5617dff472c0c3209fa584b732ec0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: mPNA/5azjP/sY1DNG0wXsp7zfVjV5aB07QYW28X1opLfEu/sKXgZVzTgrscsvAbrK7JNU0GTsxQnAvltDgrL0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Jun 2022 09:53:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654682031392
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
338 B 141ms
125ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=ny0ol&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=693b9a93-3e92-43e1-aa7b-fb0366bb9ec4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 118
date: Wed, 08 Jun 2022 09:53:51 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 51176554c6f369cac7f252cd16c344e853d4ab18f97d9874a76af928d51a111c
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
353 B 144ms
123ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.14&p_id=Twitter&p_user_id=0&txn_id=ny0ol&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_document_href=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&event_id=693b9a93-3e92-43e1-aa7b-fb0366bb9ec4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-response-time: 116
date: Wed, 08 Jun 2022 09:53:51 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 026bed0a89a9248cae917e997f16d7a11a7cd7dc65122c116713278c59065c76
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/ 3 KB
2 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/?random=1654682031362&cv=9&fst=1654682031362&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a5106684b5b478a9faf0a6f01174969dc6d6f0969faf16c4905a5b286e1ac90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/561371164/ 3 KB
2 KB 80ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/561371164/?random=1654682031363&cv=9&fst=1654682031363&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db286592cb77f411d2fdc7785bf0e30ea3d76bd885559809bd1ce72e0a89c1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/401574070/ 2 KB
1 KB 49ms
32ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/401574070/?random=1654682031364&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&auid=633080062.1654682031&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

af3d1ab880346d3c610d1da935205e7191ea9fc88765e2fdf9fac2215eb6fb86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1437
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame CCDA 2 KB
1 KB 49ms
6ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-84.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 699585
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-id: U5gxNVBUgLr8HHpL1vOfkzwoJE2h1Q_y5taYbncwnPzMQ0hcEhTg5A==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 56273944.js Show response
bat.bing.com/p/action/ 219 B
475 B 238ms
238ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56273944.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

163eb6275eba2b44f68cb1cdf0ef5b0f417ed24aebd866c3cfef1ebf8c6ce683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9FE3E317A1CB458184F50ACA59EE271B Ref B: FRAEDGE1419 Ref C: 2022-06-08T09:53:51Z
date: Wed, 08 Jun 2022 09:53:50 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 300

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56273944&tm=gtm002&Ver=2&mid=286680f7-1ce0-4e36-a4e1-c04b56777093&sid=e67a1320e71011ecba001d1aaa964bcf&vid=e67a48f0e71011ecb1435dc090caeff8&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&p=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&r=&lt=878&evt=pageLoad&msclkid=N&sv=1&rn=662101

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A65660426F9F4E2F84B6D3FFE29D6D17 Ref B: FRAEDGE1419 Ref C: 2022-06-08T09:53:51Z
date: Wed, 08 Jun 2022 09:53:50 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 139ms
105ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1654682031395&id=t2_32cbm2fl&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=22c71160-9b45-4af3-aeb3-ad4069c8c3f4&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-at... Show response
adservice.google.com/ddm/fls/i/ Frame A20E 782 B
1 KB 84ms
48ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Requested by

Host: 10272547.fls.doubleclick.net
URL: https://10272547.fls.doubleclick.net/activityi;dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d23bc334acb1c937af9f4cd9598e68614ffd737d70cb0fd219067e5041aa60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10272547.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 158ms
141ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: bbeea7a4937f7293b29802757a87e6e2
function-execution-id: 17sm6kf4kf6k
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 158ms
122ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cybereason.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 08 Jun 2022 09:53:51 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: b8zkm1lpg92v
server: Google Frontend
x-cloud-trace-context: 9ce5df9316c833f3c6fc1d88e05189f8
x-powered-by: Express

GET
H2 200 dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-atta... Show response
adservice.google.com/ddm/fls/i/ Frame DDAF 780 B
655 B 83ms
48ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Requested by

Host: 10428681.fls.doubleclick.net
URL: https://10428681.fls.doubleclick.net/activityi;dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7d83cdf3ecfb54ec4b6de49f0163c7eae8410138770dea540eed6293b6d00ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10428681.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 585
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
324 B 410ms
99ms Image
image/gif 206.19.49.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16570449&version=2.1.1&ref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&r=1654682031405
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
Server: Apache/2.4.6 (CentOS)
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 43

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAC8sU7FQOMAAHpTLYS-Pg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAC8sU7FQOMAAHpTLYS-Pg&verifyHash=f2120582652b6fd4e3c534aba000bd7df079cf81

26 B
409 B

189ms
188ms

Image
image/gif

52.222.214.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAC8sU7FQOMAAHpTLYS-Pg&verifyHash=f2120582652b6fd4e3c534aba000bd7df079cf81
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: HTTP/1.1
Server: 52.222.214.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-56.fra56.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:52 GMT
Via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: dedfb85356c7bc32
X-Amz-Cf-Id: KjmxcslXu-sQusB1Smm3CNFpiuKXuNtej1V0sYvgEAXbCYXF237U7A==

Redirect headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAC8sU7FQOMAAHpTLYS-Pg&verifyHash=f2120582652b6fd4e3c534aba000bd7df079cf81
Connection: keep-alive
trace-id: 035bbd76fded0fd8
Content-Length: 0
X-Amz-Cf-Id: 86ohN-GypsaG3kLBcCwDjRiAaencwV9nf9XLWyHct-Ju_mq0JOusVQ==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 39ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 452 B
947 B 114ms
71ms XHR
application/json 18.66.97.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&page_title=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&src=tag&auth=MOftAmbp2Aha4tkNEmeyvcipKYfCUyVJMXpCWBMS
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/6e1424cff90e9cd4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-17.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 69560229acb9c6f01744e0172bba17d68642703a1be7312a5f2a137ce4e22faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
request-id: 73561b50-7904-45e1-a773-c0d5f33edbef
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.cybereason.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3yIEVFlbvlkYoAaYWZQumQ8WrCPktvcyd0eFF8efNNvCMZQbGYoA1Q==
expires: Tue, 07 Jun 2022 09:53:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 27ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=116645602292181&ev=PageView&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&rl=&if=false&ts=1654682031420&sw=1600&sh=1200&v=2.9.61&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1654682031419.1853134655&it=1654682031339&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 09:53:51 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/401574070/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.de/pagead/1p-conversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

40ms
23ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&auid=633080062.1654682031&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=r3GgYtTrF-SG9fgProaicA&cid=CAQSKQCNIrLMaw_NX_kbYyKo0lf1qAkypf1r19eMHI00vWKb8FDKmTQxLxkc&eitems=ChAI8JGBlQYQgfGb0qH9zI8_Eh0AHGY_oF3H0Qst_1CnazHd4GNR_biA_EfDkM9MBA&random=1371042519&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/401574070/?random=931758752&cv=9&fst=1654682031364&num=1&value=0&label=6wPaCOv09oACELaRvr8B&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&auid=633080062.1654682031&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=r3GgYtTrF-SG9fgProaicA&cid=CAQSKQCNIrLMaw_NX_kbYyKo0lf1qAkypf1r19eMHI00vWKb8FDKmTQxLxkc&eitems=ChAI8JGBlQYQgfGb0qH9zI8_Eh0AHGY_oF3H0Qst_1CnazHd4GNR_biA_EfDkM9MBA&random=1371042519&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/704918/ 147 B
322 B 113ms
39ms XHR
application/json 54.171.41.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/704918/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e20d55506f3679282458.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.41.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-41-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-at... Show response
adservice.google.de/ddm/fls/i/ Frame 7A35 194 B
870 B 120ms
46ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNXTxPXKnfgCFQ1DHQkdQtwIFg;src=10272547;type=landing;cat=allsite;ord=2386661097908;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Wed, 08 Jun 2022 09:53:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-atta... Show response
adservice.google.de/ddm/fls/i/ Frame 180B 194 B
242 B 122ms
49ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COTgxfXKnfgCFdxEHQkd8WgDcw;src=10428681;type=cyber0;cat=cyber0;ord=6971331530500;gtm=2wg660;auiddc=633080062.1654682031;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Wed, 08 Jun 2022 09:53:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/934771702/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934771702/?random=1654682031362&cv=9&fst=1654678800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&async=1&fmt=3&is_vtc=1&random=2005792095&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/934771702/ 42 B
548 B 42ms
19ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934771702/?random=1654682031362&cv=9&fst=1654678800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&async=1&fmt=3&is_vtc=1&random=2005792095&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/561371164/ 42 B
108 B 36ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/561371164/?random=1654682031363&cv=9&fst=1654678800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&async=1&fmt=3&is_vtc=1&random=3009013233&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/561371164/ 42 B
108 B 25ms
25ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/561371164/?random=1654682031363&cv=9&fst=1654678800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&tiba=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&async=1&fmt=3&is_vtc=1&random=3009013233&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame C94E 631 B
994 B 116ms
116ms Document
text/html 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1efd62a0-71af-4800-9f4c-14cc1c50584b&no_iframe=1&mt_adid=241675&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506452&mt_adid=241675&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master ord-pixel-x55 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 631
Content-Type: text/html
Date: Wed, 08 Jun 2022 09:53:51 GMT
Expires: Wed, 08 Jun 2022 09:53:50 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4419 e1034d5 master ord-pixel-x55 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 117ms
104ms Image
image/gif 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master iad-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Server: MT3 4419 e1034d5 master iad-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Jun 2022 09:53:50 GMT

GET
H2 200 56273944 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 182ms
123ms Script
application/x-javascript 2620:1ec:27::cafe:1375
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56273944
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56273944.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1375 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 95383bd175f0d37a2a4ec3e1c61d79b406ef96060c42ea38af21510cacb7e7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:51 GMT
x-powered-by: ASP.NET
x-azure-ref: 0r3GgYgAAAAAjNkxljt2JQ5PBGR7wPdLBVklFRURHRTA3MTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame C94E 43 B
524 B 100ms
100ms Image
image/gif 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1efd62a0-71af-4800-9f4c-14cc1c50584b&no_iframe=1&mt_adid=241675&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 4419 e1034d5 master iad-pixel-x3 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=1efd62a0-71af-4800-9f4c-14cc1c50584b&no_iframe=1&mt_adid=241675&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 09:53:51 GMT
Server: MT3 4419 e1034d5 master iad-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Jun 2022 09:53:50 GMT

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.34/ 53 KB
23 KB 751ms
321ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56273944
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:52 GMT
content-encoding: br
etag: "1d8778699f9e854"
last-modified: Fri, 03 Jun 2022 20:15:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5683
date: Wed, 08 Jun 2022 08:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Jun 2022 10:19:08 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4AF6 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.cybereason.com
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.cybereason.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 09:53:51 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame F008 0
0 76ms
23ms Document
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Wed, 08 Jun 2022 09:53:51 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 6f002ab8596ff067
pixel.sitescout.com/up/ 43 B
267 B 463ms
409ms Image
image/gif 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/6f002ab8596ff067?cntr_url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:51 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1054187520&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=test&ea=engagement&el=quality%20traffic&_u=aBgAAAAB~&cid=1525061032.1654682031&tid=UA-56367941-1&_gid=251275814.1654682032&gtm=2wg660TJVVB7C&gcs=G100&z=1177980865

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 12:06:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78441
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 63CE 2 KB
1 KB 21ms
21ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1654682100000/zdcd6x8yhg85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5082f78080310ecf28702d75d2985fc757e0c15a4c030331706ea36f7c5e25d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 08 Jun 2022 09:53:52 GMT
etag: W/"ce23d5084fdb31563b615b51495ac53e"
last-modified: Tue, 07 Jun 2022 17:24:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: cM-81x6fzkZoDKo6aGJR4XVv77uhg_p4zW2XDVWVGVXSJUh_5WCPIw==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: tW8jK9x0OU6zuAhpPQ5XFzfAec91M.g7
x-cache: Hit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 8FAC 2 KB
1 KB 22ms
21ms Document
text/html 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1654682100000/zdcd6x8yhg85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5082f78080310ecf28702d75d2985fc757e0c15a4c030331706ea36f7c5e25d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 08 Jun 2022 09:53:52 GMT
etag: W/"ce23d5084fdb31563b615b51495ac53e"
last-modified: Tue, 07 Jun 2022 17:24:14 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id: dWS1e1oXlOdXxIcIJESYXhirThRz79gu93QolVSG0aX78twEXo8WUQ==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: tW8jK9x0OU6zuAhpPQ5XFzfAec91M.g7
x-cache: Hit from cloudfront

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1054187520&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=airpr&ea=visitor%20hit&_u=aDgAAAAB~&cid=1525061032.1654682031&tid=UA-56367941-1&_gid=251275814.1654682032&gtm=2wg660TJVVB7C&gcs=G100&cd16=1525061032.1654682031&z=1050953942

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 12:06:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78441
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

204

anpx
dpx.airpr.com/
Redirect Chain

https://dpx.airpr.com/px?hostname=www.cybereason.com&profile=660386&ga_account_id=UA-56367941-1&ga_account_type=UA&ga_c=1525061032.1654682031&an=true
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4671256506
https://dpx.airpr.com/anpx?adnxs_uid=6301533842501427413&airpr_id=4671256506

0
63 B

9ms
9ms

Image
text/plain

3.67.218.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpx.airpr.com/anpx?adnxs_uid=6301533842501427413&airpr_id=4671256506
Protocol: H2
Server: 3.67.218.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-218-133.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:52 GMT
cache-control: private
server: nginx

Redirect headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 09:53:52 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e65b6c75-acc3-4f9c-a54e-3afea47e279b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpx.airpr.com/anpx?adnxs_uid=6301533842501427413&airpr_id=4671256506
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1054187520&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDhAAEABAAAAAC~&jid=376635148&gjid=1573682756&cid=1525061032.1654682031&tid=UA-56367941-1&_gid=1767834999.1654682033&_r=1&_slc=1&z=813144096

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 48ms
13ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SSF38JVRVJ&gtm=2oe660&_p=1054187520&_z=ccd.tdB&_gaz=1&gcs=G111&cid=1525061032.1654682031&gdid=dZTQ1Zm&ul=en-us&sr=1600x1200&_s=2&sid=1654682031&sct=1&seg=0&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&dt=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&en=user_engagement&_et=1535&ep.ga_temp_client_id=1525061032.1654682031
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSF38JVRVJ&cid=1525061032.1654682031&gtm=2oe660&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1054187520&t=pageview&ni=0&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Report%3A%20Ransomware%20Attacks%20and%20the%20True%20Cost%20to%20Business%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6DjAAEABAAAAAC~&jid=1789688791&gjid=86232849&cid=1525061032.1654682031&tid=UA-56367941-1&_gid=1767834999.1654682033&_r=1&gtm=2wg660TJVVB7C&gcs=G111&gcu=1&gcut=2&z=1765702320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSF38JVRVJ&cid=1525061032.1654682031&gtm=2oe660&aip=1&z=1743651704

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
521 B 142ms
141ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2252185681&v=1.1&a=3354902&pi=74707766790&ct=blog-post&ccu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022&cpi=74707766790&cgi=5272851739&lpi=74707766790&lvi=74707766790&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email&t=Report%3A+Ransomware+Attacks+and+the+True+Cost+to+Business+2022&cts=1654682032872&vi=266de6f643dda6f522b2af171e089a33&nc=true&u=85683782.266de6f643dda6f522b2af171e089a33.1654682032867.1654682032867.1654682032867.1&b=85683782.1.1654682032868&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 592c4719-ac6a-4dbe-a74b-9f133471b8fb
cf-ray: 7180be318d5c0229-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wg7NCUffZDrdDuVo9mXWvQ1CHWiWQuDOQgLc8io1aUTALkGeNQQhMVhc2z8e%2Fg922F%2FIExu72SBMHnNqEGtxTfgLEovzBoKd2kzjdknHD08INtJYGI9RnoFup5Q6gnb1LoyFzgvUsGbe3adkZB1d"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=2DBAFC09A74A4FC8833E8FECB7E43E33&RedC=c.clarity.ms&MXFR=0650E1E1D5536EFB27CFF05CD15360B2
https://c.clarity.ms/c.gif?CtsSyncId=2DBAFC09A74A4FC8833E8FECB7E43E33&MUID=0003C4E16AA86E480C9FD55C6BC36F1B

42 B
368 B

30ms
29ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=2DBAFC09A74A4FC8833E8FECB7E43E33&MUID=0003C4E16AA86E480C9FD55C6BC36F1B
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB54E6859DF345A7BE01D384E7B51F9B Ref B: FRAEDGE1419 Ref C: 2022-06-08T09:53:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=2DBAFC09A74A4FC8833E8FECB7E43E33&MUID=0003C4E16AA86E480C9FD55C6BC36F1B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 189ms
148ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3354902&utk=266de6f643dda6f522b2af171e089a33&__hstc=85683782.266de6f643dda6f522b2af171e089a33.1654682032867.1654682032867.1654682032867.1&__hssc=85683782.1.1654682032868&contentId=74707766790&currentUrl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Freport-ransomware-attacks-and-the-true-cost-to-business-2022%3Futm_campaign%3DRansomware%26utm_medium%3Demail%26_hsmi%3D215671686%26_hsenc%3Dp2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw%26utm_content%3D215671684%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f1b86da9bb656d4a7239c9e02f111624a2ef1ffa2da30f0bbac0c2ec4753a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 09:53:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: fb971a7e-194e-4945-96f5-3bdbb696c0dc
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddlwaT7locidj%2Bn0RHG5MdC81K8uNx8uDr%2Bc11zC8gBShoY8p0mNKeira%2FRY2m1AVnKzVs4gMzAa9tn669uJ7ysgYxC1sUJtoMlroeQ%2FB%2FVa3G1I%2BjHGQbqyDT1jJhuhoiGfc2mVcO%2B%2B4A8evLpN"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 7180be31c8ac0208-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56367941-1&cid=1525061032.1654682031&jid=376635148&gjid=1573682756&_gid=1767834999.1654682033&_u=aDhAAEABAAAAAC~&z=1023774189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Jun 2022 09:53:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
95 B 409ms
409ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.cybereason.com
date: Wed, 08 Jun 2022 09:53:53 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 runtime~main.772fa980.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 6 KB
3 KB 7ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

270e6b0b553dc256e4037bcff6ab85d74618b9b99fecc76e95e764588410955e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:52 GMT
server: nginx
etag: W/"521f9ae414138e68c6db2c3ce7d5bdf7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jEZb5vnNDGtoGFnjCkWF0yyFC_s9LadQ
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uyJ4NNGlESexLsQ2FEolo_oMPqltoRjhRokfF8S7__wJerIT4nTXhg==

GET
H2 200 5.dbcf1e96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 73 KB
25 KB 8ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.dbcf1e96.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

385a70225a0565040dafcaa7a679d4e774834011bc451989b0f7474e66cd383d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"c3cbc3e427a73a85f5893ff1dbea5de1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vFYnAVxckSqYEbafqtfFOAgIPMB28lPy
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sXHjjd_uxluJalIswfrSdPFscNDIsfK_x6fK6TluSpm9TvZ5eFmPmw==

GET
H2 200 main~493df0b3.7f8cf77c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 7 KB
3 KB 10ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.7f8cf77c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79495f645199d6b22c080f185ef49ef573c1704e129a3aec2ccb09d5af784382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:51 GMT
server: nginx
etag: W/"83937b316217ea3edbf2b523a41768c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3TL.WDRbTX1pIyqkZx0JSheAP6uDj.8F
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LASs7ciNTRyhGjh46icb0eCAXLqv1hHECbYcbpyHezBkXv7peadH0A==

GET
H2 200 runtime~main.772fa980.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 6 KB
3 KB 9ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

270e6b0b553dc256e4037bcff6ab85d74618b9b99fecc76e95e764588410955e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:52 GMT
server: nginx
etag: W/"521f9ae414138e68c6db2c3ce7d5bdf7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: jEZb5vnNDGtoGFnjCkWF0yyFC_s9LadQ
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RE5u1Vi8EvelZLOEdmB3DciW6VMSde9OwA3DRlRCYSAMIle8zvx5Ag==

GET
H2 200 5.dbcf1e96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 73 KB
25 KB 11ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.dbcf1e96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

385a70225a0565040dafcaa7a679d4e774834011bc451989b0f7474e66cd383d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"c3cbc3e427a73a85f5893ff1dbea5de1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vFYnAVxckSqYEbafqtfFOAgIPMB28lPy
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mYFRO9Gf1ijIUuq4qhvPPxNkOhPKR2QsLGIh3xlrBru33grITLt8KA==

GET
H2 200 main~493df0b3.7f8cf77c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 7 KB
3 KB 12ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.7f8cf77c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

79495f645199d6b22c080f185ef49ef573c1704e129a3aec2ccb09d5af784382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:51 GMT
server: nginx
etag: W/"83937b316217ea3edbf2b523a41768c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3TL.WDRbTX1pIyqkZx0JSheAP6uDj.8F
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s6qiJ32t4qPW7u6QdZMhdPZomoxsZxUsLdN04WjZiPFPIIYtHI2hZw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56367941-1&cid=1525061032.1654682031&jid=1789688791&gjid=86232849&_gid=1767834999.1654682033&_u=6DjAAEABAAAAAC~&z=589806489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Jun 2022 09:53:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 47 KB
14 KB 8ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 08:45:09 GMT
content-encoding: gzip
age: 781723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 18 Apr 2022 20:21:08 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LjyOPkagB7nnrm_bdGALH1jY5iJPyZLo
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 850wYAX0bb-3UFaDEQSoM4Bj4gCULmW76-cvWBKZr6d7ry67X7aUQQ==

GET
H2 200 20.3e3db7bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 44 KB
13 KB 9ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.3e3db7bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78ad339bd313ef9abaad9c76705cbbb550405faefeb480a7f8f63561f3a947e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"b5d4344924ff3b56916057972fa54526"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4w4S6r1WKVDXgQBFd1IerChjpX9aGXhC
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jax94jJ64q5Dy0J4QoK8CGgOfvxb-Lri52iTCaHfJ7QVjCo8T0aXaA==

GET
H2 200 36.be4f7be3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 25 KB
8 KB 9ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.be4f7be3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1d3703c19e9011b8892f897ac9537a98b43c4b9c4b358d31c6a5b9331d7143c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"2cafc26e1725fd8d6352a32e5a36ee09"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .9dk4V3NA22D6FjwT6yqIyrZic.QH2Up
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pF27hpkuD3cdWT6QLcaPeoaXxvZjMiZ3XnM-DDVtLatU9pJW1CFQvA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 16 KB
5 KB 9ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 4008577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:55 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Xqq9pUZYxgzAeYN3dJ9hj4qBA9MrPFwl
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hAbQP8IvBqC_QIFHYhbgqLXXlkg70lMi5M7qgGtkrdZzU5q7j-zS9w==

GET
H2 200 18.7a403fca.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 74 KB
23 KB 13ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.7a403fca.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d537e6d07c68615573a7ca1c7978539a91e6635c5a47e0e8637762937b0dedca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"90c8621323b67ef9358b4c76da637a62"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hGUR21svCV5BLlljHKBeKXeahzwvzA5U
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G6j_pOijIl3prM5WxXTvN14n6LH2HlCjyk1DSFmsGO19gDv3S7wJCg==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 59 KB
19 KB 14ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:59:10 GMT
content-encoding: gzip
age: 3178482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:48 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RPweXmXVexEpGKV7.j7SNDhIA2.BhvsS
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ytOX_AQjbTco-_S0kRnmHnARS5V18QDw6zngkiHZBTb3xUhhc_8XMg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 91 KB
28 KB 17ms
2ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6227386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tJiN3Czvw8LYfU15JE_7GFRjZ8zc2HNsNSBsA1vwUdXU35evnhzXeA==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 23 KB
7 KB 24ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 2303856
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q8EyGmKynwKEJFTsnUbmDlKbEMvH9srmpkcEyw5qOVnbhp-LCQrBjw==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 62 KB
20 KB 25ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 13370411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KKsHFdnnThJ-LmMHaQI_OO9w6bH1CSrod414dVoixAxOiNb6l_U6yw==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 105 KB
34 KB 27ms
12ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 13370411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zfGR23YQECUT_JdQjZnVAtiA3sf-T1BBnKm3lfGSkIL41W48nqxVdg==

GET
H2 200 34.a211efd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 12 KB
4 KB 30ms
15ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.a211efd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5f1c818f2f9435b8e5bc31f893db6582d203c197ce7667699b6e4ae6974fa6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"0ff1413242baed27d55fd9d3f181c489"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iwCoWUqh3u0ZcG3FWJNGfyiuJu7_oKH1
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Zi56TfQL9o3KJDVKCmBJgMAjSL7L_2VcJ2trMOsmWdSmux7X3RJqcQ==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 12 KB
5 KB 31ms
16ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:29 GMT
content-encoding: gzip
age: 2450183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MO8K1XLcpyKTcr47NxMT13FlZAc1WFj1
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FHvMDfnz41QRNSrg9eEptXVdzBHsEkvQwZWhBpdxVyjImfdFIK85kA==

GET
H2 200 19.ff48a658.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 17 KB
7 KB 31ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.ff48a658.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8a1e72743c6f26027c44f9d353a167d40fa41737f3859059f502f858cd79d3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"0236c65b743ae88b9f3acf9a90a25436"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WmhG_BWjsATIT.NGGDjAauTua0sL.yCJ
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sxvgxf0qsLh7OaGnN6S3zlKYLErbBiJEPorIyjgb3mSqXF6WHRbjRA==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 63CE 11 KB
3 KB 22ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6227386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rdOS9rRAgZlFwI2fF2_VDRT6jZxAEUHBz4G9Pmm9OUwokMERuP1GIw==

GET
H2 200 8.1993fa08.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 70 KB
22 KB 32ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.1993fa08.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a45c88b305a818822e240131f3cb4466c154445dd9b46fe55896cdbbf40a6101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:51 GMT
server: nginx
etag: W/"21581529331d4f373cf8d3671f5466a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ov5tIDq2iezp2ndMEbhdgeGPO_MHVoDd
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jQxwAceMsK7V-HbUMr5mjdSxIFwt-8oGPkLpCz1-vcQkKfreqZkERA==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 63CE 24 B
669 B 22ms
8ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
age: 13370411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wEjQPz6HPS5NUYJJKItGtYA3CGs9EkhmHDMnWvQDmQbjqvhwCDRddQ==

GET
H2 200 15.01f15366.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 78 KB
20 KB 35ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.01f15366.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

18fc5c48f87f011284114b0ff84884dcffa8a1ab99b786bac8d2f194bf2c512d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"46139e90597d4c351aed38d2a3663623"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gQkcVwHuwzIaR8ooFqjsZHO_bBiUZVtA
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UC5PF4isXVaHNtETVK0sO9s7vOd7kWgdiJXIixAJCAa8rgbWQzHF8g==

GET
H2 200 22.b751089f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 47 KB
13 KB 36ms
22ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.b751089f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7f17d130b5e82389ebc347e4525ab652f614f4bd6daae656f170e09d9796073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"9820667064f2a0d018d33b2d049af687"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cR7yS6JmWBgsUUm7D5A8HuAly0CLQAm9
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tsMMniWq83nsDj-XUIra8ngJ_rqT3RhhM8_RCItWMjnhX63TGEi0PQ==

GET
H2 200 13.9d42e543.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 40 KB
13 KB 35ms
23ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.9d42e543.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d43e4835fa48167fb30705b01094376801b87bbe19cc2ae1492499c075ac542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"a9ad98f827dac474e946fed0ebbb2343"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5MSQFDeYnk3JVVQF1pCK1E2nezyKEOxr
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yT9h-JnP1EB04_-wraZpKdN1Wk2LxxYjcdwBVmKVZ9kNdQmcVcKfUQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
41ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=1525061032.1654682031&jid=376635148&_u=aDhAAEABAAAAAC~&z=1722943500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
41ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=1525061032.1654682031&jid=376635148&_u=aDhAAEABAAAAAC~&z=1722943500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 44ms
38ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=1525061032.1654682031&jid=1789688791&_u=6DjAAEABAAAAAC~&z=2105366966

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 44ms
39ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=1525061032.1654682031&jid=1789688791&_u=6DjAAEABAAAAAC~&z=2105366966

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 09:53:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 43.bf52ab96.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 47 KB
14 KB 25ms
11ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 08:45:09 GMT
content-encoding: gzip
age: 781723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 18 Apr 2022 20:21:08 GMT
server: nginx
etag: W/"4ab965f0d26a973cf1be72a39d537999"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: LjyOPkagB7nnrm_bdGALH1jY5iJPyZLo
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bcqYtKVpVHX4sg1qLoKleaHHhjAp0WErQXDere6s3ZCnQBjGmP1Phw==

GET
H2 200 20.3e3db7bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 44 KB
13 KB 26ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.3e3db7bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

78ad339bd313ef9abaad9c76705cbbb550405faefeb480a7f8f63561f3a947e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"b5d4344924ff3b56916057972fa54526"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4w4S6r1WKVDXgQBFd1IerChjpX9aGXhC
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GwXAosH2NAE-WVB_CabNc7zg4j1ePGddFNuJ3IZKTVN3K0t5zcGThQ==

GET
H2 200 36.be4f7be3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 25 KB
8 KB 26ms
14ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.be4f7be3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1d3703c19e9011b8892f897ac9537a98b43c4b9c4b358d31c6a5b9331d7143c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"2cafc26e1725fd8d6352a32e5a36ee09"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .9dk4V3NA22D6FjwT6yqIyrZic.QH2Up
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qLjG0dg2-0AlBMJykMG0FzWLKiBtOa5-SB1bfjD57psAcb_z6rn8GA==

GET
H2 200 16.10d76686.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 16 KB
5 KB 27ms
15ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.10d76686.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:15 GMT
content-encoding: gzip
age: 4008577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:55 GMT
server: nginx
etag: W/"c16e855d0a26bf91ae3cc32cdbfa3ad6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Xqq9pUZYxgzAeYN3dJ9hj4qBA9MrPFwl
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bzQXu9O97g1Qtv6sWahZMfHmlc3WJy4vWzYCF64s0b4geb75RnYJXg==

GET
H2 200 18.7a403fca.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 74 KB
23 KB 28ms
16ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.7a403fca.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d537e6d07c68615573a7ca1c7978539a91e6635c5a47e0e8637762937b0dedca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"90c8621323b67ef9358b4c76da637a62"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hGUR21svCV5BLlljHKBeKXeahzwvzA5U
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M3UcW8Cs9eSiDzxqPB-6I9nUGB9ZkmLICN1MdXvM7_lhgBolQ-LzKw==

GET
H2 200 23.16e779ff.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 59 KB
19 KB 32ms
17ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.16e779ff.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:59:10 GMT
content-encoding: gzip
age: 3178482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:48 GMT
server: nginx
etag: W/"ef4446c0fdb98929baf632c38e8cd226"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RPweXmXVexEpGKV7.j7SNDhIA2.BhvsS
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pr_pFU5jlexbvUkgKRhMupFqTQwXe6h3L2ES2uO3BshEAdbh40Zjlg==

GET
H2 200 11.8d62d6c4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 91 KB
28 KB 33ms
18ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.8d62d6c4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6227386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:35 GMT
server: nginx
etag: W/"8199a8634768214fc6204b18351f842d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IO06C9jhzvCi9VImuydD04sGtIPTZ6T.
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fHSLUuGipvF-gE4XcKeW_9Pgn0X1fKvd-m2Nk_r7hSWPYl8DR4IOmQ==

GET
H2 200 10.b73b895d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 23 KB
7 KB 35ms
20ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.b73b895d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 12 May 2022 17:56:16 GMT
content-encoding: gzip
age: 2303856
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 12 May 2022 17:28:59 GMT
server: nginx
etag: W/"5c6cb58ced9f55b696578307366a68ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 42s0ZS8AeOMe_PH.Rce3w4xkhbhmKcpn
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4m1MzIE6XJKI4TYUvUJUlBg5Py9MWSDvItefNqKa5T-BB2Wzk4Z3NA==

GET
H2 200 14.2a01ddd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 62 KB
20 KB 36ms
21ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.2a01ddd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 13370411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"6f457384188c98017d8d27281f3df6ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KpoEpDmO7G9TLWLfSTzA1dytLAyREIfM
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Wzl-M85PKaLCdmNb-0nFG3PbZj1mcRQfyxr0gvMnYE4Dr5pSxLeMOg==

GET
H2 200 41.ef07ba02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 105 KB
34 KB 39ms
25ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.ef07ba02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
content-encoding: gzip
age: 13370411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 04 Jan 2022 15:08:17 GMT
server: nginx
etag: W/"da03c1012cb0aaeb2041fa677a272d14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6OpxVYvZjRVHdu0KjdhZlusmExqFlB4E
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FbJf54kbO1BDnjtY5W40vS9xy9T52pW7aD6InhPln5-24NVs73uV_Q==

GET
H2 200 34.a211efd6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 12 KB
4 KB 41ms
27ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.a211efd6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5f1c818f2f9435b8e5bc31f893db6582d203c197ce7667699b6e4ae6974fa6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"0ff1413242baed27d55fd9d3f181c489"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iwCoWUqh3u0ZcG3FWJNGfyiuJu7_oKH1
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xTQYAKFAQIFKRqOXer87IxFyMH_rR6y34-JZSS5gC-NdCuvEo5XndQ==

GET
H2 200 26.81342ce1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 12 KB
5 KB 41ms
27ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.81342ce1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:29 GMT
content-encoding: gzip
age: 2450183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:07 GMT
server: nginx
etag: W/"fb3937eee6b2751c3fc0c91dce12c2ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MO8K1XLcpyKTcr47NxMT13FlZAc1WFj1
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QA3_9vvCpX-JZ3dt4c9O75R_xT3Qw5omGir8qLKw_rBzNRZkRwKojg==

GET
H2 200 19.ff48a658.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 17 KB
7 KB 40ms
28ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.ff48a658.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8a1e72743c6f26027c44f9d353a167d40fa41737f3859059f502f858cd79d3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"0236c65b743ae88b9f3acf9a90a25436"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: WmhG_BWjsATIT.NGGDjAauTua0sL.yCJ
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XpPBievo8y1At1TUcDBftL4cxYuTeZc_LpgOC5W37qcRTWJul5J_tg==

GET
H2 200 8.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 8FAC 11 KB
3 KB 37ms
27ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 08:04:06 GMT
content-encoding: gzip
age: 6227386
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 20:18:33 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8ZsEKgx7NBbOWsOo7y482B7LIK3_mShC
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 05MeDWzH1bdDI0I9TIOVCO-q74und8N8gY1k6E1kJaI1z1P6uCyvxQ==

GET
H2 200 8.1993fa08.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 70 KB
22 KB 38ms
28ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.1993fa08.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a45c88b305a818822e240131f3cb4466c154445dd9b46fe55896cdbbf40a6101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:51 GMT
server: nginx
etag: W/"21581529331d4f373cf8d3671f5466a9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ov5tIDq2iezp2ndMEbhdgeGPO_MHVoDd
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sgICdLLflN5dG7fI1WBUY1YwevFWG2QgzB9BuLyFmxRy6I65_c1ZpQ==

GET
H2 200 15.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 8FAC 24 B
668 B 36ms
28ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/15.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 15:53:41 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
age: 13370411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Tue, 04 Jan 2022 15:08:15 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bzo2zbrJexGHlTPaLulG8N5yfdXT7FR0
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vJ6Sd8IjnlykFQ2PBwg2G0bmCcS9mwFR2CEtyQtiEHXPxaSHKndBUQ==

GET
H2 200 15.01f15366.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 78 KB
20 KB 40ms
31ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.01f15366.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

18fc5c48f87f011284114b0ff84884dcffa8a1ab99b786bac8d2f194bf2c512d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"46139e90597d4c351aed38d2a3663623"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gQkcVwHuwzIaR8ooFqjsZHO_bBiUZVtA
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7dSD4v5rTGw1booQp6dOJCq8XLtyu68cZ8-sMiKx3bvtr2UZ_dAC9g==

GET
H2 200 22.b751089f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 47 KB
13 KB 41ms
32ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.b751089f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7f17d130b5e82389ebc347e4525ab652f614f4bd6daae656f170e09d9796073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"9820667064f2a0d018d33b2d049af687"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cR7yS6JmWBgsUUm7D5A8HuAly0CLQAm9
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UxWTZWtt4hKPiZlvX_KfWMnZdgCOXKAOVT4lnVbF3Xuyw-c77zoAPg==

GET
H2 200 13.9d42e543.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 40 KB
13 KB 41ms
33ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.9d42e543.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9d43e4835fa48167fb30705b01094376801b87bbe19cc2ae1492499c075ac542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:14 GMT
content-encoding: gzip
age: 59377
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"a9ad98f827dac474e946fed0ebbb2343"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5MSQFDeYnk3JVVQF1pCK1E2nezyKEOxr
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Y69ViNVYcX-TvzLl6ePles6uwtwbls3TKyK7ySW3F2zBK7JZGKSl6w==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 9 KB
3 KB 7ms
6ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 2450179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uQG2jiF1Z283FvMXiitvbD_S4TVxyKZEKDxwgOIloFjE4VKQn3b8Kw==

GET
H2 200 24.81d46fe7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 33 KB
10 KB 7ms
7ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.81d46fe7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 22:12:26 GMT
content-encoding: gzip
age: 5571687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 18:54:19 GMT
server: nginx
etag: W/"4f751bc7b45f18c1d343a3081fe2509f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: dJ6wMYR.EkVgKolqllYLjIlhrPfZzaVa
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uThgX7BKHr990CZevJGArC60A0YnPmkPxRauNTh0fSk3hefVqRNjgQ==

GET
H2 200 25.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 63CE 8 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:03:47 GMT
content-encoding: gzip
age: 3178206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 04aQHx2ofXtXe_tgJCUmZiRKP7xQdJel
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YFrIeMDDe6HTRzGN4YfTwoW7trlQsCH7YeZPK3D68rAza8W3iZgGsg==

GET
H2 200 25.f9d820f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 12 KB
5 KB 8ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.f9d820f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ed8f3edb315c74fa7316702a5e777fe414b91a6c57a4bf9d27c67dfb38a00b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:15 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"1f7273838525d2b38b27f96b6db3fd4b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KPvRjhzEA1bKwk2Po1Af7SRatkTh5nE0
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jRtNqzB3b1FR01Pro54B0RN61IYAuewKKY-DAktI4FjGNZS5yLt07Q==

GET
H2 200 17.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 63CE 365 B
1008 B 8ms
8ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 18 May 2022 17:57:10 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
age: 1785403
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8PhpnUwCKVw_tmw5w1.GT3kRVBeTcpzl
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EWMfbwPS1CyNYvXa1YNkujKJzAf8rvAT7pkNkDb1H385zifHdoEicw==

GET
H2 200 17.deb7f344.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 63CE 87 KB
24 KB 9ms
9ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.deb7f344.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

1d70fbb9f38719c01044fbca986b01fc7aa60450e0cb13a88708a7997ea204ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=0dde8f5f-cf2a-4c5b-afc4-1757051a6f2f&sessionStarted=1654682032.795&campaignRefreshToken=76b03e74-f06a-4885-a6f3-5d0bd9ef0f82&hideController=false&pageLoadStartTime=1654682030646&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:15 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:49 GMT
server: nginx
etag: W/"e440facb47aa08221cbe4b113cd9d057"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: spelcbf40Br1NE2MbF_dQvx9Y8XVyXws
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MqvHusefjlhlfl4z7aBBuSkHtb_M-MS9h_H7Ird2YDTSuNjtm6ovrg==

GET
H2 200 32.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 8FAC 3 KB
1 KB 6ms
6ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 00:24:16 GMT
content-encoding: gzip
age: 4008577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: zafhXzyL2Oqiwkpju.1_.RysXhnH6Str
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HvioSZcW2rILomCeLpGU1INU9csIpXTIz_KZHn_3R1fZCxs-vTXCSw==

GET
H2 200 32.28be7b35.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 3 KB
2 KB 7ms
6ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.28be7b35.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 21 May 2022 02:03:42 GMT
content-encoding: gzip
age: 1583411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 20 May 2022 18:01:28 GMT
server: nginx
etag: W/"853d736e05b299b857e10b6ab17f3c36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 4EWTvHeOdhIntYjosic7AFXOX_tcgSBK
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q_mE3ZFltCL9pmPAUQ9B6t3pkEVXsJ8Pqw2c9AR8_7Ez8yyqkqyOqA==

POST
H2 204 collect Show response
e.clarity.ms/ 0
25 B 347ms
346ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.cybereason.com
date: Wed, 08 Jun 2022 09:53:53 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 9 KB
3 KB 7ms
6ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 11 May 2022 01:17:34 GMT
content-encoding: gzip
age: 2450179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 09 May 2022 16:51:05 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R58GC9JKCFqRYH8PW35ajAhO8b2ao9Fj
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h0IaDUokxFE_-3p0vcQumjW3HaZnmb8GAvw-CbvDJas3JyMGrKfsTQ==

GET
H2 200 2.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 8FAC 7 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:55:13 GMT
content-encoding: gzip
age: 1670320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:03 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: EYaActPVD3Au4y9ezb93snVitJpekZ.W
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S1BLZ74TZSE53DiNqyOJZfTPXufs3U6qkpnKmzwDA0xYdiI2Taw__g==

GET
H2 200 2.90bfb041.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 54 KB
16 KB 9ms
8ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.90bfb041.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 23:30:53 GMT
content-encoding: gzip
age: 5826180
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 18:31:22 GMT
server: nginx
etag: W/"dc43e7dd478d83a9091a7335b8beb11d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kk3GS24HgDEmPXUslSsjyTbGLAUWg7zo
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8fSrw-uQ1ZXUyPOdeZE-Q4TFQz9qseW7dT1Hn5jKLiQ3IuclPG1Dig==

GET
H2 200 1.e5dfd51a.chunk.css
js.driftt.com/core/assets/css/ Frame 8FAC 43 KB
7 KB 10ms
9ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.e5dfd51a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 02 May 2022 15:02:23 GMT
content-encoding: gzip
age: 3178290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 28 Apr 2022 15:26:46 GMT
server: nginx
etag: W/"2c40725f3e291f40133c5dd42e2d2809"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NDVBsNLgITAyanG2chz6_hhZC25SbNrt
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W1vdbM4gTKTir2IYd0qq45wgoNOK1sT6Dzyuntrc0MLfj3fATyIFfg==

GET
H2 200 1.d477b46d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 73 KB
25 KB 11ms
10ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.d477b46d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

80a8ff7c0a2146b0fe47bef954b5849d1f1f181f7aae0010b41c9bd78efa8c1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:15 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:48 GMT
server: nginx
etag: W/"5295f913cf4cd8fc1dbc641ce8d76c4c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: O12gqyWEBbbfuLBkttrGaDCoUnOa8OVW
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PSuYlUcHuSYhJH4cmmdC6B8I-TZ5QQGTZnL5Xx02PLKS7E2hYRjH5w==

GET
H2 200 30.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame 8FAC 12 KB
3 KB 13ms
12ms Stylesheet
text/css 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:53:21 GMT
content-encoding: gzip
age: 1681232
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 18 May 2022 17:52:04 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 1lpzVvOGjxttW0f_QbstumkkNbSGGIAD
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: di6OU7B9l2h947mT8Z3NBTdpXcSM37d8jigRq3liqe90wQ4ZDh2_JA==

GET
H2 200 30.6739cd83.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 8FAC 11 KB
5 KB 13ms
13ms Script
application/javascript 18.66.112.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.6739cd83.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.772fa980.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-39.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

2123e5d773cdc4c2a107f453a7884f3bc547aa2fb6aca425d2751d103a1d5591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1654682030646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:24:15 GMT
content-encoding: gzip
age: 59378
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 15:54:50 GMT
server: nginx
etag: W/"e18bef47a18b4c97d7ebf4edd4e29ec7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Dfdpy9HMV.CAolFQufsI916zYySvGgBh
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l9vgKhRwKVan8ZykXieLQMWbveKjzLA0LkXzfO6FDvusIM3LOebNSw==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 63CE 25 B
123 B 109ms
109ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 09:53:53 GMT
server: istio-envoy
requestid: 6e9ec956de65e643
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 326ms
101ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 08 Jun 2022 09:53:53 GMT
requestid: drift02dcd934f6bb38cea052a1ac7d2
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 63CE 147 B
244 B 106ms
105ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

0f22cf2acf8146a0114391fa869da34a4c62183bce53e066d6605bf022b12ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 09:53:53 GMT
server: istio-envoy
requestid: 5eed781590aae6a7
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 310ms
100ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 08 Jun 2022 09:53:53 GMT
requestid: drift9be9172463486e065c108ed19ac
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 63CE 25 B
84 B 111ms
110ms XHR
application/json 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/43.bf52ab96.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 08 Jun 2022 09:53:55 GMT
server: istio-envoy
requestid: a21b3a7387ed7851
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 99ms
99ms Preflight
text/plain 50.16.7.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-7-188.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Wed, 08 Jun 2022 09:53:55 GMT
requestid: drift0c5bc2c4702980556ac64b71222
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

POST
H2 200 perf Show response
www.cybereason.com/_hcms/ 2 B
756 B 202ms
201ms XHR
text/plain 45.60.64.106
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_hcms/perf
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.106 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.cybereason.com/blog/report-ransomware-attacks-and-the-true-cost-to-business-2022?utm_campaign=Ransomware&utm_medium=email&_hsmi=215671686&_hsenc=p2ANqtz-_MIzJGs--VvZMD_mH-iTkvELaxRP3CrzSvDzajOCL2Z3XcYQYtxR1UzeVP62s5kJQ-sTwmyJ8iQ1eZRKeQ8BK_W2q8Lw&utm_content=215671684&utm_source=hs_email
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 08 Jun 2022 09:53:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-cdn: Imperva
x-hubspot-correlation-id: af15a1e6-3bb1-4f15-9d9a-e09034ce42c1
x-iinfo: 10-8420878-8420880 PNYN RT(1654682029758 5423) q(0 0 0 -1) r(2 2) U6
server: cloudflare
x-trace: 2B556384E3B878B25C7221B8E9B5E7E2ACB6229452000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKZPSZFKcwZn6fLk%2FZbdkOpoYrEGNtw81%2FIFrw8kEyATuruZ0uYCad4LAfx38llrFu96vwyj9Ogj7BbERUuxMzmG8%2F45D4F%2FPQ23v4waQ%2FB2fwaYwURCchBikqQsOx4%2Fsx8G4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 7180be43ec31abc9-CPH

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.cybereason.com/	1969-12-31 23:59:59	Name: __cfruid Value: c7065b4e515e36d550f51c26bc42b1ff2c8b1a18-1654682030
.cybereason.com/	1970-01-20 12:22:56	Name: visid_incap_2710048 Value: xeqTGK2HTTiXMH2yrccD0q1xoGIAAAAAQUIPAAAAAAADKJyERFwlM09Nkv17Ee3X
.cybereason.com/	1969-12-31 23:59:59	Name: nlbi_2710048 Value: qQ1pcG5H4DAPMOON2P/mMAAAAAAroywTd7IhhLZ6/+oLm2if
.cybereason.com/	1969-12-31 23:59:59	Name: incap_ses_1609_2710048 Value: jWw3eV2BIRr0BoxPBVFUFq1xoGIAAAAAeq9Dhy5VF405QM1Twar5Gg==
www.cybereason.com/	1970-01-20 03:38:02	Name: ___utmvc Value: 4A4N33sZLNjNFC5UgVy5trvVPHmyqyidEdKA1f+pqn6ZZf99H8PnX858iq8Dbrd0bPihNKG4+Bu8dwu8P7/GZR5f2J3URCaQ2YNPtNz/p0VxGemrOfxM2B/X2X4XyKanyyVuh2XpNz5XN7D2mdyIvMvjuYMbZMmVD/qDHVnS+9zZ1XNgtEKvmc8ADLnu2lSruIGV6weUdxM8OLnsuETDoxXStmQcBBlfNL0+dIH5DZC2W6hToNTmbHTUALXb0VRLboDbpFAoJmRriDrtcswCgW8/MwoOGzf882fwsnxp9bZTPdlDdzZgx6hAdTue/mJLsxXVaaUdsQnUa5bU8/jkwIK+yGuSEuUTTuOO5wCvAtg+RC6SNEsvETMLfixFFHMSIQOHNjoRhL0tY94vmeDVpiybWXkGiWSOD3ciTRtoIQwq9saVM6QTbME9pcVuyb4jfWQHtGiHuI5lwU3OhA29fi9jSm3Rs30cq+9LFCJ3yvZxaD6IwUBB9ABubPCd0D3Y8VQSiJGy8d3DCPY1sPPJSnMbnM8ErYuzgRuGQ6fnkw6WdCw7yu+/1EdG9kg4SNoB5hqsJFQe+0hwdeKkH0VDTOoCRSId5Gu+cMRboDa6IuWYUvZntpVXuT7gYdBxamMFv+3eKaN4JQG+seM/+m/Orq7a13SljMiLi+7sMsfgzxFXXN+7nGVxxQp4ufDawx97N/mNqyC5O0+wBHxnLtKDgzXl4f033ImBmorGWL5cnLfeOFIxSlryNPoyRACtzhr4QR+AEkm7Uo/WPR7hwB4m6JPw/ODkq536T0iO4BYavbTyRSOzyvoDMDvLV3kKdRvZy+etLRMmYGe3Q+DNy7aWqdqqMnZYYG/3XFtSdQjYNOtfEfXa/QL2AEjg9ILJOMc6YUyjOt8msOZnhHXS7vLqsz4hKk1IR/sZXbHNbczZrngOz7MYzOrhYgshlUFw7oBQ5ctd0bWq6+wXC9zp2P86h/pL3jxbbH8TWv7nORkfbJ0Jc8LnFzofw3QXKnYVsTKbh6kka4Sg5Gi//daYt0L+GRHKmMuKisYp6MppvjsycsNA1DuH0yX/apF1xOV9FTh2lJ7gtU0ROJ0Pl2Sf1lTljq9dLaAwcUWhdUpT731Cxl2PYzi5ow4OihwJOyqDX9+oo1QioswIlqdbsYj82524J1kf3gr/g8/sYXXLUkOnIeHwK+d6BM6FNhh/Aggku3y2KvgTdNWP2G4W4iWITCBMpDf4/N2fVNQMv0vcqWrUKwSsPIjCMHtMeh57FFtjJvQPUCw2bCtYZ8tPYr7ZXqMH4AgtI0GzHLS14Yo8dcdYdnM8wMSAy7NRNMNkQNVvYcpPhabjvxZZGAlK4x/rYVtcm9efPM/dVnjFeMNNuQvH/Dtd9ZGXxQ3mkMF0coYLyJKlKl/dCnv3k8zYOH3vs5fLAvydeoj0jrjEUQ6vyyk3kvP9LJeuaqTdhh3RryFvfga+oBeeWU+klzDb/sWsgOEyjf5Pg1H9/O5W+iUphTSx9KkPNC5xYvgc/2cRqr/FRbuISmpqhUBXtPgwc/RVxCLgQjn7tNlNqN76jv4e1kAs2ABlv7WMFPx/eO20VLIp0353FaZJDWZfrrvaKcuc6ZoVJ2jYrqia9NqYD6AXRGFzQF89QWSQ2zew/4sH5PTXxFZsm7rez+a4seonlZjCEDu1pjPw5keni+zV6HYX68XpuwW7rZELUytR7mQO0NiPrdPxo6NYZuZCb0Xp/BqM3C6MhTCehrTvhl9l7Uj4jUCiK6xFt6XBQpyrILR6l87klYjQj8Lbr2hRz+k5HDw7IKTMCW7s7KdRO5z359q8j8H+KQ7ac14e96MvTOebS5dW4E60oGv4qwa4lNJNNo85UMcKwB4szpSFPMUFOXDcuZQzbtumRlB8FRx6AEQup7UohyIpNdkxtVkUjjmyGbGYN842ddGA7levIFxQFgFCqZMRYp2EyWObOv3Of3CXTJhiF/p+IIRkAVKBNbSfZh6KZIvJRgIvoU30hqaddUJXUTD6UO5LSZq7xXEP60esvli+K2hy8UawvScx3+22Gt4REYo6NICZVSr1juabtY8FWGBDAtfKQ+cKAany4VV9xx7lkNM53u3KoEnqdBo67MmSievrtItpUU69yVnXzG8WaP+McaZ8dqF0eJL793nqIAA+7/ojj5Kx8c+jD7hncUQlr/ae9o1OyRoynZKHsHwiVTiIbpQy4xRZ2N1bB4ntI1r2ySL3jkC4cX+FwuaJ75AnEWOtOyTvX3T1ZQ36SsWIxJTHEW7Wit/YFG8tBiIlGH6PArBM3HDA2VT8mdL5cFOCJ6Eph7QDK4MOrsXXA/ROe/XlsTIbR/Omh/vdLbWn5B1BhDvvAAjFFuloH/ZsQ45DmFkeNL9226KJjeNAT2Xzdw0C8f3qhZaAn7Y3txeRaLwzwwp/M9oxaQ08xji21rrJ5Wo6tHu4oOP85xfgUS7lcsSCWyzW2iN45MmmoHATjxxXCzKxmS1vr+anQD2xrvjUzzsBoOVntgQuvQ7Jb+HrUE+sMzZ6KgdRJQyDD5vzFTUbMVQAq77Da/NW3jYGsGR3nbUAfjK7ESdAL7h8QzJyofViNQEjbmI3KXKN+TK/tF39FF44a1AJX0N0azr4M0cRAZdouvaPZaeqXu/ChNmxXJQ3/02RzI3BhBjq5pAsuXGdV0NSqD4RNCV8yKD3LGRpZ2VzdD0xODM5ODMscz1hNjcxYWM3MDgxYTQ2N2E2NzU4YzliODY5ZDcwN2E4MDdlN2E3ZGFhNzg2YjhhYTY2NjdmNmJhNWE5ODI5NzZkYTk2ODdjN2Q4ODg5NzA3Ng==
.cybereason.com/	1970-01-20 05:47:38	Name: _gcl_au Value: 1.1.633080062.1654682031
.hubspot.com/	1970-01-20 03:38:03	Name: __cf_bm Value: sYTrqMFXqIcQjbmx2DhDp8AT5HluEOi58AhwL2c.4Fg-1654682031-0-Adm7MjY4iONOnyQM1E0NpEAGp5tegGTyBntQOe8PNMNtSh9dekqpxUV56MMZxPaX53ooODOZLS+Jw0awToyNgVc=
.bing.com/	1970-01-20 12:59:38	Name: MUID Value: 0003C4E16AA86E480C9FD55C6BC36F1B
.techtarget.com/	1970-01-20 03:38:03	Name: __cf_bm Value: XkPdUozjwBNF8dA8cCV2k9LGTupIEpxc8i5dlu7W7TU-1654682031-0-AYq5gHS45dI9V5KLRRgk2AqKZJh5m8VOAPwZEnUbo8vV9tlm5OE2jWZpwwcQ3cOBP6qU5EGajzvyP5U//dq+k8E=
.cybereason.com/	1970-01-20 03:39:28	Name: _uetsid Value: e67a1320e71011ecba001d1aaa964bcf
.cybereason.com/	1970-01-20 12:59:38	Name: _uetvid Value: e67a48f0e71011ecb1435dc090caeff8
.cybereason.com/	1970-01-20 05:47:38	Name: _rdt_uuid Value: 1654682031394.22c71160-9b45-4af3-aeb3-ad4069c8c3f4
www.cybereason.com/	1970-01-20 12:23:38	Name: __pdst Value: fae68a2f249845bf94884ac63fd7a445
.cybereason.com/	1970-01-20 05:47:38	Name: _fbp Value: fb.1.1654682031419.1853134655
.ws.zoominfo.com/	1970-01-20 12:23:38	Name: visitorId Value: f037443369fc35656e599c2b101c4653828ef35df3825acb332a0c3ed33a4616
.linkedin.com/	1970-01-20 04:21:14	Name: UserMatchHistory Value: AQJ2D24JiN98CgAAAYFCvBVslMyB821Lx-ehPCgVDFrijtxfdcL2eaDGsV-YI0CnKLNDOyBVzrcTFg
.linkedin.com/	1970-01-20 04:21:14	Name: AnalyticsSyncHistory Value: AQLR0Sf_YSsFRQAAAYFCvBVsfd4409m0JoO-ty1c5BqOySmmuzUss9v4Ye1BdduYJ2b5lcGWn-mIuRF4W512rA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:09:55	Name: bcookie Value: "v=2&f58399e5-50f1-4c75-8da7-fc5dd767f048"
.linkedin.com/	1970-01-20 03:39:28	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2640:u=1:x=1:i=1654682031:t=1654768431:v=2:sig=AQHf3HZWr3ZIuzk2DpcLu8HlodOlWVjh"
.cybereason.com/	1970-01-20 12:23:38	Name: _hjSessionUser_704918 Value: eyJpZCI6ImM1NzBhMWFlLWVhYWMtNTViZS05YjA4LTM2ZTQwZjdjNDE4NiIsImNyZWF0ZWQiOjE2NTQ2ODIwMzE1MDgsImV4aXN0aW5nIjpmYWxzZX0=
.cybereason.com/	1970-01-20 03:38:03	Name: _hjFirstSeen Value: 1
www.cybereason.com/	1970-01-20 03:38:02	Name: _hjIncludedInSessionSample Value: 0
.cybereason.com/	1970-01-20 03:38:03	Name: _hjSession_704918 Value: eyJpZCI6IjcyOTI3NGZkLWQ1YTktNDMxZC1hMDMyLWMwZmI4YTRjZDA5ZiIsImNyZWF0ZWQiOjE2NTQ2ODIwMzE1NDYsImluU2FtcGxlIjpmYWxzZX0=
www.cybereason.com/	1970-01-20 03:38:02	Name: _hjIncludedInPageviewSample Value: 1
.cybereason.com/	1970-01-20 03:38:03	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 12:59:38	Name: IDE Value: AHWqTUltvf85NtUUVwNMxDSe4OgvsA65eb2Rz9rzYqb3cOXW22YajChPJUZJXriD
.t.co/	1970-01-20 21:09:14	Name: muc_ads Value: 694e92e7-2c31-4624-a676-250f6c745fad
.twitter.com/	1970-01-20 21:09:14	Name: personalization_id Value: "v1_XCto0w9Vt1y0V2zsSs0Wrg=="
.mathtag.com/	1970-01-20 13:03:57	Name: uuid Value: 1efd62a0-71af-4800-9f4c-14cc1c50584b
.facebook.com/	1970-01-20 05:47:38	Name: fr Value: 02BUx8w7OTKMK1BHY..BioHGv...1.0.BioHGv.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:09:55	Name: bscookie Value: "v=1&20220608095351b0bcb571-edcc-4afa-8b00-579ba606b93dAQHVtPmYKzzqQfOcNmAnCckYwO9htbsO"
.linkedin.com/	1970-01-20 20:59:38	Name: li_gc Value: MTswOzE2NTQ2ODIwMzE7MjswMjGB7XEjDif2F9YRSQ+5e4Z29hLgXnHQRjA5SgMyzYw83Q==
.bidr.io/	1970-01-20 13:06:35	Name: bito Value: AAC8sU7FQOMAAHpTLYS-Pg
.bidr.io/	1970-01-20 13:06:35	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 05:47:38	Name: uuid2 Value: 6301533842501427413
.mathtag.com/	1970-01-20 04:21:14	Name: mt_misc Value: mt_bt:1
.company-target.com/	1970-01-20 21:09:14	Name: tuuid Value: 3d6fbf92-45bf-42ca-9de5-3cd1d4019cd9
.company-target.com/	1970-01-20 21:09:14	Name: tuuid_lu Value: 1654682031
www.clarity.ms/	1970-01-20 12:23:38	Name: CLID Value: e3fe00ae68f64f8cb2d9ddf3109216b4.20220608.20230608
.cybereason.com/	1970-01-20 12:23:38	Name: _clck Value: 6jdlot\|1\|f25\|0
www.cybereason.com/	1970-01-20 03:38:03	Name: drift_campaign_refresh Value: 76b03e74-f06a-4885-a6f3-5d0bd9ef0f82
.cybereason.com/	1970-01-20 21:09:14	Name: _ga Value: GA1.2.1525061032.1654682031
.cybereason.com/	1970-01-20 03:39:28	Name: _gid Value: GA1.2.1767834999.1654682033
.cybereason.com/	1970-01-20 03:38:02	Name: _gat Value: 1
.cybereason.com/	1970-01-20 21:09:14	Name: _ga_SSF38JVRVJ Value: GS1.1.1654682031.1.0.1654682032.60
.cybereason.com/	1970-01-20 03:38:02	Name: _gat_UA-56367941-1 Value: 1
dpx.airpr.com/	1970-01-20 03:38:02	Name: an_airpr_recent_visit Value: 1
.cybereason.com/	1970-01-20 07:57:14	Name: __hstc Value: 85683782.266de6f643dda6f522b2af171e089a33.1654682032867.1654682032867.1654682032867.1
.cybereason.com/	1970-01-20 07:57:14	Name: hubspotutk Value: 266de6f643dda6f522b2af171e089a33
.cybereason.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cybereason.com/	1970-01-20 03:38:03	Name: __hssc Value: 85683782.1.1654682032868
.c.bing.com/	1970-01-20 12:59:38	Name: SRM_B Value: 0003C4E16AA86E480C9FD55C6BC36F1B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:59:38	Name: MUID Value: 0003C4E16AA86E480C9FD55C6BC36F1B
.c.clarity.ms/	1970-01-20 03:38:02	Name: ANONCHK Value: 0
.cybereason.com/	1970-01-20 03:39:28	Name: _clsk Value: 1adrmos\|1654682033312\|1\|1\|e.clarity.ms/collect

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lltrck.com/lt-v2.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10272547.fls.doubleclick.net
10428681.fls.doubleclick.net
3354902.fs1.hubspotusercontent-na1.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
app.hubspot.com
apt.techtarget.com
attr.ml-api.io
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
cdn.pdst.fm
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
cpjwr04.na1.hubspotlinks.com
dpx.airpr.com
e.clarity.ms
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
id.rlcdn.com
in.hotjar.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
lltrck.com
match.prod.bidr.io
metrics.api.drift.com
p.typekit.net
pixel.mathtag.com
pixel.sitescout.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px.airpr.com
px4.ads.linkedin.com
s.ml-attr.com
script.hotjar.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.demandbase.com
track.hubspot.com
trk.techtarget.com
up.pixel.ad
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
ws.zoominfo.com
www.clarity.ms
www.cybereason.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.67
104.244.42.69
104.244.42.8
104.79.88.164
108.138.7.19
108.138.7.27
108.157.4.87
13.107.43.14
142.250.186.130
142.250.186.38
151.101.1.140
178.79.242.181
18.66.112.39
18.66.139.84
18.66.97.17
199.232.188.157
20.234.93.27
20.62.48.180
2001:4860:4802:36::36
206.19.49.24
23.20.88.204
2600:9000:2490:6a00:12:3734:2a40:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:2a27
2606:4700:4400::ac40:9a55
2606:4700:4400::ac40:9ad8
2606:4700::6810:650c
2606:4700::6811:190e
2606:4700::6811:47b0
2606:4700::6811:d5cc
2606:4700::6811:eacc
2606:4700::6811:f3cc
2606:4700::6812:1f69
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:27::cafe:1375
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4005:802::200a
2a00:1450:400c:c04::9d
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::622
2a04:4e42::396
3.67.218.133
35.244.142.80
35.244.174.68
37.252.172.123
45.60.64.106
50.16.7.188
52.222.214.56
52.222.236.43
54.147.21.139
54.171.41.113
54.220.105.73
66.155.71.25
68.67.153.60
0070c51109c7c72b5f5c7c3beeb46123e0888f2f91fdd3abc9235788f8420651
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
088e1ef91a320f014eecd7495cedfa7fee5e167cadaf55545ce137f4ff749ba8
0b454edb897d49bf8a73b07627b670a55f0972988094770495a308e5a5e39d1b
0f22cf2acf8146a0114391fa869da34a4c62183bce53e066d6605bf022b12ce1
0f94c946a13b9ebe43281550b7d0c00edf4694ad06bcb4c8679bee6d48df5115
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119bf322a2ce6d2a82422b51404bc54b375c881f12a120205598d1691fa48820
12127e3110351f54262db955bafe353593dd58c89c7f6b6fc159c10515e93c61
13e2a5a8ee95f08416f5a6912e9a421718cac05f05fbc16e28f349b8c0c7f1bc
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
160371118ad2e4d470bc6801bb253ec18332e7b6fb7225bb6d365a99bdb99d22
163eb6275eba2b44f68cb1cdf0ef5b0f417ed24aebd866c3cfef1ebf8c6ce683
16671e7758a3a7e476ac182e51962a2aebabc2f1935305aaf615f17ab060560b
17a31aae550a664382ab9d8085efc03a10a4548985f33ac4e5a533d5ab5e9339
18c545256f2217ee841db63336dddc318198118b706001a05985fc1f9efc6551
18fc5c48f87f011284114b0ff84884dcffa8a1ab99b786bac8d2f194bf2c512d
1cbf80f7d71564dc48af2c5d6bb5d15fc2aec0d541101c5eedf84bad1b908cab
1cf451d2d8d425375505bd10c5540e8e5cce3cbbd5932be038285d8b6a650e63
1d3703c19e9011b8892f897ac9537a98b43c4b9c4b358d31c6a5b9331d7143c5
1d70fbb9f38719c01044fbca986b01fc7aa60450e0cb13a88708a7997ea204ba
1dedfa3bec8945460a650762fced4491c16b71bea466a644880e5050868faa51
1ef8b59b832109ecbec2f9ed52e8073e2ab73862fa5e6697e1fe05d1c8358a02
2123e5d773cdc4c2a107f453a7884f3bc547aa2fb6aca425d2751d103a1d5591
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
266d85b7ad351501b8651b0e659d6d74fbe07085d3226cd3f7601f6522fbdf97
270e6b0b553dc256e4037bcff6ab85d74618b9b99fecc76e95e764588410955e
28d99ad8103f148a1cf63a25d1369e0bd7d220f97ca36ac12cf8a8c7b2060fcc
2a5d6f871f9fabe69b64bceff2b790c267bba22dbc20c4253eae35251d002fc4
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2ca281bdcd543e2e3559e6505c323c8d64df73f2a594a043780df3007e16d161
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
327bff03815a03aa28f368d2736190b3a501918044016aade71ab4163d2c3350
385a70225a0565040dafcaa7a679d4e774834011bc451989b0f7474e66cd383d
38b5fa249791d286db654d516dfb6173cc332a8d725c41b58d08c642b26bc641
3a45ea5b3d2f06d7dc15fbbd31895b161abb6c6803eecefb7916d109ede06cac
3a8d1303c55f6e52d7e2e0aca925b3ca4a5522564858c8db758ae1fbaccaf683
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
3db2b0fd0b52252f59fca3ea611988258ac4ad0c8aa2dfda8ad90081c659496c
3f1b86da9bb656d4a7239c9e02f111624a2ef1ffa2da30f0bbac0c2ec4753a2c
3fc208cfe441aa1f4eae4d081b8e1ab25087958ee2143f09d8fc57dd128e0178
40e8d65119746071200412ecf015650420a49b24ce8e70e230e5fddb8b8cabc4
494a73882e211c16a50493069a632e339e15d32fd8519f22766a0a0e235f7d01
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4c88237efbd80053668d55dfb4f84f10c756d3d69142f801bd440d5ca4c46468
5082f78080310ecf28702d75d2985fc757e0c15a4c030331706ea36f7c5e25d8
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738
5418abfb61c7201ead45d21f215b481b45ee7c13ee78608dbbe1c6244543406b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566639f88e650ada50f7f5a70d52efdd262905b7114ddffd26893b7727493a7f
599dd661a1d9e0af96d614fab0ea7396bf06de4265029166a265c2b10cc1a1b0
5c8d63abd4075c4ebd692fbd02e35fb72950f214a6486607c1819d4279ad526f
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5ddf3bce83b11af6e050f824bb5e154741057fecd0d79b9e26a262755ad58be2
5f1c818f2f9435b8e5bc31f893db6582d203c197ce7667699b6e4ae6974fa6eb
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
652cfd16c30cffe323376752f023f8f9738af74b807bda8e929ecba78d9ed19d
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
667fc29c529238b24d67890aed5daf31a27b46775d9c5214ceb1adf24a5b93aa
66ba9d76c09ad6dd52135d52c368f6d87ac40b5b4ce418e41a105fb221c7e470
67304a4844f34ebf2c2ab371244540a16840967f6960401f428f81fa99002508
69560229acb9c6f01744e0172bba17d68642703a1be7312a5f2a137ce4e22faf
6d73ee5231558c291a9caaa166ff86c86afb3bf799f5a9f7d525dbc9af106eec
72493a3f42ed0260f03b6ffd3ea131be38a1070845bfae24927f643a3fcf3255
72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853
731633bd497e93880bccb08fa09fa7fc7630372c7622dffea00c19aa2cdc49d1
78ad339bd313ef9abaad9c76705cbbb550405faefeb480a7f8f63561f3a947e8
79495f645199d6b22c080f185ef49ef573c1704e129a3aec2ccb09d5af784382
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b007525d142bbc02dda59ccd34237bfa93685d7e75fe089b44ac1e8bcdef02f
7e630cbe5f6138331df37c8fa469abe8d70a9164185d57bea60b8550743a495b
80a8ff7c0a2146b0fe47bef954b5849d1f1f181f7aae0010b41c9bd78efa8c1f
81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa
822bd73fe9551f44fd3d5b2b562a2bb2fb2dbc3eeb08c266a14b60f33f3b2da2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d23bc334acb1c937af9f4cd9598e68614ffd737d70cb0fd219067e5041aa60
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097
88203821dc4d76384c4906959385931277e18718ad49e1199cd42986043d9415
882447805fc1c7805ad98684a4698c4b3ae5e8932261c609f7cdd0834275d72c
89f2c0c3f337120cffabbad513474acd34ce323fce4613619a9677a09730784b
8a1e72743c6f26027c44f9d353a167d40fa41737f3859059f502f858cd79d3f3
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8f657cd3617d00d51bbc4dee693b71bde939c80310034a8d82641804d4eb7e16
92cf1a22d54d30668279a73c1cdc940b6cee41af209a1469beb3fe8215104bd6
95383bd175f0d37a2a4ec3e1c61d79b406ef96060c42ea38af21510cacb7e7a9
97163b731eeaba18956ab2503090d85d58ef9cf7ec7d95dab7d872f188257963
9967a27efc89a8cefe9665100ec51cded3a8c89f95cdca1285bfce207666cd11
99985c50b5c9c935c272df6687cc04da7fa72a790343424fce7c361a4b26c8f9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5106684b5b478a9faf0a6f01174969dc6d6f0969faf16c4905a5b286e1ac90
9b102421ba1f94d4650cf36d5bba6617af062b9927195914f3cb4ac7a21b003a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9cec59b071d9d61e74c42ac4db8d2815aaace7e51983afe2481c14b97f332258
9d43e4835fa48167fb30705b01094376801b87bbe19cc2ae1492499c075ac542
9d943fe5fde08d5b742d383b625031f75e3e89035369f2cde2778f4c6cf5c119
9fa5f4494a80ecf219df87f5a3bedccc280a4a458e72a12732411ec531731bb4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a45c88b305a818822e240131f3cb4466c154445dd9b46fe55896cdbbf40a6101
a4803d7bdeb478a5b9238fe74d8aaa98dafe2e8e68fccbd0e3f4dced823f27f0
a516ad71751bc94bdba5137e19bd99fd9aeae8406e2bcf1c209267ccb1d5c8a6
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3d1ab880346d3c610d1da935205e7191ea9fc88765e2fdf9fac2215eb6fb86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28577842d17fb5a5239b7e0e6f6b6049066fe0518f6535411c5e77f49c78750
b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173
b5b7914f92dd9c77baec4404d16a0b58278fae7accf416127a819e981d9e6760
b6c9f9a48bd0a163671773a199c876dc64d66947d47ac509c95e29177046c9a3
bd713db29fb234eb7584927050df71683e11b7b72bda4fcf72a88f8a7ff2f56d
bf91aba0819de75da11aa3e7036e1f001cb826d138c6f05c567ab5b7bbe4c8c1
c45ec140843e9eb2fde6f1c87877b4893ffefba0a1e13c00c0abe6d07f171128
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9130ee8c979a74ab038cf5e8a06db5cb94253eab35ea5242f515d605f4781ad
c99347d36fc2a70c8f86d0c4e696f807bd37a475609bf6eeb27611350edb5a3a
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cdb0cc0715f6956f1d044503fa5793eec23a76b79c2d74fbff3be44315f137a9
ce0e4023a88f7e16aadc962374286b414b00cad60d2d90878f631c6f37933a92
d279982ef90edd594effd108c4e40326550e04992973d3b529504b70ce163219
d537e6d07c68615573a7ca1c7978539a91e6635c5a47e0e8637762937b0dedca
d7d83cdf3ecfb54ec4b6de49f0163c7eae8410138770dea540eed6293b6d00ba
d82231820461c83d1b0966caae71bd2732bd89e9a910fdb90d193c3dca16dbc7
db286592cb77f411d2fdc7785bf0e30ea3d76bd885559809bd1ce72e0a89c1c1
dbd7f1d813cc432777765f0866d0e138226bee883d39f872182999519463c680
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dccafac57a7fcedce0d95d35007b502104f45b82f43f052159c370258ef13a53
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd8ce52adc4b0ab60f82c29ba12f25e2f6446245fc8c0b5f4bd6dab3146f9ef7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d17f49687e707b10a61608d1a9cc4e01ab1e3e116bb03dffb058671ee7d092
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e7e2024764e94bff400b354a7cb714ab75f1b9fd4b3fb09de18dca2d6c2e56a5
e7f17d130b5e82389ebc347e4525ab652f614f4bd6daae656f170e09d9796073
e90344957225c9e0caa52e2591fd6066740e0650bc100c422435762160fb2e33
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ed8f3edb315c74fa7316702a5e777fe414b91a6c57a4bf9d27c67dfb38a00b7f
ee68d3fe6e95c3ca3adb8de966913bf8bd389898f22b89eb333cb6cdedb2922f
eed566ecc6708178d1d1af4a3b1a13fe926c717f81e21609dfa520fa83a73af1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef593584d9432b51ed1cec6f58f844bfa6f81ef0fe27fd9404e400e1346fa09b
efaf50dd0be48360746de27c8624174b9689a29834970fe93656ec22cc9b770c
f02358e1929d9c1155f8b73036785b64ebc5617dff472c0c3209fa584b732ec0
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f24560f5b81158a42b8d38ffe5795d9959eb2308ee6780ea912a6594bb999d1e
f3f2822ba3d24c1f7f53bff8959801c644b2c1c556eb8c15ca36a86717f1ae7d
f533e083f3d896349ecf4b75a3b17a2e5155b309318af9dc44965ce50c66a1dd
f64368e7be69abe40585911860d83acfa8b14179d3008b2594166ae4c10ec0fd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83df770a7c9763424b29bfe7462c8f8e807d18dc0b4570f4ada501240007fda
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9db6465a204cc4186368b72a0ba4f063e64569aa4fc96e0f40c7ac69423121b
fcba0ef5c17fd435aaa6cfac66375e7bfae52f5116b7a6e126c8b0f38b841613
fd6c0f5026c29648ab8887658f23e6c57faedfe7f9d85e702823ae5dfcbdc8f0
fe9ce59aa6f3f2c6d0be658bec3e8515959f544fed27adc4506480cb9ead5157

www.cybereason.com Open in urlscan Pro 45.60.64.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

97 %HTTPS

53 %IPv6

50 Domains

75 Subdomains

66 IPs

5 Countries

5315 kBTransfer

10845 kBSize

58 Cookies

10 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cybereason.com Open in urlscan Pro
45.60.64.106 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

97 %
HTTPS

53 %
IPv6

50
Domains

75
Subdomains

66
IPs

5
Countries

5315 kB
Transfer

10845 kB
Size

58
Cookies

230 HTTP transactions
0 data transactions