Submitted URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSU...
Effective URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=tex...
Submission: On September 06 via api from DE — Scanned from DE

Summary

This website contacted 46 IPs in 4 countries across 37 domains to perform 140 HTTP transactions. The main IP is 104.198.136.223, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is redcanary.com. The Cisco Umbrella rank of the primary domain is 920887.
TLS certificate: Issued by R11 on September 4th 2024. Valid for: 3 months.
This is the only time redcanary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.17.72.206 13335 (CLOUDFLAR...)
25 104.198.136.223 396982 (GOOGLE-CL...)
12 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 152.195.15.58 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.18.17.5 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2a04:4e42::644 54113 (FASTLY)
1 52.92.203.216 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 88.221.60.75 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
11 34.96.102.137 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a04:4e42:400... 54113 (FASTLY)
3 2620:1ec:33::10 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 3 185.89.210.82 29990 (ASN-APPNEX)
1 2600:9000:206... 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.28.147.68 15224 (OMNITURE)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.3 13414 (TWITTER)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 151.101.129.140 54113 (FASTLY)
1 151.101.1.140 54113 (FASTLY)
1 2600:9000:211... 16509 (AMAZON-02)
11 2.17.100.210 20940 (AKAMAI-ASN1)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 52.70.162.19 14618 (AMAZON-AES)
2 76.223.9.105 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.194.81.74 396982 (GOOGLE-CL...)
3 2600:9000:211... 16509 (AMAZON-02)
1 18.173.205.94 16509 (AMAZON-02)
1 2a04:4e42::729 54113 (FASTLY)
140 46
Apex Domain
Subdomains
Transfer
27 redcanary.com
i.redcanary.com
redcanary.com — Cisco Umbrella Rank: 920887
resource.redcanary.com
2 MB
16 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 11346
embed-ssl.wistia.com — Cisco Umbrella Rank: 19472
pipedream.wistia.com — Cisco Umbrella Rank: 17584
distillery.wistia.com — Cisco Umbrella Rank: 17241
454 KB
12 6sc.co
j.6sc.co — Cisco Umbrella Rank: 12402
c.6sc.co — Cisco Umbrella Rank: 16017
ipv6.6sc.co — Cisco Umbrella Rank: 12823
b.6sc.co — Cisco Umbrella Rank: 6896
23 KB
12 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
r3.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 119783
204 KB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
161 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
px4.ads.linkedin.com — Cisco Umbrella Rank: 7330
2 KB
4 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 17231
26 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
3 gstatic.com
fonts.gstatic.com
44 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
319 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 18992
724 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3241
alb.reddit.com — Cisco Umbrella Rank: 1969
761 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6716
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
288 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 19182
2 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 8471
6 KB
2 qualified.com
js.qualified.com — Cisco Umbrella Rank: 50475
app.qualified.com — Cisco Umbrella Rank: 52147
234 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
32 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 7016
2 KB
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 26454
204 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356
393 B
1 t.co
t.co — Cisco Umbrella Rank: 979
626 B
1 mktoresp.com
003-yru-314.mktoresp.com
318 B
1 ml-api.io
attr.ml-api.io — Cisco Umbrella Rank: 48041
280 B
1 ml-attr.com
s.ml-attr.com — Cisco Umbrella Rank: 42102
278 B
1 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 4547
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253
15 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
303 B
1 amazonaws.com
s3-us-west-2.amazonaws.com
41 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
2 KB
140 37
Domain Requested by
25 redcanary.com i.redcanary.com
redcanary.com
12 cdn.cookielaw.org redcanary.com
cdn.cookielaw.org
11 dev.visualwebsiteoptimizer.com redcanary.com
i.redcanary.com
cdn.bizible.com
11 fast.wistia.com redcanary.com
fast.wistia.com
cdn.bizible.com
8 b.6sc.co redcanary.com
5 region1.analytics.google.com www.googletagmanager.com
dev.visualwebsiteoptimizer.com
4 cdn.bizible.com redcanary.com
cdn.bizible.com
3 pipedream.wistia.com dev.visualwebsiteoptimizer.com
3 www.google-analytics.com www.googletagmanager.com
cdn.bizible.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
cdn.bizible.com
3 secure.adnxs.com 2 redirects cdn.bizible.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
redcanary.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com redcanary.com
www.googletagmanager.com
2 epsilon.6sense.com cdn.bizible.com
2 www.facebook.com redcanary.com
2 j.6sc.co www.googletagmanager.com
j.6sc.co
2 www.google.de redcanary.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 connect.facebook.net i.redcanary.com
connect.facebook.net
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 tracking.g2crowd.com redcanary.com
tracking.g2crowd.com
2 munchkin.marketo.net redcanary.com
munchkin.marketo.net
1 js.sentry-cdn.com fast.wistia.com
1 distillery.wistia.com dev.visualwebsiteoptimizer.com
1 r3.visualwebsiteoptimizer.com cdn.bizible.com
1 app.qualified.com js.qualified.com
1 ipv6.6sc.co cdn.bizible.com
1 c.6sc.co cdn.bizible.com
1 cdn.bizibly.com redcanary.com
1 embed-ssl.wistia.com redcanary.com
1 alb.reddit.com redcanary.com
1 pixel-config.reddit.com www.redditstatic.com
1 px4.ads.linkedin.com redcanary.com
1 analytics.twitter.com redcanary.com
1 t.co redcanary.com
1 003-yru-314.mktoresp.com munchkin.marketo.net
1 attr.ml-api.io redcanary.com
1 s.ml-attr.com 1 redirects
1 script.crazyegg.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 fonts.googleapis.com redcanary.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 s3-us-west-2.amazonaws.com redcanary.com
1 cdnjs.cloudflare.com redcanary.com
1 js.qualified.com redcanary.com
1 resource.redcanary.com redcanary.com
1 ajax.googleapis.com redcanary.com
1 i.redcanary.com
140 50
Subject Issuer Validity Valid
i.redcanary.com
Cloudflare Inc ECC CA-3
2024-03-06 -
2024-12-31
10 months crt.sh
redcanary.com
R11
2024-09-04 -
2024-12-03
3 months crt.sh
cookielaw.org
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
resource.redcanary.com
Cloudflare Inc ECC CA-3
2024-03-02 -
2024-12-31
10 months crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-07 -
2025-07-08
a year crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
qualified.com
WE1
2024-09-04 -
2024-12-03
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01
2024-07-15 -
2025-07-08
a year crt.sh
geolocation.onetrust.com
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-08 -
2024-12-11
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2024-06-29 -
2025-07-31
a year crt.sh
g2crowd.com
WE1
2024-08-21 -
2024-11-19
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-23 -
2024-11-18
6 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04
2024-06-19 -
2024-12-16
6 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3
2024-08-02 -
2024-12-31
5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-06-16 -
2024-09-14
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.google.de
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-07 -
2024-10-07
a year crt.sh
t.co
E6
2024-07-31 -
2024-10-29
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-19 -
2025-08-18
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-08-27 -
2025-02-27
6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-05-30 -
2024-11-26
6 months crt.sh
*.wistia.com
Amazon RSA 2048 M02
2024-01-01 -
2025-01-28
a year crt.sh
6sc.co
R11
2024-07-03 -
2024-10-01
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
app.qualified.com
R11
2024-07-21 -
2024-10-19
3 months crt.sh
*.6sense.com
Amazon RSA 2048 M03
2024-03-31 -
2025-04-29
a year crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03
2024-08-11 -
2025-09-09
a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M02
2024-08-13 -
2025-09-11
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2
2024-06-04 -
2025-07-06
a year crt.sh

This page contains 2 frames:

Primary Page: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Frame ID: 25F92F1BCAB4129BE44FFDEF909B2F4B
Requests: 139 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=85b110b2-842a-461e-afa9-97b6bc00e727
Frame ID: 35B864C854B8E5A8DC70E355E928F564
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Welcome to the Red Canary 2024 Threat Detection Report

Page URL History Show full URLs

  1. https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8RO... Page URL
  2. https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • dev\.visualwebsiteoptimizer\.com/?([\d.]+)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

97 %
HTTPS

54 %
IPv6

37
Domains

50
Subdomains

46
IPs

4
Countries

3891 kB
Transfer

13988 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY= Page URL
  2. https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dredcanary.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=redcanary.com&pId=5112039428336805062
Request Chain 71
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&e_ipv6=AQKUZNhyLEGctAAAAZHIRDevwxfGNqn_VNUz1-cTKtN6v7QFbHqh-TDnfcgvGmPtxyT45N2CoknBKB63b1r6fpDT1xj-ew

140 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
i.redcanary.com/
640 B
1 KB
Document
General
Full URL
https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0d62146490727f2da79b5a3924c84ca0c1df978f72ae9d9f612eaca2c9d5a8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-m5Xc8wFS0HmX7V/sCni4N6s2nvxdmI+PyQi/WSTxWAk=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8beffe52d90ad238-FRA
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-m5Xc8wFS0HmX7V/sCni4N6s2nvxdmI+PyQi/WSTxWAk=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
content-type
text/html;charset=UTF-8
date
Fri, 06 Sep 2024 16:56:37 GMT
referrer-policy
strict-origin
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
b71aabb9bca42b1e
Primary Request /
redcanary.com/threat-detection-report/
381 KB
63 KB
Document
General
Full URL
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Requested by
Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
39981fdf62023a5a01565d7e79c5522fa18af04a610884fc6c37893e57352512
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://i.redcanary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 06 Sep 2024 16:56:38 GMT
feature-policy
microphone 'none'; geolocation 'none'
link
<https://redcanary.com/?p=36232>; rel=shortlink
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
deny
x-permitted-cross-domain-policies
master-only
x-powered-by
WP Engine
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
p+39a+/XEcZfNKybQjgXjA==
age
33205
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:12 GMT
server
cloudflare
etag
0x8DCCD749DA8FD23
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
771b698c-901e-00ec-41c4-ff9bf3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe57bcded2b6-FRA
expires
Sat, 07 Sep 2024 07:43:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/
88 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Sep 2024 16:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Sep 2025 16:02:53 GMT
forms2.min.js
resource.redcanary.com/js/forms2/js/
199 KB
67 KB
Script
General
Full URL
https://resource.redcanary.com/js/forms2/js/forms2.min.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 19 Jul 2024 20:11:11 GMT
server
cloudflare
age
1312
etag
"2fc06e9-31b30-61d9f4beb95c0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
8beffe57ebd79016-FRA
expires
Fri, 06 Sep 2024 20:56:38 GMT
bizible.js
cdn.bizible.com/scripts/
67 KB
25 KB
Script
General
Full URL
https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA7) /
Resource Hash
962fb5d8d6cd03aa451f3c08f122de41ff761c130d6afb818a40cddcbda34d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
last-modified
Thu, 05 Sep 2024 19:11:42 GMT
server
ECS (amb/6BA7)
age
70819
etag
"b6b04a71c7ffda1:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25393
js
www.googletagmanager.com/gtag/
357 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3fcde8f07e5dac8b58233593a7ba97944919e673227c31e668a26568c9908e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
113701
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Sep 2024 16:56:38 GMT
qualified.js
js.qualified.com/
1002 KB
234 KB
Script
General
Full URL
https://js.qualified.com/qualified.js?token=bAEbi2aHVysBKzuy
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30aad5ec78f96ddf694134a850a2de672a66db3bcbfc38eb1ad08da6382d66b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
via
1.1 spaces-router (baa76bb17a64)
strict-transport-security
max-age=63072000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
1008
x-xss-protection
1; mode=block
x-request-id
9003d0e0-486d-5f46-0617-fb63d8917720
x-runtime
0.021338
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7aa20c0605865f44295478fb36268954"
x-download-options
noopen
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8beffe58ca0e04a3-FRA
expires
Fri, 06 Sep 2024 20:56:38 GMT
jquery.matchHeight-min.js
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/
3 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
992420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1221
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-d34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BunC9dRQGHKVPnQbYSFitIfm65ncI6cCvS22eNktj0CGyOAytyFUl25VF4VAt%2Blw7qfy9CGPt0lHt3k1n%2FuKniegfmlARmgi4GeihyJ%2B3rTtrpxZYu%2BhzTstDIbgIYphzOGE7CKW6UEPWmB%2BZ6Tm30pt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8beffe57aa10d275-FRA
expires
Wed, 27 Aug 2025 16:56:38 GMT
40393661-0639-4e13-9774-ba9e2ae459fa.json
cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/40393661-0639-4e13-9774-ba9e2ae459fa.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccef64d3564e0e9649b029ad0117abb8f1a8504db767abeeca33de23b9a50844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17851
content-md5
YHyB5ZH80LGScBjDlihTlg==
content-length
1766
x-ms-lease-status
unlocked
last-modified
Tue, 09 Apr 2024 16:56:25 GMT
server
cloudflare
etag
0x8DC58B5FDF46D79
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a021cdb6-701e-0035-669e-8a5597000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe582cd3d22a-FRA
expires
Sat, 07 Sep 2024 16:56:38 GMT
c14me9au91.jsonp
fast.wistia.com/embed/medias/
7 KB
3 KB
Script
General
Full URL
https://fast.wistia.com/embed/medias/c14me9au91.jsonp
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
58af3170b8bb13c769102fa7dbfaa54ee277780bd9f18e63a1d1b6c6ef3fa156
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 5f7eb39e021e91c3b4f1188abbe23720.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD61-P4
age
158
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
94
content-length
2116
x-request-id
810cce49-e294-462d-86e2-233be59861c9
x-served-by
cache-iad-kjyo7100114-IAD, cache-fra-eddf8230063-FRA
x-runtime
0.092901
x-browser-version
128
server
envoy
x-timer
S1725641799.524809,VS0,VE1
etag
W/"58af3170b8bb13c769102fa7dbfaa54e"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
e1r0jCrMQnjI4pqp3DBNBXYOVxuMnEa8BLa0tLD-XLpdEb7NkOmgBw==
x-cache-hits
3, 1
E-v1.js
fast.wistia.com/assets/external/
810 KB
139 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eae3b68e1dd4d4c42e01d150fd1f7a0cdb89df2479fda9957598bbe287049e1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1096
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
141792
x-served-by
cache-iad-kiad7000111-IAD, cache-fra-eddf8230063-FRA
x-browser-version
128
last-modified
Fri, 06 Sep 2024 15:37:36 GMT
server
AmazonS3
x-timer
S1725641799.524829,VS0,VE0
etag
"ab6f0d44398c496a7e2a18972559bf83"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
cc2d2e06c1bf70c2d7e11f3fb92029817a09932b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
44, 8
teknkl-formsplus-1.0.5.js
s3-us-west-2.amazonaws.com/s.cdpn.io/250687/
41 KB
41 KB
Script
General
Full URL
https://s3-us-west-2.amazonaws.com/s.cdpn.io/250687/teknkl-formsplus-1.0.5.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.203.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 06 Sep 2024 16:56:39 GMT
x-amz-version-id
OjXdZ5iYdmgpgEuq0ftytCBc_PO35ThO
Last-Modified
Thu, 26 Apr 2018 08:20:46 GMT
Server
AmazonS3
x-amz-request-id
GT6ADB44J2Y7JP7Q
ETag
"bab0c2b3523f8244564b675fe34db610"
Content-Type
application/x-js
Cache-Control
public
Accept-Ranges
bytes
Content-Length
41617
x-amz-id-2
i9Nmqlz88Y0GsV3OyA/kuB1fN+HQQfNyD1jy9p/UrFsbPWTJGxQ38U6HmIkP2zCZgZGJdK3mBKk=
autoptimize_7b38ca29273224c4ecb2a43fdd286ea7.js
redcanary.com/wp-content/cache/autoptimize/js/
262 KB
76 KB
Script
General
Full URL
https://redcanary.com/wp-content/cache/autoptimize/js/autoptimize_7b38ca29273224c4ecb2a43fdd286ea7.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
18b368af8e8679b39c6fbbdde36542f3fc345bc9230a35cd1bd06595c1e73608
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 29 Aug 2024 15:42:08 GMT
server
nginx
etag
W/"66d096d0-4165d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
303 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8beffe589f7b6acb-FRA
access-control-allow-headers
Content-Type
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 06 Sep 2024 16:56:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
gtm.js
www.googletagmanager.com/
355 KB
115 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15c9721722a63da2ef4748f63d6f728b2f433e872933893bb5480950e850d7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117643
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 16:56:38 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2400a36b6ad539bf01612df2f0ae253d0928fcdd2e966b299af7e84111216651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 16:45:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Sep 2024 16:56:38 GMT
j.php
dev.visualwebsiteoptimizer.com/
24 KB
8 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=906194&u=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&vn=2.1&x=true
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
d56db07e0d86e6999783ef7d56811392b49d4fc638cd32ee50bdb08eb0ce5319

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://redcanary.com
cache-control
public, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css
redcanary.com/wp-content/cache/autoptimize/css/
5 MB
250 KB
Stylesheet
General
Full URL
https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6438b16f2375488bf0208a69b27fe17b3119b1772be376966663f9014b7e14e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Thu, 29 Aug 2024 16:25:50 GMT
server
nginx
etag
W/"66d0a10e-53ed07"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
5354.js
tracking.g2crowd.com/attribution_tracking/conversions/
2 KB
2 KB
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/5354.js?p=https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&e=
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ff64475fc859e6b68daf72b6a410f1c2c7ff2c77cb29e29aea61da124b2682
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
content-disposition
inline
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
origin-agent-cluster
?1
cf-ray
8beffe58bdd7d2ce-FRA
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e0408f7fbaf5216b577287b7654be1388d933b9b41dbd95dc733d5b5020f67a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
tdr-sidenav-grain.png
redcanary.com/wp-content/themes/redcanary/assets/img/
230 KB
231 KB
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/tdr-sidenav-grain.png
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cf023f65b0756bbd15808ea4464febb7dde19426a49c5ea03555010b9a01813
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 19:10:27 GMT
server
nginx
etag
"65f0a8a3-3998b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
235915
tdr-search-icon.svg
redcanary.com/wp-content/themes/redcanary/assets/img/
773 B
726 B
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/tdr-search-icon.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7bb26544c7c0d00e118860dc125c1bc943201bca5cf780804370732b39210d38
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 20 Mar 2023 15:41:32 GMT
server
nginx
etag
W/"64187eac-305"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
tdr-hero-canaries.png
redcanary.com/wp-content/themes/redcanary/assets/img/
10 KB
10 KB
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/tdr-hero-canaries.png
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7481436346ad777435fe494e87a3d7fa9dc1251ab9a024d5305a90fcc0b44f8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 20 Mar 2023 15:41:31 GMT
server
nginx
etag
"64187eab-27ad"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10157
button-right-arrow-white.svg
redcanary.com/wp-content/themes/redcanary/assets/img/
350 B
581 B
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/button-right-arrow-white.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 27 Feb 2019 15:51:05 GMT
server
nginx
etag
W/"5c76b1e9-15e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
bullet-square.svg
redcanary.com/wp-content/themes/redcanary/assets/img/
443 B
616 B
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/bullet-square.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6217f642930c0d2411329fb00cf9a7e2e138a98f56eece6e82b3a7359f20cb11
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 23 Aug 2021 16:46:07 GMT
server
nginx
etag
W/"6123d0cf-1bb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
globe-white-right.png
redcanary.com/wp-content/themes/redcanary/assets/img/
259 KB
260 KB
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/globe-white-right.png
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d3d589e680bc49f54cb5721723fc2ec1a68d5e8ce3946db7192fb0d207e9b6cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 27 Feb 2019 15:51:11 GMT
server
nginx
etag
"5c76b1ef-40da2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
265634
CanarySans-Display-300.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-300.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
52ce30c1ca4a370f850fadf51868d1792a6e6a81f9488f67b993cc7d2921d187
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:15 GMT
server
nginx
etag
"65f062fb-5acc"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23244
CanarySans-Text-700.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-700.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2920a21f3d5f1c34cc38823f2c4422d1a0d23cba63233e5e8c382852aa7ada7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:25 GMT
server
nginx
etag
"65f06305-5acc"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23244
CanarySans-Text-300.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
22 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-300.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6a2fae6141cd3c337ae20368ec6c6d16bcd1774b42c9cf6ef2b79f4ce7a67710
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:22 GMT
server
nginx
etag
"65f06302-5998"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22936
CanarySans-Display-400.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-400.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c8794253f4669bc181f3401651637f6a14f68ea3ffd1bd18a8e46abaac6308ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:16 GMT
server
nginx
etag
"65f062fc-5b10"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23312
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202403.2.0/
447 KB
109 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4b4fc897b28572139d99a48b119f8b81e71b8b0a262463d798d08176fcbb6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
UXUCHIIw+nYfl5bUBeOrfg==
age
68550
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
110883
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:46:47 GMT
server
cloudflare
etag
0x8DCA5E0CAE51F8D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f908b35a-301e-0026-11ca-d7083e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe58d916d2b6-FRA
worker-23054e6f51fac45856d9d96629e6a24bbr.js
dev.visualwebsiteoptimizer.com/edrv/
262 KB
63 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/worker-23054e6f51fac45856d9d96629e6a24bbr.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
9a2881db9acece1a91f1c03f4b9c329b3060478584d66dee1473eb30243590bc

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 06 Sep 2024 12:47:24 GMT
server
gfra2
etag
"66daf9dc-fda1"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64929
va_gq-3f860a042c120c542121c686eefed0f8br.js
dev.visualwebsiteoptimizer.com/edrv/
272 KB
71 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-3f860a042c120c542121c686eefed0f8br.js
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
17b8e347368085cc03e0ae095b3b6690c2e5144dd82efaf4f9530a43d267a0f4

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 06 Sep 2024 12:47:24 GMT
server
gfra2
etag
"66daf9dc-11a8d"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72333
v.gif
dev.visualwebsiteoptimizer.com/
35 B
146 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=906194&d=redcanary.com&u=DBE502D030E0A74F3C4EB7A3315664E0D&h=7246f70849f5715c66a362a36fab570a&t=false
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv03c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv03c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 12:40:18 GMT
x-content-type-options
nosniff
age
533780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 12:40:18 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 04:28:39 GMT
x-content-type-options
nosniff
age
563279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 04:28:39 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:51:33 GMT
x-content-type-options
nosniff
age
518705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 16:51:33 GMT
munchkin.js
munchkin.marketo.net/163/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 06 Sep 2024 16:56:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type
application/x-javascript
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Sun, 15 Dec 2024 16:56:38 GMT
assign
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Ping
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5354.js?p=https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKh6xXCGT4Qe1uWlB

Response headers

b31489f2-5846-4814-98b5-629448d9c12e
https://redcanary.com/ Frame
0
0

en.json
cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/74fb8979-2e31-43ae-9b2a-9bc75d2fa949/
52 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/74fb8979-2e31-43ae-9b2a-9bc75d2fa949/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37272073d42afe3551287e126370433d9b283bb954309149ca9b3ce601c00c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8594
content-md5
63xjzesvZt/KspanM0JPAA==
content-length
12613
x-ms-lease-status
unlocked
last-modified
Tue, 09 Apr 2024 16:56:29 GMT
server
cloudflare
etag
0x8DC58B600BC7414
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
96c806ec-001e-002f-1c9f-8a3448000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe5a5bd7d22a-FRA
expires
Sat, 07 Sep 2024 16:56:38 GMT
s.gif
dev.visualwebsiteoptimizer.com/
35 B
53 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=906194&u=DBE502D030E0A74F3C4EB7A3315664E0D&s=1725641798&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22https%253A%252F%252Fi.redcanary.com%252F%22%2C%22lt%22%3A1725641798815%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1725641798823&v=ec47b2222&_ru=https%3A%2F%2Fi.redcanary.com%2F
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv03c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv03c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
destination
www.googletagmanager.com/gtag/
271 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-759876114&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ac0a2e6a697ca03edaf0f2ebe2aafc6eb827b5a651ae5d51e7b86f04fe1fa27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95037
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 16:56:39 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-eddf8230072-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=70731
accept-ranges
bytes
content-length
14628
pixel.js
www.redditstatic.com/ads/
42 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
bat.js
bat.bing.com/
49 KB
14 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6929e96fec5c905d42d98c6678e07fdeee26d05ee5b90129c891303775ba87f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 06 Sep 2024 16:56:38 GMT
last-modified
Thu, 05 Sep 2024 15:46:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 414F91C854FC410A9B0C7DC02B076FD6 Ref B: FRAEDGE1819 Ref C: 2024-09-06T16:56:39Z
etag
"80c15cd5aaffda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14281
9416.js
script.crazyegg.com/pages/scripts/0096/
0
0
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0096/9416.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
cf-cache-status
HIT
last-modified
Fri, 06 Sep 2024 14:41:48 GMT
server
cloudflare
age
8091
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
8beffe5bcc933671-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
fbevents.js
connect.facebook.net/en_US/
225 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 06 Sep 2024 16:56:39 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4339, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
BoFupihRIBquJwWl8VIJlFu2psEqaDPiek4SLwKBqSzFUDzu1h2mWLGpzL21kee9nQMQte4C0N7gbE3BwKUrmA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dredcanary.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=redcanary.com&pId=5112039428336805062
4 B
280 B
Image
General
Full URL
https://attr.ml-api.io/?domain=redcanary.com&pId=5112039428336805062
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Server
2600:9000:206f:8000:5:7a81:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json
alt-svc
h3=":443"; ma=86400
content-length
4
apigw-requestid
dsUbSjF0oAMEP8Q=
x-amz-cf-id
biCp-Oyq5JjdwAm9Ti1fkbQUuGO6c_ylIGShAtFmcCCOsyZhl2ScYg==

Redirect headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
an-x-request-uuid
71068b2e-96d0-44b0-9ad2-a48da088a51d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://attr.ml-api.io/?domain=redcanary.com&pId=5112039428336805062
x-proxy-origin
45.141.152.74; 45.141.152.74; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
captions.js
fast.wistia.com/assets/external/
174 KB
37 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/captions.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
775c12811f59b909cd99ae1187574609edc3d90f812af487ab8411d63ec3444f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1097
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
37387
x-served-by
cache-iad-kiad7000086-IAD, cache-fra-eddf8230063-FRA
x-browser-version
128
last-modified
Fri, 06 Sep 2024 15:37:36 GMT
server
AmazonS3
x-timer
S1725641799.005583,VS0,VE0
etag
"4477706ecbdd6314913f4f5a9911bc4f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
cc2d2e06c1bf70c2d7e11f3fb92029817a09932b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
40, 14
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=45je4940v874113835z8813277038za200&_p=1725641798492&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=709435067.1725641799&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1725641799&sct=1&seg=0&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1273
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
243 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T3K4MTNQJN&cid=709435067.1725641799&gtm=45je4940v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T3K4MTNQJN&cid=709435067.1725641799&gtm=45je4940v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=925785130
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S6W6WXK4G8&gtm=45je4940v874113835z8813277038za200&_p=1725641798492&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=709435067.1725641799&ecid=647818577&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&sid=1725641799&sct=1&seg=0&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&en=page_view&_fv=1&_ss=1&tfd=1315
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
45 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S6W6WXK4G8&cid=709435067.1725641799&gtm=45je4940v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S6W6WXK4G8&gtm=45je4940v874113835za200&_p=1725641798492&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=709435067.1725641799&ecid=647818577&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EAAC&_s=2&sid=1725641799&sct=1&seg=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&en=page_view&_ee=1&_et=19&tfd=1316
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S6W6WXK4G8&cid=709435067.1725641799&gtm=45je4940v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1290408585
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
003-yru-314.mktoresp.com/webevents/
2 B
318 B
Ping
General
Full URL
https://003-yru-314.mktoresp.com/webevents/visitWebPage?_mchNc=1725641799198&_mchCn=&_mchId=003-YRU-314&_mchTk=_mch-redcanary.com-1725641799183-80971&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&_mchHo=redcanary.com&_mchPo=&_mchRu=%2Fthreat-detection-report%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fi.redcanary.com%2F&_mchQp=utm_source%3Dredcanary__-__utm_medium%3Demail__-__utm_campaign%3Dnurture__-__utm_term%3Dtext__-__utm_content%3Dgeneral__-__mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 06 Sep 2024 16:56:39 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
4121b62e-c79e-40de-8f0f-33fa5c6dd78d
otFlat.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Q9brtORRsvfuS5CuJpEeaA==
age
24139
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:46:38 GMT
server
cloudflare
etag
0x8DCA5E0C5BC479B
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bcc2344f-e01e-0102-2b83-d8d725000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe5da806d22a-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/
63 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7465924993bbca3c35db5e27f00d48e1b718c7e82bf610926f9f388bfb13c2e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YQM0QQUQWBIkxGGTVqiqtQ==
age
39644
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13627
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:46:41 GMT
server
cloudflare
etag
0x8DCA5E0C74C73EA
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f0aa6280-f01e-0091-502d-d8073b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe5da808d22a-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
f69wsM1UofEpgZzoDSThbA==
age
17851
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1738
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:46:40 GMT
server
cloudflare
etag
0x8DCA5E0C6CFDF96
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9d5dcf4a-f01e-005d-3df0-d7638e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe5da809d22a-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202403.2.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
4ErYmXXFNbMLrnc9DrDTsg==
age
36634
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:46:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4d2bfadf-701e-00e6-41ed-d7827a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8beffe5da80ed22a-FRA
track-cdedaf78a5a560b171cab9ff24c99622.js
dev.visualwebsiteoptimizer.com/7.0/
16 KB
5 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/7.0/track-cdedaf78a5a560b171cab9ff24c99622.js
Requested by
Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
5acc83ac39dc9fd644c06aff37b2b218e43305a933348d36f7e2e8440f1a6ecb

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 06 Sep 2024 12:47:32 GMT
server
gfra2
etag
"66daf9e4-124f"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4687
opa-db106f510819bfd2d041982bc094c827.js
dev.visualwebsiteoptimizer.com/analysis/4.0/
146 KB
37 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-db106f510819bfd2d041982bc094c827.js
Requested by
Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
5e5572a1656fcf33ab4428f5819403916544fb4db49107a108458f637ef0ad4e

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 06 Sep 2024 12:47:23 GMT
server
gfra2
etag
"66daf9db-933e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37694
settings.js
dev.visualwebsiteoptimizer.com/
9 KB
3 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=906194&settings_type=1&vn=&eventArch=1&uuid=&ec=1123835|1250290&rc=1&exc=1|2|6
Requested by
Host: i.redcanary.com
URL: https://i.redcanary.com/MDAzLVlSVS0zMTQAAAGVYpt-tCnJAt9KIEm7rIj40ch06e3aExJAs6p-kKxhQBERkTI3hde4W8ROI7o3OXPhrB0UIZ4suXSUlkY=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
6acf301c390013a37c63c464377d353a73c74dd4e883a2e0c165e72a66134403

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
via
1.1 google
server
gfra2
etag
W/"1725626860_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adsct
t.co/i/
43 B
626 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=5cbc01f4-2f08-4fa3-948f-d8218131688e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=92bb948f-30d2-4d4f-8535-c6ec528b309e&tw_document_href=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o015g&type=javascript&version=2.3.30
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-response-time
179
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=0
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif;charset=utf-8
x-transaction-id
d4530904724a88f2
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
4bcd854940335d4e805fa80c7fc87e462f51caad0deb4e8e1da758792fe8e978
cf-ray
8beffe5f2aee18fd-FRA
content-length
43
adsct
analytics.twitter.com/i/
43 B
393 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5cbc01f4-2f08-4fa3-948f-d8218131688e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=92bb948f-30d2-4d4f-8535-c6ec528b309e&tw_document_href=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o015g&type=javascript&version=2.3.30
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-response-time
105
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
c90f69ff31288543
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
9723755f121a9f69229788afb53e3cb3ef18e26200720f4aa4e9d4cf4d9aebf0
content-length
43
attribution_trigger
px.ads.linkedin.com/
2 B
814 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9ED4C9DD85634221A748253F866FB44F Ref B: FRAEDGE1720 Ref C: 2024-09-06T16:56:39Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYhdkp5H95NpMzd8LdyWQ==
x-fs-uuid
000621764a791fde4da4ccddf0b77259
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campai...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campa...
0
266 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&e_ipv6=AQKUZNhyLEGctAAAAZHIRDevwxfGNqn_VNUz1-cTKtN6v7QFbHqh-TDnfcgvGmPtxyT45N2CoknBKB63b1r6fpDT1xj-ew
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E1A5507CA9A74A9CB94CC1D1BE665FA3 Ref B: FRAEDGE1816 Ref C: 2024-09-06T16:56:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYhdkp8O0md/jRHoXYoXQ==

Redirect headers

date
Fri, 06 Sep 2024 16:56:38 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9EF67E273F1D4CB3A102501659DEA30F Ref B: FRAEDGE1718 Ref C: 2024-09-06T16:56:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1725641799403&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&e_ipv6=AQKUZNhyLEGctAAAAZHIRDevwxfGNqn_VNUz1-cTKtN6v7QFbHqh-TDnfcgvGmPtxyT45N2CoknBKB63b1r6fpDT1xj-ew
x-li-proto
http/2
content-length
0
x-li-uuid
AAYhdkp5aXgRtOS9JEiXkg==
config
pixel-config.reddit.com/pixels/t2_5kac730w/
3 B
124 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/t2_5kac730w/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
t2_5kac730w_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
699 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_5kac730w_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/
42 B
637 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1725641799444&id=t2_5kac730w&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3c9e3da8-652b-4755-91ae-fbf4c14357cc&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
1042590016249604
connect.facebook.net/signals/config/
64 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1042590016249604?v=2.9.167&r=stable&domain=redcanary.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6fc6110fc5f3c6ecfd36ab3d3659aefb80eb6aae9490014460964f51fcb41790
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 06 Sep 2024 16:56:39 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12996
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=66979, tp=62, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
6efcpf1mChvWlw7c0zSjaWB6zMf0kGKOp/Twv3V68Elx6VW0/vwRYo0Kkf0b5U75wiD+fyhXC42fTdcwvpLsbw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
56383426.js
bat.bing.com/p/action/
334 B
405 B
Script
General
Full URL
https://bat.bing.com/p/action/56383426.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 06 Sep 2024 16:56:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C89A059046284F38BD562C05F9EC38BA Ref B: FRAEDGE1819 Ref C: 2024-09-06T16:56:39Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
c14me9au91.json
fast.wistia.com/embed/captions/
2 KB
1 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/captions/c14me9au91.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
49209602a8275b9e44de5ab79fdab1835b36a9235e8562f7b4002196cee222cf
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 0712e4ad4264127dfcb76a114b130494.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
18
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
56
content-length
744
x-request-id
c4ccb364-c746-4f9b-b61e-3702b919f6ca
x-served-by
cache-iad-kjyo7100112-IAD, cache-fra-eddf8230076-FRA
x-runtime
0.054714
x-browser-version
128
server
envoy
x-timer
S1725641800.564735,VS0,VE1
etag
W/"49209602a8275b9e44de5ab79fdab183"
vary
Accept-Encoding,X-Forwarded-Proto
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
yYJze2PC2giDya_4UF5uIkPbzf1IPvO-bmHeZGyz5uCefIjauOevUg==
x-cache-hits
17, 1
interFontFace.js
fast.wistia.com/assets/external/
45 KB
18 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/interFontFace.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d77f0a64648193b849be97374492c603ac1148cda483d3884f0db834c911841e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1097
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18424
x-served-by
cache-iad-kiad7000053-IAD, cache-fra-eddf8230076-FRA
x-browser-version
128
last-modified
Fri, 06 Sep 2024 15:37:37 GMT
server
AmazonS3
x-timer
S1725641800.564734,VS0,VE0
etag
"8399cf651c6cc604259d67240cec857a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
cc2d2e06c1bf70c2d7e11f3fb92029817a09932b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
47, 16
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

Referer
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
swatch
fast.wistia.com/embed/medias/c14me9au91/
3 KB
4 KB
Image
General
Full URL
https://fast.wistia.com/embed/medias/c14me9au91/swatch
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
3c69c98944d014332c4c7503265687238a85fd83069faeb1343e8d09ff7d5a3b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
access-control-request-method
*
via
1.1 624a1750702d82319b25f17c35c73d04.cloudfront.net (CloudFront), 1.1 47c0295005ec7d8570406951491004c2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD89-P2, IAD89-C3
age
906234
edge-cache-tag
2493fbbdaf557a869829b8551c6e9ab7
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
35
content-disposition
inline
content-length
3507
x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-eddf8230063-FRA
x-browser-version
128
last-modified
Wed, 06 Mar 2024 00:22:52 UTC
server
envoy
x-timer
S1725641800.638812,VS0,VE2
etag
2nLJfqM3qFQqV8o3BW9J5aVKSr0=
content-type
image/jpeg
access-control-allow-origin
*,*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0Bcozi5iKi8_maNIipB_QvqYzjdGgzIxOcL4FxdK5yHTck8CExBNTw==
x-cache-hits
24, 1
2493fbbdaf557a869829b8551c6e9ab7.webp
embed-ssl.wistia.com/deliveries/
85 KB
85 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/2493fbbdaf557a869829b8551c6e9ab7.webp?image_crop_resized=1920x1080
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:cc00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
d175f00e07301fc128ac10eedbf049a3f924ade1235fadf96fee154fd8914856

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 11:59:10 GMT
access-control-request-method
*
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
age
17849
edge-cache-tag
2493fbbdaf557a869829b8551c6e9ab7
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
787
content-disposition
inline
surrogate-key
2493fbbdaf557a869829b8551c6e9ab7 thumbnail-delivery
last-modified
Wed, 06 Mar 2024 00:22:52 UTC
server
envoy
etag
xUreb-qW7MJqL_Rb4ZIKt1wkthg=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
vEyLOwIxosKXmVpWbupAFcVNivzx16tgh_odoil_xsRF_efFh-XpAg==
ipv
cdn.bizible.com/
43 B
328 B
Image
General
Full URL
https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fi.redcanary.com%2F&_biz_h=-1906410348&_biz_u=2363fb5c25ea4d5d9bdd75a37e1cdd39&_biz_l=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&_biz_t=1725641798546&_biz_i=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&_biz_n=0&a=redcanary.com&rnd=958893&cdn_o=a&_biz_z=1725641799706
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B77) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 30 Aug 2024 21:15:30 GMT
server
ECS (amb/6B77)
age
589269
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/
43 B
204 B
Image
General
Full URL
https://cdn.bizibly.com/u?_biz_u=2363fb5c25ea4d5d9bdd75a37e1cdd39&_biz_l=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&_biz_t=1725641799707&_biz_i=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&a=redcanary.com&rnd=938348&cdn_o=a&_biz_z=1725641799707
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7E) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 30 Aug 2024 21:15:57 GMT
server
ECS (amb/6B7E)
age
589242
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
s.gif
dev.visualwebsiteoptimizer.com/
35 B
53 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=906194&u=DBE502D030E0A74F3C4EB7A3315664E0D&s=1725641798&p=1&update=1&cq=1&ttl=90&vn=undefined&vns=undefined&vno=undefined&eTime=1725641799738&v=ec47b2222&_cu=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnu&_ru=https%3A%2F%2Fi.redcanary.com%2F&random=0.6291902870871087
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv03c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv03c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
CanarySans-Display-700.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-700.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
df064dd6edad0cdc26f0a3abc83b8d5d5b173a41d6b88d8d242823055da2124d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:18 GMT
server
nginx
etag
"65f062fe-5b1c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23324
CanarySans-Text-400.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-400.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a5b8f66f586ce4d9566503535595800d6d4c8b6e1651ab8b2fbf8f02819ef42
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:23 GMT
server
nginx
etag
"65f06303-5a48"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23112
TDR-Header03-1200w.jpeg
redcanary.com/wp-content/themes/redcanary/assets/img/
495 KB
496 KB
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/TDR-Header03-1200w.jpeg
Requested by
Host: redcanary.com
URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5cd3baa58afc9b772d9cb881478a4511bba11be108264372e299aa7500a41f57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 19:01:44 GMT
server
nginx
etag
"65f0a698-7bacb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
506571
search-btn.svg
redcanary.com/wp-content/themes/redcanary/assets/img/
161 B
435 B
Image
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/search-btn.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0f57969cdf0d61b86fc25ded8a8c5058a5edd346d1845b232610a54f08d0fcb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 08 Sep 2021 23:08:04 GMT
server
nginx
etag
W/"61394254-a1"
vary
Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
622 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
4832
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
edb13b1b-901e-00a8-0598-ff479f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8beffe609b86d2b6-FRA
CanarySans-Display-600.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-600.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3af06755c87e9490cafd32e49064834e94096021de3b7b53458e3384dcf7bf47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:18 GMT
server
nginx
etag
"65f062fe-5bf4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23540
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
516 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
83530
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 16:39:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
93a9fb48-301e-0100-5476-fed5df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8beffe60aa76d22a-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
4849
content-length
4036
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:14 GMT
server
cloudflare
etag
0x8DCCD749EEFC4F4
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
b2093fce-e01e-00ca-3d6d-ff0047000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8beffe60cc7dd2b6-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
59810
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f2de5db3-801e-001d-04ce-ff4a60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8beffe60cc85d2b6-FRA
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/4.0/
46 KB
13 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/analysis/4.0/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 06 Sep 2024 12:47:23 GMT
server
gfra2
etag
"66daf9db-3459"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13401
f3744a5e-342b-429c-9d2c-2c1b7b45310a.js
j.6sc.co/j/
5 KB
2 KB
Script
General
Full URL
https://j.6sc.co/j/f3744a5e-342b-429c-9d2c-2c1b7b45310a.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
805ce4322a9be88ec58266cf40c95f62920aadea2a0d00f6ddeda8f82df66b09

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ZP_GnDytUL9NRU7xM5CP6PgfirMXR58J
content-encoding
gzip
date
Fri, 06 Sep 2024 16:56:39 GMT
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/json
content-length
1566
last-modified
Thu, 15 Feb 2024 19:15:51 GMT
server
AmazonS3
etag
"e32c5c81f0cda4121d7ac50a6fa46548"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
hXNxXdSy60RAXtCMi4aF4F85DbwRAHrCbVWpIoBrHOEZ-_fC7crgTQ==
expires
Fri, 06 Sep 2024 17:26:39 GMT
xdc.js
cdn.bizible.com/
111 B
345 B
Script
General
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=2363fb5c25ea4d5d9bdd75a37e1cdd39&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.09.05&a=redcanary.com
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC3) /
Resource Hash
68698d0fa5bb8d0f7a1e154d960fa7bb1f4b7b3a3042b2123eb225a8295bc9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSub
server
ECS (amb/6BC3)
etag
D3373AB7
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
215
u
cdn.bizible.com/
43 B
86 B
Image
General
Full URL
https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A003-YRU-314%26token%3A_mch-redcanary.com-1725641799183-80971&_biz_u=2363fb5c25ea4d5d9bdd75a37e1cdd39&_biz_l=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&_biz_t=1725641799708&_biz_i=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&_biz_n=1&a=redcanary.com&rnd=72708&cdn_o=a&_biz_z=1725641799956
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7E) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSub

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:39 GMT
strict-transport-security
max-age=31536000; includeSub
last-modified
Fri, 30 Aug 2024 21:15:57 GMT
server
ECS (amb/6B7E)
age
589242
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
/
px.ads.linkedin.com/wa/
0
194 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 06 Sep 2024 16:56:39 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F240C42BC2D649E4B5B7155C9DA37B76 Ref B: FRAEDGE1718 Ref C: 2024-09-06T16:56:39Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://redcanary.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYhdkp/+5EVasKK7lvibA==
CanarySans-Text-600.woff2
redcanary.com/wp-content/themes/redcanary/assets/fonts/
23 KB
23 KB
Font
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-600.woff2
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
62d02c88b4232d936a5d2554226d043540fe3f4b4822aba7f82eb4c72c7eda51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 12 Mar 2024 14:13:25 GMT
server
nginx
etag
"65f06305-5af4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23284
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1042590016249604&ev=PageView&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&rl=https%3A%2F%2Fi.redcanary.com%2F&if=false&ts=1725641799987&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1725641799982.477287929887834812&ler=other&cdl=API_unavailable&it=1725641799457&coo=false&rqm=GET
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 06 Sep 2024 16:56:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1042590016249604&ev=PageView&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&rl=https%3A%2F%2Fi.redcanary.com%2F&if=false&ts=1725641799987&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1725641799982.477287929887834812&ler=other&cdl=API_unavailable&it=1725641799457&coo=false&rqm=FGET
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 06 Sep 2024 16:56:40 GMT
document-policy
force-load-at-top
x-fb-server-load
32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7411575096068647954", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3115, tp=-1, tpl=-1, uplat=222, ullat=0
pragma
no-cache
x-fb-debug
BGJeCWjPVpY5fGUUkiZMaje1YGE/ld1annz/3ugaU1TP4jrimF1IqU4HbEu426kynjYyELUCm9sNEOmIbHYUKQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7411575096068647954"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
TDR-Header-03.jpg
redcanary.com/wp-content/uploads/2024/03/
371 KB
372 KB
Image
General
Full URL
https://redcanary.com/wp-content/uploads/2024/03/TDR-Header-03.jpg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f46d096c5acb1a5a9dd66960361b2199ea0817ba4c543f3776944a995e2768c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 11 Mar 2024 15:49:24 GMT
server
nginx
etag
"65ef2804-5cd13"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
380179
TDR-popup-2.jpg
redcanary.com/wp-content/uploads/2024/03/
133 KB
133 KB
Image
General
Full URL
https://redcanary.com/wp-content/uploads/2024/03/TDR-popup-2.jpg
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e4673faf5bf12429e5051b16210db893c36f02c2724701e3a9f4ce314ec8bc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Mon, 11 Mar 2024 17:21:59 GMT
server
nginx
etag
"65ef3db7-213fb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
136187
Red-Canary-Logo-2024-reverse.png
redcanary.com/wp-content/uploads/2024/05/
15 KB
15 KB
Image
General
Full URL
https://redcanary.com/wp-content/uploads/2024/05/Red-Canary-Logo-2024-reverse.png
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7c2ae2ca74ef67fcea69d64e507fa28c8c1b005b72ef4d1a0c433fbc0681ec15
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 29 May 2024 18:10:18 GMT
server
nginx
etag
"66576f8a-3bcb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15307
0
bat.bing.com/action/
0
285 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56383426&tm=gtm002&Ver=2&mid=04965f82-7b7c-4717-98ab-ceee1bdeb3dc&sid=fc8896c06c7011efbf2e5be1b8a5013c&vid=fc88b9206c7011ef98682b6c650ee2c9&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&p=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&r=https%3A%2F%2Fi.redcanary.com%2F&lt=1878&evt=pageLoad&sv=1&cdb=AQET&rn=199525
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 06 Sep 2024 16:56:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FE0629AD203B460B83D25DAE11D20027 Ref B: FRAEDGE1819 Ref C: 2024-09-06T16:56:40Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
6si.min.js
j.6sc.co/
68 KB
19 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/f3744a5e-342b-429c-9d2c-2c1b7b45310a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Sep 2024 16:37:55 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"66d9de63-10fec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, proxy-revalidate, max-age=10800
accept-ranges
bytes
content-length
18709
expires
Fri, 06 Sep 2024 19:56:40 GMT
getuidj
secure.adnxs.com/
29 B
1 KB
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c100ce5e1a916c6271a6cce0fc7b43d2953e5754b45f472053e223cd8ece152
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
an-x-request-uuid
dee8c464-c19b-48c2-b010-1ce260c6f495
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://redcanary.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
7 B
191 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://redcanary.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
36 B
334 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62ed Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4bfcaadede092122f13099f95b74e425b526eedcb3e9028ed2f832452df3befd

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://redcanary.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:ac8:20:3d00:1012:990c:61ec:8410
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725641800137_389993773_3825535_28_1174_6_11_219";dur=1
content-length
36
expires
Fri, 06 Sep 2024 16:56:40 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.24
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:40 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22565ffb1efc5e75f417d1fe1c2134f835%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22e8bebcdaa132f727ae8d16d9967447769318945e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22f3744a5e-342b-429c-9d2c-2c1b7b45310a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.24
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:40 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410&v=1.1.24
Requested by
Host: redcanary.com
URL: https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:40 GMT
messenger
app.qualified.com/w/1/bAEbi2aHVysBKzuy/ Frame 35B8
0
0
Document
General
Full URL
https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=85b110b2-842a-461e-afa9-97b6bc00e727
Requested by
Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=bAEbi2aHVysBKzuy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.70.162.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-162-19.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redcanary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Length
2040
Content-Security-Policy
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Sep 2024 16:56:40 GMT
Etag
W/"9a40ac318a406ee5a94be7d6e6ef938d"
Link
<https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (baa76bb17a64)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
291fec92-fb22-f3ac-13a5-b2e59122ca2e
X-Runtime
0.017583
X-Xss-Protection
1; mode=block
details
epsilon.6sense.com/v3/company/
760 B
724 B
XHR
General
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
23154cec9e87c57ecf65a91745d7db0b3a24578dfe31c5c3422e68ee2bde8c18

Request headers

Referer
https://redcanary.com/
Authorization
Token e8bebcdaa132f727ae8d16d9967447769318945e
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-6s-CustomID
WebTag f3744a5e-342b-429c-9d2c-2c1b7b45310a

Response headers

x-trace-id
9048326293258092381
date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json
x-6si-region
eu-central-1a
access-control-allow-origin
https://redcanary.com
access-control-expose-headers
X-6si-Region
access-control-allow-credentials
true
timing-allow-origin
https://6sense.com, https://www.ssga.com
content-length
406
details
epsilon.6sense.com/v3/company/ Frame
0
0
Preflight
General
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://redcanary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://redcanary.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
date
Fri, 06 Sep 2024 16:56:40 GMT
server
nginx
timing-allow-origin
https://6sense.com, https://www.ssga.com
x-6si-region
eu-central-1a
x-trace-id
4375473750510468570
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Sep 2024 15:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5798
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 06 Sep 2024 17:20:02 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=45je4940v874113835za200&_p=1725641798492&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=709435067.1725641799&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAC&_s=2&sid=1725641799&sct=1&seg=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&en=page_view&_ee=1&_et=14&tfd=2530
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=727051611&t=event&ni=1&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&ul=de-de&de=UTF-8&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YADAAEABAAAAACAAI~&jid=1468697689&gjid=1945752349&cid=709435067.1725641799&tid=UA-52702906-1&_gid=1481255644.1725641800&_r=1&_slc=1&gtm=45He4940n81PXWC8JWv813277038za200&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=205368434
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
41a73231-30ed-4759-b7d1-393c37032a38
https://redcanary.com/ Frame
0
0

analyze
r3.visualwebsiteoptimizer.com/
0
143 B
XHR
General
Full URL
https://r3.visualwebsiteoptimizer.com/analyze?_a=906194&_u=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.194.81.74 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
74.81.194.35.bc.googleusercontent.com
Software
r3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQM0G3jKiH7lETLnG

Response headers

access-control-allow-origin
*
date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
gzip
server
r3
content-type
application/javascript; charset=UTF-8
nc-34aaab9de33baa071fc7d42e3553eb83br.js
dev.visualwebsiteoptimizer.com/edrv/
9 KB
3 KB
XHR
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-34aaab9de33baa071fc7d42e3553eb83br.js
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
3fbdb3faba2b9471b3f232e7a395471875b7f8449cb82438b8cc57ef06a83080

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 06 Sep 2024 12:47:24 GMT
server
gfra2
etag
"66daf9dc-cf3"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3315
playPauseLoadingControl.js
fast.wistia.com/assets/external/
83 KB
22 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b5ef5ccf1cfd5397017c6f97e76e761f835da86d4b0a744587281d989dfd386
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1099
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
22390
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-eddf8230076-FRA
x-browser-version
128
last-modified
Fri, 06 Sep 2024 15:37:37 GMT
server
AmazonS3
x-timer
S1725641801.787759,VS0,VE0
etag
"ecf22666f4f8ebec53c168ead2af3cec"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
cc2d2e06c1bf70c2d7e11f3fb92029817a09932b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
42, 35
mput
pipedream.wistia.com/
2 B
327 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-db106f510819bfd2d041982bc094c827.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:800:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
via
1.1 ec0e2f034bee82259de23281111aa344.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
CDG50-C1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
wQC-ADS4MmO7D2ohyiQ4auPrhvN5fOUEaT1bdp5yR0mQaiBm9IHaIA==
hls_video.js
fast.wistia.com/assets/external/engines/
513 KB
126 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acfd31721bc37f477574ebe1babc781cf577cf4d456c0a6b1416d299a23a46a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1098
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
128667
x-served-by
cache-iad-kjyo7100091-IAD, cache-fra-eddf8230076-FRA
x-browser-version
128
last-modified
Fri, 06 Sep 2024 15:37:36 GMT
server
AmazonS3
x-timer
S1725641801.790454,VS0,VE0
etag
"95e3d66a93f2dcdd38208e19cac1a3fe"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
cc2d2e06c1bf70c2d7e11f3fb92029817a09932b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35, 3
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-db106f510819bfd2d041982bc094c827.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA56-P12
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
x-amz-cf-id
41s3-nIh_RXjLn02gnChEvUMFU3PjrkpzkNaMHGwFxDIhfj6bfbcsQ==
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=727051611&t=pageview&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&ul=de-de&de=UTF-8&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=709435067.1725641799&tid=UA-52702906-1&_gid=1481255644.1725641800&gtm=45He4940n81PXWC8JWv813277038za200&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd6=Germany&cd7=Hesse&cd8=Frankfurt%20am%20Main&cd9=&cd12=&cd13=&cd14=&cd18=null&npa=1&z=592575729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 15:18:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5885
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.png
redcanary.com/wp-content/themes/redcanary/assets/img/
16 KB
16 KB
Other
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8b4532ddd365937e2ee31a95189a447d45881cf4dadf2ab66c850786f87774d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Wed, 27 Feb 2019 15:51:08 GMT
server
nginx
etag
"5c76b1ec-3fb8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16312
blank.gif
fast.wistia.com/assets/images/
1 KB
1 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://redcanary.com/
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2271
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-eddf8230076-FRA
x-browser-version
128
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1725641801.849840,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3769755, 78
c14me9au91.m3u8
fast.wistia.com/embed/medias/
1 KB
2 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/c14me9au91.m3u8
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d9795130796c064fa4e637b8ba005a9ebb5b02f093a48435320d07362ef2c2c0
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:40 GMT
via
1.1 15b20cdc545f9b56059a7fe493f5451a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
JFK52-P2
age
18
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
35
content-length
1355
x-request-id
516643f4-a9f5-40ea-ad61-51a80d8240b4
x-served-by
cache-iad-kcgs7200109-IAD, cache-fra-eddf8230076-FRA
x-runtime
0.033776
x-browser-version
128
server
envoy
x-timer
S1725641801.856276,VS0,VE4
etag
W/"d9795130796c064fa4e637b8ba005a9e"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
VeAOe-yYeisi1gTL8nmhd5DeSOnTHdbvzpt9B0QSK-oe7y2eAxV3lA==
x-cache-hits
18, 1
a3591ba5e949a37083cc6f5a4191e903.min.js
js.sentry-cdn.com/
3 KB
2 KB
Script
General
Full URL
https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c5ceaeaa27989ee5853d9ffbe526e4e1259b216fa7befeeebf580c712e194a44
Security Headers
Name Value
Content-Security-Policy default-src 'none'; object-src 'none'; worker-src blob:; base-uri 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src * 'unsafe-inline'; img-src * blob: data:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; font-src * data:; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=7056d4dbabe8621d2624a6de70e3574a6b9bf9e8
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://redcanary.com/
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'none'; object-src 'none'; worker-src blob:; base-uri 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src * 'unsafe-inline'; img-src * blob: data:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; font-src * data:; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=7056d4dbabe8621d2624a6de70e3574a6b9bf9e8
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Sep 2024 16:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
11
x-envoy-upstream-service-time
27
content-length
1295
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-64967f669d-v7mjm, cache-chi-klot8100079-CHI, cache-fra-eddf8230059-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
favicon.ico
redcanary.com/wp-content/themes/redcanary/assets/img/
1 KB
812 B
Other
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c3096f016b56aa58ea27707e5636618495175ed50b77c09b91c9cb5c014b79e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:41 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 05 Mar 2024 03:00:32 GMT
server
nginx
etag
W/"65e68ad0-47e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
img.gif
b.6sc.co/v1/beacon/
43 B
258 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A40%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:41 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:41 GMT
favicon-32x32.png
redcanary.com/wp-content/themes/redcanary/assets/img/
1 KB
2 KB
Other
General
Full URL
https://redcanary.com/wp-content/themes/redcanary/assets/img/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.136.223 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.136.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a19b17e3c318b115a7531fd404bd12a49d65104d57a1efd064f5ae80b457f52f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

Request headers

Referer
https://redcanary.com/threat-detection-report/?utm_source=redcanary&utm_medium=email&utm_campaign=nurture&utm_term=text&utm_content=general&mkt_tok=MDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:41 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
"max-age=63072000; includeSubDomains; preload";
last-modified
Tue, 05 Mar 2024 03:00:32 GMT
server
nginx
etag
"65e68ad0-5c9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1481
mput
pipedream.wistia.com/
2 B
327 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-db106f510819bfd2d041982bc094c827.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:800:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Sep 2024 16:56:41 GMT
via
1.1 ec0e2f034bee82259de23281111aa344.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
CDG50-C1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
VtU5fBX0MZP8owueoId3eAtUZhQ0xYF3rtax7rNNQAqeQMCpyw29Nw==
allIntegrations.js
fast.wistia.com/assets/external/
55 KB
14 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
225b6083f80277ff81dee7503d538503f906f3c84f02de641ccd3c5430507d8b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://redcanary.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 16:56:41 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1100
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
14072
x-served-by
cache-iad-kiad7000147-IAD, cache-fra-eddf8230076-FRA
x-browser-version
128
last-modified
Fri, 06 Sep 2024 15:37:36 GMT
server
AmazonS3
x-timer
S1725641802.789619,VS0,VE0
etag
"4eed4de0916270b0df3af9e9d4dabdfd"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
cc2d2e06c1bf70c2d7e11f3fb92029817a09932b
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24, 16
img.gif
b.6sc.co/v1/beacon/
43 B
258 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A42%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A41%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:42 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:42 GMT
mput
pipedream.wistia.com/
2 B
328 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-db106f510819bfd2d041982bc094c827.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:800:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Sep 2024 16:56:42 GMT
via
1.1 ec0e2f034bee82259de23281111aa344.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
CDG50-C1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
G-OLHiDNqkAMxoaEc0fpNZGsMPhx9AC9y8PN8JTNRKFt0ZdrW3wSTw==
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A43%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A42%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:43 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:43 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
258 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A43%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:44 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:44 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
258 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=7fef2d98-07e7-4d10-8694-d7d3e0beaa4c&session=6427b167-d5d6-4bd2-8522-4304e6b8a1a3&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A45%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2016%3A56%3A44%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Our%20Threat%20Detection%20Report%20takes%20a%20close%20look%20at%20the%20top%20techniques%2C%20threats%2C%20and%20trends%20to%20help%20security%20teams%20focus%20on%20what%20matters%20most.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report%22%7D&cb=&r=https%3A%2F%2Fi.redcanary.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&pageViewId=b3bd7598-cca3-416e-8083-52db443c63a8&an_uid=5112039428336805062&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3Aac8%3A20%3A3d00%3A1012%3A990c%3A61ec%3A8410&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-210.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 16:56:45 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=45je4940v874113835z8813277038za200&_p=1725641798492&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=709435067.1725641799&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=3&sid=1725641799&sct=1&seg=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&dr=https%3A%2F%2Fi.redcanary.com%2F&dt=Welcome%20to%20the%20Red%20Canary%202024%20Threat%20Detection%20Report&en=company_details_6si&_et=1222&up.company_name_6si=(Non-company%20Visit)&up.country_6si=Germany&up.state_6si=Hesse&up.city_6si=Frankfurt%20am%20Main&up.industry_v2_6si=&up.segment_666498_6si=false&up.segment_673397_6si=false&tfd=7531
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-db106f510819bfd2d041982bc094c827.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://redcanary.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 16:56:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redcanary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
redcanary.com
URL
blob:https://redcanary.com/b31489f2-5846-4814-98b5-629448d9c12e
Domain
redcanary.com
URL
blob:https://redcanary.com/41a73231-30ed-4759-b7d1-393c37032a38

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| OptanonWrapper function| $ function| jQuery object| MktoForms2 object| dataLayer function| gtag string| QualifiedObject function| qualified object| code object| _vwo_code number| _vwo_settings_timer object| theme_ajax_object object| lazyLoadOptions string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Bizible object| BizTrackingA object| BizA object| _VWO string| _vwo_mt string| _vwo_cookieDomain string| _vwo_surveyAssetsBaseUrl object| VWO number| _vwo_acc_id object| vwo_iehack_queue object| VWOOmni string| _vwo_cdn number| _vwo_library_timer function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| wistiajsonp-/embed/medias/c14me9au91.jsonp object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| _embeds_media_modules_legacy_modules_js__WEBPACK_IMPORTED_MODULE_0__ object| _player_js__WEBPACK_IMPORTED_MODULE_1__ object| Wistia object| _wq string| _wistiaElemId object| wistiaEmbeds object| mainThread object| vwoChannelFW object| vwoChannelToW function| JSONStringify object| _vwo_evq function| _vwo_ev object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vis_opt_queue object| fetcher function| _removeVwoGlobalStyle function| vwo_$ object| functionWrapper string| _vwo_server_url function| _vwo_s boolean| _vwo_spaR object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _vwo_exp string| _vwo_uuid boolean| _q_widgetInitialized function| twq string| _linkedin_data_partner_id function| rdt function| fbq function| _fbq function| getParam function| getExpiryRecord function| addGclid function| onYouTubeIframeAPIReady object| gaGlobal object| MunchkinTracker string| vwo_ga4_uuid object| Optanon object| OneTrust function| _vis_opt_goal_conversion function| _vis_opt_register_conversion function| _vis_opt_revenue_conversion function| _vis_opt_createCookie function| _vis_opt_readCookie function| _vis_opt_element_loaded boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_surveySettings object| _vwo_exp_ids object| FormsPlus object| _vwo_pa function| getUTMParameters function| getCookie function| populateUTMFields function| observeFormLoad object| regeneratorRuntime object| twttr function| lintrk boolean| _already_called_lintrk function| redditNormalizeEmail function| UET function| UET_init function| UET_push object| _embeds_media_players_vulcanV2Player_video_controls_CaptionsButtonControl_CaptionsButtonControl_js__WEBPACK_IMPORTED_MODULE_0__ object| _embeds_media_players_vulcanV2Player_video_controls_CaptionsControl_CaptionsControl_js__WEBPACK_IMPORTED_MODULE_1__ object| _embeds_media_players_vulcanV2Player_video_controls_TranscriptControl_TranscriptControl_js__WEBPACK_IMPORTED_MODULE_2__ object| _embeds_media_players_vulcanV2Player_video_plugins_captions_captions_js__WEBPACK_IMPORTED_MODULE_3__ object| ueto_a2297d755a object| uetq object| webpackChunknylon function| LazyLoad object| LC_API object| images object| iframes object| rocket_lazy string| _q_lastClientActivityAt number| ___vwo object| __nls object| ORIBILI object| _6si boolean| _storagePopulated string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData boolean| vwo_libExecuted object| Sentry

46 Cookies

Domain/Path Name / Value
.i.redcanary.com/ Name: __cf_bm
Value: BV0m0NYXwMvP44cnxlKFvpaybAN4l0a7J0H6auEqe3w-1725641797-1.0.1.1-G6AB27sXruuP0xxKBvda9msUmirjsqE_SVRJ2cvtEeIIDa21ITERIVVm7PQ2M5oWWNLGS4xWPY1U48JrtswrRA
.resource.redcanary.com/ Name: __cf_bm
Value: c6EtXSwpmdtcQPnHc70v6ROQdsdn0ZgWeCoHgd08nZ0-1725641798-1.0.1.1-D7YxLYaDEyowUuTV6kwLOiMHTTk7E.T7AYneW8VhqUYTip7eYuOvTiMvuzl6_pinbUOY4CSND6Zq37LnY_n6sw
.redcanary.com/ Name: _biz_uid
Value: 2363fb5c25ea4d5d9bdd75a37e1cdd39
.redcanary.com/ Name: _vwo_uuid_v2
Value: DBE502D030E0A74F3C4EB7A3315664E0D|7246f70849f5715c66a362a36fab570a
.g2crowd.com/ Name: __cf_bm
Value: 0I8BYdm4zWjMf1jXEw_NHKx8zaSglzM2p16XZ5dZ23s-1725641798-1.0.1.1-HdJTdbItYWXDGMviPEYnW6Yn1vxW4ActyOz5Do8VKBdHdALgmVZl0HzX52GXPsbQvhRYgf0FNBkeRDcacNBsyQ
.redcanary.com/ Name: _vwo_uuid
Value: DBE502D030E0A74F3C4EB7A3315664E0D
.redcanary.com/ Name: _gcl_au
Value: 1.1.142091895.1725641799
.redcanary.com/ Name: _ga_S6W6WXK4G8
Value: GS1.1.1725641799.1.1.1725641799.60.0.647818577
.redcanary.com/ Name: _mkto_trk
Value: id:003-YRU-314&token:_mch-redcanary.com-1725641799183-80971
.redcanary.com/ Name: _vis_opt_s
Value: 1%7C
.redcanary.com/ Name: _vis_opt_test_cookie
Value: 1
redcanary.com/ Name: utm_source
Value: redcanary
redcanary.com/ Name: utm_medium
Value: email
redcanary.com/ Name: utm_campaign
Value: nurture
redcanary.com/ Name: utm_term
Value: text
redcanary.com/ Name: utm_content
Value: general
.redcanary.com/ Name: _rdt_uuid
Value: 1725641799421.3c9e3da8-652b-4755-91ae-fbf4c14357cc
.adnxs.com/ Name: XANDR_PANID
Value: 3-FMTPzSxawlZpWSZ2l2SN5JfmaAZi2QJmR08aPMld0dLVcwbxZvNqgEHPlIuCqdANyASnpxMbsz_EDy62BYMhv5VO56EcvVLEWkzJLVRXI.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5112039428336805062
.linkedin.com/ Name: bcookie
Value: "v=2&27cb99c9-eef7-4089-85b8-e549726812f6"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjU2NDE3OTk7MjswMjE232h0Lqzn/RFgLEsQmxZK8Y4HF1J2VkYN2U4pTh14Bw==
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2997:u=1:x=1:i=1725641799:t=1725728199:v=2:sig=AQHFmigzFUkgm3NvggQFG6LAi3O4juwz"
.twitter.com/ Name: personalization_id
Value: "v1_HFjaLtB9GvOKGaMcmEH9rg=="
.redcanary.com/ Name: _biz_nA
Value: 2
.redcanary.com/ Name: __q_state_bAEbi2aHVysBKzuy
Value: eyJ1dWlkIjoiODViMTEwYjItODQyYS00NjFlLWFmYTktOTdiNmJjMDBlNzI3IiwiY29va2llRG9tYWluIjoicmVkY2FuYXJ5LmNvbSJ9
.bizible.com/ Name: _BUID
Value: 2363fb5c25ea4d5d9bdd75a37e1cdd39
.bizibly.com/ Name: _BUID
Value: b22c7aad9aabb970c8e7c53cea72aca8
.t.co/ Name: muc_ads
Value: fb8afd15-07db-4289-b4c3-47bbefee214f
.t.co/ Name: __cf_bm
Value: aCGaG0F7LNW_7totLaZlydw6xft4yVDSrL2PML8bwD8-1725641799-1.0.1.1-z.AeUVpSKb7nOBWdXNzHod_3lgGGXHCKsTUIkMN_jDEPeMHGplUm0M5.KsF5sEkS..4V71w4qwWIF_5clDKPTA
.redcanary.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Sep+06+2024+18%3A56%3A39+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2F%3Futm_source%3Dredcanary%26utm_medium%3Demail%26utm_campaign%3Dnurture%26utm_term%3Dtext%26utm_content%3Dgeneral%26mkt_tok%3DMDAzLVlSVS0zMTQAAAGVYpt-tHaqFebU7tdTFEtLC8-_93uzq2qHlQyk7n7DRR3q4JJOw6oGDp66int7BFaqUMYWnsqK518EqEd2ksf4BczR9K_eyHdh1JwLj2WOyMQ2NHFHZgaO4Xg&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
.redcanary.com/ Name: _fbp
Value: fb.1.1725641799982.477287929887834812
.redcanary.com/ Name: _biz_pendingA
Value: %5B%5D
.redcanary.com/ Name: _uetsid
Value: fc8896c06c7011efbf2e5be1b8a5013c
.redcanary.com/ Name: _uetvid
Value: fc88b9206c7011ef98682b6c650ee2c9
.redcanary.com/ Name: _vwo_ds
Value: 3%3Aa_1%2Ct_1%3A0%241725641798%3A87.96236797%3A%3A%3A2_1%2C1_1%3A1
.bing.com/ Name: MUID
Value: 16C3EFF38D156C403EBEFB018C156DF6
redcanary.com/ Name: _an_uid
Value: 5112039428336805062
redcanary.com/ Name: _gd_visitor
Value: 7fef2d98-07e7-4d10-8694-d7d3e0beaa4c
redcanary.com/ Name: _gd_session
Value: 6427b167-d5d6-4bd2-8522-4304e6b8a1a3
.redcanary.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.redcanary.com/ Name: _ga_T3K4MTNQJN
Value: GS1.1.1725641799.1.1.1725641800.59.0.0
.redcanary.com/ Name: _ga
Value: GA1.2.709435067.1725641799
.redcanary.com/ Name: _gid
Value: GA1.2.1481255644.1725641800
.redcanary.com/ Name: _gat_UA-52702906-1
Value: 1
.redcanary.com/ Name: _vwo_sn
Value: 0%3A1%3Ar3.visualwebsiteoptimizer.com%3A1%3A1%3Areferrer%3DaHR0cHM6Ly9pLnJlZGNhbmFyeS5jb20v

1 Console Messages

Source Level URL
Text
network error URL: https://script.crazyegg.com/pages/scripts/0096/9416.js
Message:
Failed to load resource: the server responded with a status of 410 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-m5Xc8wFS0HmX7V/sCni4N6s2nvxdmI+PyQi/WSTxWAk=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

003-yru-314.mktoresp.com
ajax.googleapis.com
alb.reddit.com
analytics.twitter.com
app.qualified.com
attr.ml-api.io
b.6sc.co
bat.bing.com
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdnjs.cloudflare.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
distillery.wistia.com
embed-ssl.wistia.com
epsilon.6sense.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
i.redcanary.com
ipv6.6sc.co
j.6sc.co
js.qualified.com
js.sentry-cdn.com
munchkin.marketo.net
pipedream.wistia.com
pixel-config.reddit.com
px.ads.linkedin.com
px4.ads.linkedin.com
r3.visualwebsiteoptimizer.com
redcanary.com
region1.analytics.google.com
resource.redcanary.com
s.ml-attr.com
s3-us-west-2.amazonaws.com
script.crazyegg.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tracking.g2crowd.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
redcanary.com
104.17.72.206
104.18.17.5
104.198.136.223
104.244.42.3
13.107.42.14
146.75.120.157
151.101.1.140
151.101.129.140
152.195.15.58
172.66.0.227
18.173.205.94
185.89.210.82
192.28.147.68
2.17.100.210
2001:4860:4802:32::36
2600:9000:206f:8000:5:7a81:86c0:93a1
2600:9000:2117:800:3:471f:5240:93a1
2600:9000:211e:cc00:1e:c86:4140:93a1
2606:4700:4400::6812:2089
2606:4700::6811:190e
2606:4700::6812:1eb0
2606:4700::6812:572a
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:33::10
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c0a::9b
2a02:26f0:3500:10::210:a99
2a02:26f0:480:22::1726:62ed
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42::644
2a04:4e42::729
34.96.102.137
35.194.81.74
52.70.162.19
52.92.203.216
68.67.153.60
76.223.9.105
88.221.60.75
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0
0c100ce5e1a916c6271a6cce0fc7b43d2953e5754b45f472053e223cd8ece152
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0eae3b68e1dd4d4c42e01d150fd1f7a0cdb89df2479fda9957598bbe287049e1
0f0d62146490727f2da79b5a3924c84ca0c1df978f72ae9d9f612eaca2c9d5a8
0f57969cdf0d61b86fc25ded8a8c5058a5edd346d1845b232610a54f08d0fcb8
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
15c9721722a63da2ef4748f63d6f728b2f433e872933893bb5480950e850d7b3
17b8e347368085cc03e0ae095b3b6690c2e5144dd82efaf4f9530a43d267a0f4
18b368af8e8679b39c6fbbdde36542f3fc345bc9230a35cd1bd06595c1e73608
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e4b4fc897b28572139d99a48b119f8b81e71b8b0a262463d798d08176fcbb6f
225b6083f80277ff81dee7503d538503f906f3c84f02de641ccd3c5430507d8b
23154cec9e87c57ecf65a91745d7db0b3a24578dfe31c5c3422e68ee2bde8c18
2400a36b6ad539bf01612df2f0ae253d0928fcdd2e966b299af7e84111216651
2920a21f3d5f1c34cc38823f2c4422d1a0d23cba63233e5e8c382852aa7ada7c
30aad5ec78f96ddf694134a850a2de672a66db3bcbfc38eb1ad08da6382d66b2
35ff64475fc859e6b68daf72b6a410f1c2c7ff2c77cb29e29aea61da124b2682
37272073d42afe3551287e126370433d9b283bb954309149ca9b3ce601c00c66
39981fdf62023a5a01565d7e79c5522fa18af04a610884fc6c37893e57352512
3ac0a2e6a697ca03edaf0f2ebe2aafc6eb827b5a651ae5d51e7b86f04fe1fa27
3af06755c87e9490cafd32e49064834e94096021de3b7b53458e3384dcf7bf47
3c69c98944d014332c4c7503265687238a85fd83069faeb1343e8d09ff7d5a3b
3cf023f65b0756bbd15808ea4464febb7dde19426a49c5ea03555010b9a01813
3fbdb3faba2b9471b3f232e7a395471875b7f8449cb82438b8cc57ef06a83080
3fcde8f07e5dac8b58233593a7ba97944919e673227c31e668a26568c9908e9f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
49209602a8275b9e44de5ab79fdab1835b36a9235e8562f7b4002196cee222cf
4b5ef5ccf1cfd5397017c6f97e76e761f835da86d4b0a744587281d989dfd386
4bfcaadede092122f13099f95b74e425b526eedcb3e9028ed2f832452df3befd
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
52ce30c1ca4a370f850fadf51868d1792a6e6a81f9488f67b993cc7d2921d187
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58af3170b8bb13c769102fa7dbfaa54ee277780bd9f18e63a1d1b6c6ef3fa156
5acc83ac39dc9fd644c06aff37b2b218e43305a933348d36f7e2e8440f1a6ecb
5cd3baa58afc9b772d9cb881478a4511bba11be108264372e299aa7500a41f57
5e5572a1656fcf33ab4428f5819403916544fb4db49107a108458f637ef0ad4e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
6217f642930c0d2411329fb00cf9a7e2e138a98f56eece6e82b3a7359f20cb11
62d02c88b4232d936a5d2554226d043540fe3f4b4822aba7f82eb4c72c7eda51
6438b16f2375488bf0208a69b27fe17b3119b1772be376966663f9014b7e14e6
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
68698d0fa5bb8d0f7a1e154d960fa7bb1f4b7b3a3042b2123eb225a8295bc9a1
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a2fae6141cd3c337ae20368ec6c6d16bcd1774b42c9cf6ef2b79f4ce7a67710
6acf301c390013a37c63c464377d353a73c74dd4e883a2e0c165e72a66134403
6e0408f7fbaf5216b577287b7654be1388d933b9b41dbd95dc733d5b5020f67a
6e4673faf5bf12429e5051b16210db893c36f02c2724701e3a9f4ce314ec8bc7
6fc6110fc5f3c6ecfd36ab3d3659aefb80eb6aae9490014460964f51fcb41790
731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f
7465924993bbca3c35db5e27f00d48e1b718c7e82bf610926f9f388bfb13c2e4
7481436346ad777435fe494e87a3d7fa9dc1251ab9a024d5305a90fcc0b44f8c
775c12811f59b909cd99ae1187574609edc3d90f812af487ab8411d63ec3444f
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7bb26544c7c0d00e118860dc125c1bc943201bca5cf780804370732b39210d38
7c2ae2ca74ef67fcea69d64e507fa28c8c1b005b72ef4d1a0c433fbc0681ec15
805ce4322a9be88ec58266cf40c95f62920aadea2a0d00f6ddeda8f82df66b09
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b4532ddd365937e2ee31a95189a447d45881cf4dadf2ab66c850786f87774d8
8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
962fb5d8d6cd03aa451f3c08f122de41ff761c130d6afb818a40cddcbda34d61
9a2881db9acece1a91f1c03f4b9c329b3060478584d66dee1473eb30243590bc
9a5b8f66f586ce4d9566503535595800d6d4c8b6e1651ab8b2fbf8f02819ef42
a19b17e3c318b115a7531fd404bd12a49d65104d57a1efd064f5ae80b457f52f
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfd31721bc37f477574ebe1babc781cf577cf4d456c0a6b1416d299a23a46a8
aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b6929e96fec5c905d42d98c6678e07fdeee26d05ee5b90129c891303775ba87f
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c3096f016b56aa58ea27707e5636618495175ed50b77c09b91c9cb5c014b79e2
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c5ceaeaa27989ee5853d9ffbe526e4e1259b216fa7befeeebf580c712e194a44
c8794253f4669bc181f3401651637f6a14f68ea3ffd1bd18a8e46abaac6308ac
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccef64d3564e0e9649b029ad0117abb8f1a8504db767abeeca33de23b9a50844
d175f00e07301fc128ac10eedbf049a3f924ade1235fadf96fee154fd8914856
d3d589e680bc49f54cb5721723fc2ec1a68d5e8ce3946db7192fb0d207e9b6cf
d56db07e0d86e6999783ef7d56811392b49d4fc638cd32ee50bdb08eb0ce5319
d77f0a64648193b849be97374492c603ac1148cda483d3884f0db834c911841e
d9795130796c064fa4e637b8ba005a9ebb5b02f093a48435320d07362ef2c2c0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df064dd6edad0cdc26f0a3abc83b8d5d5b173a41d6b88d8d242823055da2124d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46d096c5acb1a5a9dd66960361b2199ea0817ba4c543f3776944a995e2768c7
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a