www.magnetforensics.com Open in urlscan Pro
2620:12a:8000::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.magnetforensics.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZSXIZTPOJSW443JMNZS4Y3...
Effective URL:
https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Submission: On October 24 via manual (October 24th 2024, 11:30:37 am UTC) from JP — Scanned from JP

Summary HTTP 291 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 32 domains to perform 291 HTTP transactions. The main IP is 2620:12a:8000::2, located in United States and belongs to FASTLY, US. The main domain is www.magnetforensics.com.
TLS certificate: Issued by R11 on September 14th 2024. Valid for: 3 months.

This is the only time www.magnetforensics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.218.146.139 3.218.146.139	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.28.222.96 52.28.222.96	16509 (AMAZON-02) (AMAZON-02)
46	2620:12a:8000::2 2620:12a:8000::2	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4004:810::200a	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4004:818::2008	15169 (GOOGLE) (GOOGLE)
6	2600:140b:1c0... 2600:140b:1c00:e::17cb:851d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	23.32.225.140 23.32.225.140	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:140b:a00... 2600:140b:a00:e::b81d:8cce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.108.157 151.101.108.157	54113 (FASTLY) (FASTLY)
3	13.35.49.11 13.35.49.11	16509 (AMAZON-02) (AMAZON-02)
9	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
15	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
3	172.64.148.75 172.64.148.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.249.160.126 13.249.160.126	16509 (AMAZON-02) (AMAZON-02)
4	54.146.148.156 54.146.148.156	14618 (AMAZON-AES) (AMAZON-AES)
1	142.251.42.131 142.251.42.131	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.26.50 104.18.26.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2400:52e0:150... 2400:52e0:1501::1097:1	200325 (BUNNYCDN) (BUNNYCDN)
6	2600:140b:1c0... 2600:140b:1c00:5a4::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
8	52.250.45.119 52.250.45.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 10	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3.166.244.96 3.166.244.96	16509 (AMAZON-02) (AMAZON-02)
3	3.165.39.67 3.165.39.67	16509 (AMAZON-02) (AMAZON-02)
1	99.84.133.116 99.84.133.116	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:b9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.207.8 142.250.207.8	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.183.4 13.225.183.4	16509 (AMAZON-02) (AMAZON-02)
4	3.164.143.83 3.164.143.83	16509 (AMAZON-02) (AMAZON-02)
6	34.211.221.163 34.211.221.163	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4004:824::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:235... 2600:9000:2352:b600:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.196.110 142.250.196.110	15169 (GOOGLE) (GOOGLE)
20	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
6	13.249.160.92 13.249.160.92	16509 (AMAZON-02) (AMAZON-02)
2	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
3 15	142.250.198.4 142.250.198.4	15169 (GOOGLE) (GOOGLE)
3 12	142.250.207.34 142.250.207.34	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
14	216.58.220.131 216.58.220.131	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c01::9b	15169 (GOOGLE) (GOOGLE)
9	216.58.220.98 216.58.220.98	15169 (GOOGLE) (GOOGLE)
1	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
291	51

1 3.218.146.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-146-139.compute-1.amazonaws.com

t.magnetforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.222.96 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-222-96.eu-central-1.compute.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2620:12a:8000::2 (United States)

ASN54113 (FASTLY, US)

www.magnetforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:810::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:818::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:140b:1c00:e::17cb:851d (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.32.225.140 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-225-140.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:140b:a00:e::b81d:8cce (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.108.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.49.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-11.nrt20.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

go.magnetforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.148.75 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

d3327e487add4206b7e609d4710cb454.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.249.160.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-126.nrt12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.146.148.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-148-156.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2400:52e0:1501::1097:1 (Japan) 1 redirects

ASN200325 (BUNNYCDN, SI)

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:140b:1c00:5a4::f09 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.250.45.119 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:1ec:21::14 (United States) 6 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.166.244.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-96.nrt20.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.165.39.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-39-67.nrt12.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.133.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-116.nrt57.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.207.8 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.183.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-183-4.nrt57.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.164.143.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-143-83.nrt20.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.211.221.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-221-163.us-west-2.compute.amazonaws.com

sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2352:b600:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.196.110 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.249.160.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-160-92.nrt12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.198.4 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.207.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.220.131 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f131.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c01::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.220.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd10s01-in-f98.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	magnetforensics.com 1 redirects t.magnetforensics.com www.magnetforensics.com go.magnetforensics.com	2 MB
28	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	23 KB
24	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	6 KB
19	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	648 B
19	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3182 wave.outbrain.com — Cisco Umbrella Rank: 3153 tr.outbrain.com — Cisco Umbrella Rank: 3133	13 KB
19	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	791 KB
15	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	102 KB
14	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26226	894 B
14	sumome.com 1 redirects load.sumome.com — Cisco Umbrella Rank: 21660 sumome.com — Cisco Umbrella Rank: 19912	439 KB
13	linkedin.com 6 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 www.linkedin.com — Cisco Umbrella Rank: 646 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	7 KB
12	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4618 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5320 imgsct.cookiebot.com — Cisco Umbrella Rank: 5372	177 KB
9	driftt.com js.driftt.com — Cisco Umbrella Rank: 6590	64 KB
9	bing.com bat.bing.com — Cisco Umbrella Rank: 348	16 KB
6	company-target.com s.company-target.com — Cisco Umbrella Rank: 1520 segments.company-target.com — Cisco Umbrella Rank: 1534 api.company-target.com — Cisco Umbrella Rank: 4087	4 KB
6	ubembed.com d3327e487add4206b7e609d4710cb454.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 12260	53 KB
6	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
5	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4482	6 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2579	10 KB
3	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	928 B
3	t.co t.co — Cisco Umbrella Rank: 859	977 B
3	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
3	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5653	4 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 812	768 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	6 KB
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 5931 tag-logger.demandbase.com — Cisco Umbrella Rank: 5266	23 KB
2	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3740 cdn.acsbapp.com — Cisco Umbrella Rank: 3977	96 KB
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7549	17 KB
1	gstatic.com fonts.gstatic.com	3 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	844 B
1	salesloft.com 1 redirects app.salesloft.com — Cisco Umbrella Rank: 42649	810 B
291	32

	Domain	Requested by
46	www.magnetforensics.com	www.magnetforensics.com go.magnetforensics.com
24	www.facebook.com	www.magnetforensics.com go.magnetforensics.com
19	www.googletagmanager.com	www.magnetforensics.com www.googletagmanager.com go.magnetforensics.com
15	www.google.com	3 redirects www.googletagmanager.com
15	connect.facebook.net	www.magnetforensics.com connect.facebook.net
14	www.google.co.jp
14	td.doubleclick.net	www.googletagmanager.com
12	googleads.g.doubleclick.net	3 redirects www.googletagmanager.com
9	px.ads.linkedin.com	5 redirects snap.licdn.com
9	js.driftt.com	www.magnetforensics.com js.driftt.com
9	go.magnetforensics.com	www.magnetforensics.com go.magnetforensics.com pi.pardot.com
9	bat.bing.com	www.googletagmanager.com bat.bing.com www.magnetforensics.com go.magnetforensics.com
8	tr.outbrain.com	amplify.outbrain.com go.magnetforensics.com
8	load.sumome.com	1 redirects www.magnetforensics.com load.sumome.com
6	sumome.com	load.sumome.com
6	amplify.outbrain.com	www.googletagmanager.com amplify.outbrain.com
6	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
5	wave.outbrain.com	amplify.outbrain.com
5	ws.zoominfo.com	www.magnetforensics.com ws.zoominfo.com
4	analytics.google.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com go.magnetforensics.com
4	api.company-target.com	tag.demandbase.com js.driftt.com
4	tags.srv.stackadapt.com	www.magnetforensics.com tags.srv.stackadapt.com
3	imgsct.cookiebot.com	www.magnetforensics.com consent.cookiebot.com
3	script.hotjar.com	static.hotjar.com
3	assets.ubembed.com	d3327e487add4206b7e609d4710cb454.js.ubembed.com
3	px4.ads.linkedin.com	www.magnetforensics.com go.magnetforensics.com
3	analytics.twitter.com	www.magnetforensics.com go.magnetforensics.com
3	t.co	www.magnetforensics.com go.magnetforensics.com
3	consentcdn.cookiebot.com	consent.cookiebot.com
3	d3327e487add4206b7e609d4710cb454.js.ubembed.com	www.googletagmanager.com
3	static.hotjar.com	www.googletagmanager.com
3	static.ads-twitter.com	www.googletagmanager.com
3	snap.licdn.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	pi.pardot.com	www.magnetforensics.com pi.pardot.com
2	id.rlcdn.com	2 redirects
2	cdn.jsdelivr.net	go.magnetforensics.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	segments.company-target.com	www.magnetforensics.com
1	s.company-target.com	tag.demandbase.com
1	cdn.acsbapp.com	acsbapp.com
1	tag.demandbase.com	www.magnetforensics.com
1	www.linkedin.com	1 redirects
1	cdn.mouseflow.com	www.magnetforensics.com
1	acsbapp.com	www.magnetforensics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.magnetforensics.com
1	app.salesloft.com	1 redirects
1	t.magnetforensics.com	1 redirects
291	50

This site contains links to these domains. Also see Links.

Domain
accessibe.com
www.cookiebot.com
www.adobe.com
www.businesswire.com
business.safety.google
www.linkedin.com
www.salesforce.com
www.surveymonkey.com
www.drift.com
www.hotjar.com
www.outbrain.com
twitter.com
vimeo.com
www.facebook.com
www.casalemedia.com
www.demandbase.com
privacy.microsoft.com
www.stackadapt.com
www.magnite.com
training.magnetforensics.com
support.magnetforensics.com
magnetidealab.com
www.youtube.com
www.instagram.com
theauxteraproject.com
magnetmerchandise.com
go.magnetforensics.com

Subject Issuer	Validity	Valid
magnetforensics.com R11	`2024-09-14` - `2024-12-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
go.magnetforensics.com R11	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.js.ubembed.com E6	`2024-10-07` - `2025-01-05`	3 months	crt.sh
zoominfo.com E5	`2024-10-12` - `2025-01-10`	3 months	crt.sh
drift.com Amazon RSA 2048 M03	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
acsbapp.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
cdn.mouseflow.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-02` - `2025-10-01`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-27` - `2025-09-28`	a year	crt.sh
load.sumome.com R11	`2024-09-12` - `2024-12-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.company-target.com R10	`2024-10-14` - `2025-01-12`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
*.sumome.com Amazon RSA 2048 M03	`2024-01-18` - `2025-02-15`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.co.jp WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Frame ID: D21EA17DFD6AA1883807C512AD196FCD
Requests: 130 HTTP requests in this frame

Frame: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Frame ID: CBB8FE9DDDDCF7FD0CB701675D529ACB
Requests: 69 HTTP requests in this frame

Frame: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Frame ID: 92F4703D4E47680C3C2E4053281C264A
Requests: 71 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: A43F7575E70055DEF6997EAD44DD8316
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: A52CDFB8B26DEDC4F1CF1A91BAD2980F
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 55D1BB57E20242A5E236DAE0A366D9F5
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: B61B5B80388648E6698BF1948ACB7F85
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=nfebtmd8e2uh&eId=nfebtmd8e2uh&region=US&forceShow=false&skipCampaigns=false&sessionId=88fd630e-b807-4ad2-b931-b696e4d1cfb4&sessionStarted=1729769432.564&campaignRefreshToken=b2639ede-e9a0-4363-bd63-b6e9909dd42a&hideController=false&pageLoadStartTime=1729769430904&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload
Frame ID: 1092E21BD41B9B94A75C9682ADFF5CFC
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729769430904
Frame ID: 21126D202E6BAC0988D88F0DBC40AA92
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729769430857
Frame ID: 160CE65CE22497AA7A9F24FFA66E695B
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=nfebtmd8e2uh&eId=nfebtmd8e2uh&region=US&forceShow=false&skipCampaigns=false&sessionId=cce2a6c3-48f2-42d2-9942-9428e08ce47b&sessionStarted=1729769433.176&campaignRefreshToken=7df1cf43-4d04-4101-86b4-04801f59a4fb&hideController=false&pageLoadStartTime=1729769429456&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1
Frame ID: A433015C2CA55EEC30C48ED08CB1E83E
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729769429456
Frame ID: 1AD5CDC8B22704D3B04D25B773DE8CBB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/367075062?random=1729769430289&cv=11&fst=1729769430289&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: 37A2F886C57126512F9CF4C8CE4D3B75
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/367075062?random=1729769430289&cv=11&fst=1729769430289&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: 4797159932A032E3E0CACC70E352BB3E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/981450958?random=1729769430316&cv=11&fst=1729769430316&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: 2EFC7F5A2A6038312E6F65ACA1E41286
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/981450958?random=1729769433198&cv=11&fst=1729769433198&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za200zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A9246E3BEE8C49B4BC016C010233B4D4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-YTB3MPRL03&gacid=1600945418.1729769432&gtm=45je4al0v870840977z871611945za200zb71611945&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101794737~101823847&z=1735981675
Frame ID: A477604A0321AC1BA8254BB04E2A604E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.magnetforensics.com
Frame ID: 1E4C0AB5C77A220D4C3C16B33F40A4B2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/981450958?random=1729769431856&cv=11&fst=1729769431856&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: 131CA500D2E5241E2600A014C02237C7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/367075062?random=1729769432073&cv=11&fst=1729769432073&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: CF08AD539DF476EA08E6CF9D04B22C82
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/367075062?random=1729769432073&cv=11&fst=1729769432073&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: 7FAE96699183608D230F892F7073C89F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/981450958?random=1729769432097&cv=11&fst=1729769432097&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 7B4A8304B1125E390B4EA501C20BEBB6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PKFD8FGZRG&gacid=1600945418.1729769432&gtm=45je4al0v9169365053za200&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=2&tag_exp=101686685~101794737~101823847&z=1270995940
Frame ID: 38516B0E57E9DE137856F924A9347A74
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgo.magnetforensics.com
Frame ID: C53A668FC5BA116B1CEE7E9ECCB012B2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/981450958?random=1729769431843&cv=11&fst=1729769431843&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: EF3F00990077C83FA8A61820153E0502
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/367075062?random=1729769432064&cv=11&fst=1729769432064&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: EA23F8A593F865424E46BB63E81283D5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/367075062?random=1729769432064&cv=11&fst=1729769432064&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue
Frame ID: E91B12DC0B2CDC67B30BAEBA907AFFB7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/981450958?random=1729769432111&cv=11&fst=1729769432111&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B919AE43F511A70008D2EA53ACBF9CF2
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgo.magnetforensics.com
Frame ID: 12D62A7D07920DDC9CBCA2558AAB88DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2024 State of enterprise DFIR report - Magnet Forensics

Page URL History Show full URLs

https://t.magnetforensics.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZS... HTTP 302
https://app.salesloft.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZS... HTTP 302
https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9ec... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

load\.sumome\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

291
Requests

97 %
HTTPS

34 %
IPv6

32
Domains

50
Subdomains

51
IPs

6
Countries

7168 kB
Transfer

21669 kB
Size

69
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://accessibe.com/blog/knowledgebase/screen-reader-guide
Title: Accessibility Screen-Reader Guide, Feedback, and Issue Reporting

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/

Search URL Search Domain Scan URL

URL: http://%20www.magnetforensics.com/
Title: www.magnetforensics.com

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.businesswire.com/portal/site/home/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/company/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/mp/legal/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.drift.com/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/legal/privacy#privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: http://www.casalemedia.com/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.demandbase.com/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.stackadapt.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.magnite.com/legal/advertising-technology-privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://training.magnetforensics.com/
Title: Training

Search URL Search Domain Scan URL

URL: https://support.magnetforensics.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://magnetidealab.com/
Title: Magnet Idea Lab

Search URL Search Domain Scan URL

URL: https://support.magnetforensics.com/?_gl=1*phhrvg*_ga*Nzk3ODM5MDIwLjE2OTI5MzAyNDM.*_ga_YTB3MPRL03*MTY5NTkzNzQzOS40LjEuMTY5NTkzODE2Ny41OC4wLjA.*_gcl_au*MTk5MTE1MjUzMi4xNjkyOTMwMjQy
Title: Training

Search URL Search Domain Scan URL

URL: https://support.magnetforensics.com/s/?language=en_US
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=2024%20State%20of%20enterprise%20DFIR%20report%0Ahttps%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F&title=2024+State+of+enterprise+DFIR+report&source=Magnet+Forensics

Search URL Search Domain Scan URL

URL: https://twitter.com/MagnetForensics

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/magnet-forensics

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/magnetforensics1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MagnetForensics/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/magnet.forensics

Search URL Search Domain Scan URL

URL: https://theauxteraproject.com/
Title: The Auxtera Project

Search URL Search Domain Scan URL

URL: http://magnetmerchandise.com/
Title: Merchandise store

Search URL Search Domain Scan URL

URL: https://go.magnetforensics.com/l/52162/2024-10-09/lkvq3b
Title: Subscribe to our emails

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.magnetforensics.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZSXIZTPOJSW443JMNZS4Y3PNUXXEZLTN52XEY3FOMXTEMBSGQWXG5DBORSS233GFVSW45DFOJYHE2LTMUWWIZTJOIWXEZLQN5ZHILZ7MRPXK5DLHU4WIZLCMEYDCZBNMNRWKYRNGRRDSMJNHFSWGYJNG5RGEOJTGE2TKZJVMUYQ====/GFRDSMLCMQ3DSOBQGUZTIZLCHFSGMZJWHBRTCYJVMU3WKNZWMVRDCZRZMYZTSMRR/www-magnetforensics-com-resources-2024-state-of-enterprise-dfir-report HTTP 302
https://app.salesloft.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZSXIZTPOJSW443JMNZS4Y3PNUXXEZLTN52XEY3FOMXTEMBSGQWXG5DBORSS233GFVSW45DFOJYHE2LTMUWWIZTJOIWXEZLQN5ZHILZ7MRPXK5DLHU4WIZLCMEYDCZBNMNRWKYRNGRRDSMJNHFSWGYJNG5RGEOJTGE2TKZJVMUYQ====/GFRDSMLCMQ3DSOBQGUZTIZLCHFSGMZJWHBRTCYJVMU3WKNZWMVRDCZRZMYZTSMRR/www-magnetforensics-com-resources-2024-state-of-enterprise-dfir-report HTTP 302
https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://load.sumome.com/ HTTP 301
https://load.sumome.com/sumome.js

Request Chain 75

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3041369%26time%3D1729769430232%26li_adsId%3D31f5e4cd-daff-4fab-8a15-1cccf4fa963d%26url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fd_utk%253D9deba01d-cceb-4b91-9eca-7bb93155e5e1%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLudZWHLBiL0gAAAZK-SuJ1jMoaaWqGaFQMKlEo8b-0a5yty1PL4cMx96Dmk5dQUunn9Q

Request Chain 92

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNff6LgGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297fH1rd-J3J_-XPs3hkDFOJi7jB0YT72Msy6u1dATBaLc

Request Chain 156

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431936&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431936&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&tm=gtmv2&e_ipv6=AQLr_jjNwLFiSQAAAZK-SuP1eKew30uo8eS25M-cHa3RGxY0MQiQeUznY0hYFyPV_46zSQ

Request Chain 158

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431937&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431937&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&tm=gtmv2&e_ipv6=AQKHaEBZHJS6-QAAAZK-SuPj3UHHG60I6z_R9gE1w2_SWOXPZreNfvcvR5ibSo9mBXbGDg

Request Chain 247

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769430289&cv=11&fst=1729769430289&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue HTTP 302
https://www.google.com/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSGwDpaXnfR5BLDakkQ3dcsXMovo1kDgbiHp_1bw&random=2714065495 HTTP 302
https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSGwDpaXnfR5BLDakkQ3dcsXMovo1kDgbiHp_1bw&random=2714065495&ipr=y

Request Chain 268

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769432073&cv=11&fst=1729769432073&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue HTTP 302
https://www.google.com/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfLz-6L3A9oqcee1xmnZkFL6gLhlboZP28ghOAicj4__Br9R8j&random=856981381 HTTP 302
https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfLz-6L3A9oqcee1xmnZkFL6gLhlboZP28ghOAicj4__Br9R8j&random=856981381&ipr=y

Request Chain 283

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769432064&cv=11&fst=1729769432064&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue HTTP 302
https://www.google.com/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfUuluS2SoQh-wG_uOCCP8wcdafLuyn3z9OZdP9UeC75FRHstr&random=3347899254 HTTP 302
https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfUuluS2SoQh-wG_uOCCP8wcdafLuyn3z9OZdP9UeC75FRHstr&random=3347899254&ipr=y

291 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/
Redirect Chain

https://t.magnetforensics.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZSXIZTPOJSW443JMNZS4Y3PNUXXEZLTN52XEY3FOMXTEMBSGQWXG5DBORSS233GFVSW45DFOJYHE2LTMUWWIZTJOIWXEZ...
https://app.salesloft.com/t/100565/sc/58bca127-f8cb-4161-a6a6-caaa72543f7c/NB2HI4DTHIXS653XO4XG2YLHNZSXIZTPOJSW443JMNZS4Y3PNUXXEZLTN52XEY3FOMXTEMBSGQWXG5DBORSS233GFVSW45DFOJYHE2LTMUWWIZTJOIWXEZLQN5...
https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

275 KB
49 KB

1795ms
1760ms

Document
text/html

2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ab5dfe376631b4a619dbe4a8011ff34c4fb67660e00193b9c652724f8b86b851

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: .storylane.io .vimeo.com .sumome.com .hotjar.com; style-src 'self' 'unsafe-inline' https: data: fonts.googleapis.com; img-src 'self' https: data: .vimeocdn.com gstatic.com .sumome.com; connect-src 'self' https: data: go.magnetforensics.com .sumome.com fonts.gstatic.com googletagmanager.com cdn.jsdelivr.net google.com acsbapp.com cdn.mouseflow.com consent.cookiebot.com player.vimeo.com cdnjs.cloudflare.com .hotjar.com wss://ws.hotjar.com; font-src 'self' https: data: fonts.gstatic.com fonts.googleapis.com; media-src 'self' 'unsafe-inline' player.vimeo.com; child-src 'self' https:; form-action 'self' https: go.magnetforensics.com; frame-ancestors 'self'; worker-src 'self' https:; manifest-src 'self'; navigate-to 'self' https:; base-uri 'self'; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=604800
content-encoding: gzip
content-length: 48717
content-security-policy: default-src 'self' 'unsafe-inline' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: *.storylane.io *.vimeo.com *.sumome.com *.hotjar.com; style-src 'self' 'unsafe-inline' https: data: fonts.googleapis.com; img-src 'self' https: data: *.vimeocdn.com gstatic.com *.sumome.com; connect-src 'self' https: data: go.magnetforensics.com *.sumome.com fonts.gstatic.com googletagmanager.com cdn.jsdelivr.net google.com acsbapp.com cdn.mouseflow.com consent.cookiebot.com player.vimeo.com cdnjs.cloudflare.com *.hotjar.com wss://ws.hotjar.com; font-src 'self' https: data: fonts.gstatic.com fonts.googleapis.com; media-src 'self' 'unsafe-inline' player.vimeo.com; child-src 'self' https:; form-action 'self' https: go.magnetforensics.com; frame-ancestors 'self'; worker-src 'self' https:; manifest-src 'self'; navigate-to 'self' https:; base-uri 'self'; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-top-navigation-by-user-activation
content-type: text/html; charset=UTF-8
date: Thu, 24 Oct 2024 11:30:29 GMT
link: <https://www.magnetforensics.com/wp-json/>; rel="https://api.w.org/" <https://www.magnetforensics.com/wp-json/wp/v2/resource/96610>; rel="alternate"; title="JSON"; type="application/json" <https://www.magnetforensics.com/?p=96610>; rel=shortlink
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: DENY
x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
x-served-by: cache-yyz4572-YYZ, cache-nrt-rjtf7700094-NRT
x-styx-req-id: 5e92fbe2-91fb-11ef-b669-e6603a00b358
x-timer: S1729769428.689029,VS0,VE1757

Redirect headers

cache-control: no-cache
content-security-policy-report-only: default-src 'self' https: blob: data:; img-src 'self' https: http:; frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:27 GMT
location: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-entry-cluster: k8s-euro-pop-1
x-entry-pop: eu-central-1
x-frame-options: SAMEORIGIN
x-global-request-start: t=1729769427.516
x-permitted-cross-domain-policies: none
x-request-id: aa6387464cf0b890f69777747a121f45
x-runtime: 0.067764
x-xss-protection: 1; mode=block

GET
H2 200 2A4B1D_0_0_566a4ba9.woff
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/ 128 KB
129 KB 21ms
13ms Font
font/woff 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/2A4B1D_0_0_566a4ba9.woff
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0bfdde523377c07339bdc26cbe44faf49466d10f7af3bd4169ac84694a810e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-769rs
etag: "6719076c-201e8"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff
last-modified: Wed, 23 Oct 2024 14:25:48 GMT
x-cache-hits: 0, 1
x-served-by: cache-yyz4551-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.468127,VS0,VE11
x-styx-req-id: 1b2c3182-9169-11ef-8bb7-76d6e1c321ad
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 131560
server: nginx

GET
H2 200 2A4B1D_4_0_c0ac701e.woff
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/ 149 KB
149 KB 25ms
17ms Font
font/woff 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/2A4B1D_4_0_c0ac701e.woff
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38af1a92a1febe60ea6cdf48747328db032bbb53c8f6d691e223e97cba19e2e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
etag: "67191275-254af"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff
last-modified: Wed, 23 Oct 2024 15:12:53 GMT
x-cache-hits: 75, 1
x-served-by: cache-yyz4570-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470815,VS0,VE11
x-styx-req-id: 1b310e23-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 152751
server: nginx

GET
H2 200 Graphik-Extralight-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ 35 KB
35 KB 25ms
18ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Extralight-Web.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 52b4cc17432578ffd29d1480648b4225424df2a57aa632dfe86b276aacc204d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
etag: "6718a23f-8b71"
age: 62820
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-cache-hits: 72, 1
x-served-by: cache-yyz4580-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470852,VS0,VE11
x-styx-req-id: 1b2c70aa-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35697
server: nginx

GET
H2 200 Graphik-Regular-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ 36 KB
36 KB 21ms
14ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Regular-Web.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c23572c09b94a5896dc046f9f4c5852bcba9465cd9d4ddbfa16cc4a04c6b895c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
etag: "6718e776-8e8d"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 12:09:26 GMT
x-cache-hits: 76, 1
x-served-by: cache-yyz4577-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470758,VS0,VE9
x-styx-req-id: 1b2b1dd2-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36493
server: nginx

GET
H2 200 Graphik-Medium-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ 35 KB
35 KB 26ms
19ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Medium-Web.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e5b99158c017df5aa0df9c3dc6b1a14d935a46509ec9b6ae38b0bf9ca572c7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
etag: "6718a23f-8b61"
age: 62820
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-cache-hits: 78, 1
x-served-by: cache-yyz4561-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470724,VS0,VE11
x-styx-req-id: 1b2c8886-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35681
server: nginx

GET
H2 200 Graphik-Semibold-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ 40 KB
40 KB 23ms
17ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Semibold-Web.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c5ba76021aa3832bd518b168fac7f8008a0ddd99ee4ca9dd0bccfac1d86b374

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
etag: "67191275-a021"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 15:12:53 GMT
x-cache-hits: 73, 1
x-served-by: cache-yyz4570-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.469636,VS0,VE12
x-styx-req-id: 1b359fc3-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40993
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 631 B
844 B 93ms
48ms Stylesheet
text/css 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5c55cae0e7c6225775f74c5ad1a4351b5ea4218baddea714b3a363a6351780f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 11:30:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 24 Oct 2024 11:30:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 Screen-Shot-2021-04-07-at-1.52.25-PM-1.jpg
www.magnetforensics.com/wp-content/uploads/2021/04/ 25 KB
26 KB 10ms
10ms Image
image/jpeg 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/uploads/2021/04/Screen-Shot-2021-04-07-at-1.52.25-PM-1.jpg
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff90abc7f28634b9669240cc556dd6f62a8000882e2186e229e30527afb1e230

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-66f648c6f-9fqhg
etag: "6604c433-65c4"
age: 62820
expires: Tue, 07 Oct 2025 02:44:10 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: image/jpeg
last-modified: Thu, 28 Mar 2024 01:13:23 GMT
x-cache-hits: 0, 1
x-served-by: cache-yyz4566-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.615639,VS0,VE7
x-styx-req-id: dd7197b2-838c-11ef-b456-22aa07964396
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 26052
server: nginx

GET
H2 200 style.min.css
www.magnetforensics.com/wp-includes/css/dist/block-library/ 110 KB
19 KB 18ms
12ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a240-1b72b"
age: 62820
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 71, 1
last-modified: Wed, 23 Oct 2024 07:14:08 GMT
x-served-by: cache-yyz4538-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.467442,VS0,VE11
x-styx-req-id: 1b2bc3a0-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 19107
server: nginx

GET
H2 200 style-index.css
www.magnetforensics.com/wp-content/plugins/pardot/build/ 151 B
433 B 517ms
512ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/pardot/build/style-index.css?ver=1729667645
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f3b2655e46f94794cd3f71c4a555dae4fc5c1aa1a179551f0ee0d9f2b18866d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
content-encoding: gzip
etag: W/"67191273-97"
age: 61947
expires: Fri, 24 Oct 2025 18:18:03 GMT
x-cache: HIT, MISS
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0, 0
last-modified: Wed, 23 Oct 2024 15:12:51 GMT
x-served-by: cache-yyz4540-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.468229,VS0,VE509
x-styx-req-id: 24862a02-916b-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 136
server: nginx

GET
H2 200 styles-blocks.css
www.magnetforensics.com/wp-content/plugins/prismatic/css/ 526 B
528 B 18ms
13ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/prismatic/css/styles-blocks.css?ver=6.6.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc8e317c924d49916e599d91520cb5f64eb9b1ff74120e5d058ca526d0ec6266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
content-encoding: gzip
etag: W/"6719076a-20e"
age: 62676
expires: Fri, 24 Oct 2025 18:05:52 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 28, 0
last-modified: Wed, 23 Oct 2024 14:25:46 GMT
x-served-by: cache-yyz4523-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.468183,VS0,VE10
x-styx-req-id: 71454472-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 299
server: nginx

GET
H2 200 font-awesome.min.css
www.magnetforensics.com/wp-content/plugins/lightbox-block/assets/css/ 99 KB
26 KB 21ms
16ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/lightbox-block/assets/css/font-awesome.min.css?ver=6.5.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f81b07075f86226ce8fc5e8d6f05c7b01061e66714af5036741a79ffec58d5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
content-encoding: gzip
etag: W/"67191273-18bbd"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 14, 0
last-modified: Wed, 23 Oct 2024 15:12:51 GMT
x-served-by: cache-yyz4525-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.468156,VS0,VE13
x-styx-req-id: 716a3290-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 26649
server: nginx

GET
H2 200 styles.css
www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 58 KB
11 KB 17ms
12ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
content-encoding: gzip
etag: W/"6718e774-e768"
age: 62675
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 30, 0
last-modified: Wed, 23 Oct 2024 12:09:24 GMT
x-served-by: cache-yyz4560-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.469326,VS0,VE9
x-styx-req-id: 71776966-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 11076
server: nginx

GET
H2 200 style.min.css
www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 908 B
580 B 24ms
19ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a23e-38c"
age: 62820
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 76, 1
last-modified: Wed, 23 Oct 2024 07:14:06 GMT
x-served-by: cache-yyz4562-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.469672,VS0,VE13
x-styx-req-id: 1b2c0bb3-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 335
server: nginx

GET
H2 200 style.min.css
www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 258 B
344 B 26ms
21ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-769rs
content-encoding: gzip
etag: W/"6719076b-102"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 74, 1
last-modified: Wed, 23 Oct 2024 14:25:47 GMT
x-served-by: cache-yyz4581-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472379,VS0,VE10
x-styx-req-id: 1b2b6ee3-9169-11ef-8bb7-76d6e1c321ad
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 144
server: nginx

GET
H2 200 style_en.css
www.magnetforensics.com/wp-content/uploads/maxmegamenu/ 146 KB
15 KB 24ms
19ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/uploads/maxmegamenu/style_en.css?ver=8cdf80
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf00d934ead4eecba65eca6bc0426e734218d5d2a33e9677f3c2fff724069a9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-77f8d49fcb-7btgd
content-encoding: gzip
etag: W/"66a2bb77-24606"
age: 62676
expires: Sun, 21 Sep 2025 19:35:51 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0, 0
last-modified: Thu, 25 Jul 2024 20:54:15 GMT
x-served-by: cache-yyz4570-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472398,VS0,VE10
x-styx-req-id: 8b305d89-7787-11ef-8a59-36b5cd5dbb64
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 15326
server: nginx

GET
H2 200 dashicons.min.css
www.magnetforensics.com/wp-includes/css/ 58 KB
36 KB 25ms
21ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-includes/css/dashicons.min.css?ver=6.6.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-769rs
content-encoding: gzip
etag: W/"6719076d-e688"
age: 62677
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 30, 0
last-modified: Wed, 23 Oct 2024 14:25:49 GMT
x-served-by: cache-yyz4572-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472337,VS0,VE11
x-styx-req-id: 715eda49-9169-11ef-8bb7-76d6e1c321ad
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 36701
server: nginx

GET
H2 200 genericons.css
www.magnetforensics.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/ 27 KB
17 KB 25ms
21ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.9.1
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a23d-6b84"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 28, 0
last-modified: Wed, 23 Oct 2024 07:14:05 GMT
x-served-by: cache-yyz4530-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472296,VS0,VE11
x-styx-req-id: 7162a727-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 16752
server: nginx

GET
H2 200 font-awesome.min.css
www.magnetforensics.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/ 30 KB
8 KB 25ms
22ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.9.1
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-769rs
content-encoding: gzip
etag: W/"6718a23d-7918"
age: 62677
expires: Fri, 24 Oct 2025 18:05:52 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 30, 0
last-modified: Wed, 23 Oct 2024 07:14:05 GMT
x-served-by: cache-yyz4580-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472272,VS0,VE11
x-styx-req-id: 71415fc5-9169-11ef-8bb7-76d6e1c321ad
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 7949
server: nginx

GET
H2 200 all.min.css
www.magnetforensics.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/ 54 KB
13 KB 22ms
19ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.9.1
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64f77a13c6e6d3adce340a06f37c55054d9cdd48cb1d9347943749592a2a565e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
content-encoding: gzip
etag: W/"67191273-d81d"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 29, 0
last-modified: Wed, 23 Oct 2024 15:12:51 GMT
x-served-by: cache-yyz4528-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472235,VS0,VE10
x-styx-req-id: 717b0b7f-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 13325
server: nginx

GET
H2 200 main_71090a07.css
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/ 991 KB
198 KB 24ms
21ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5363fabedc9da6f922057e554d89a70e96d3f9106ee1843bff53f3b475fe330b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-769rs
content-encoding: gzip
etag: W/"6718a23f-f7de6"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 0, 0
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-served-by: cache-yyz4522-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472206,VS0,VE11
x-styx-req-id: 715e93bf-9169-11ef-8bb7-76d6e1c321ad
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 202592
server: nginx

GET
H2 200 language-cookie.js Show response
www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 271 B
432 B 9ms
8ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a23e-10f"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 27, 0
last-modified: Wed, 23 Oct 2024 07:14:06 GMT
x-served-by: cache-yyz4544-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.629919,VS0,VE5
x-styx-req-id: 719807ce-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 179
server: nginx

GET
H2 200 magnetforensics-logo-new-2line.svg
www.magnetforensics.com/wp-content/uploads/2024/03/ 4 KB
2 KB 26ms
24ms Image
image/svg+xml 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/uploads/2024/03/magnetforensics-logo-new-2line.svg
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24f48568a1daa32eb4c7a896c7bd45779459243dd98245a1b8dbfd58e226bf19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-77c9f494cf-cbdwj
content-encoding: gzip
etag: W/"6604c433-f9e"
age: 62820
expires: Thu, 18 Sep 2025 06:42:41 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-cache-hits: 83, 1
last-modified: Thu, 28 Mar 2024 01:13:23 GMT
x-served-by: cache-yyz4523-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472185,VS0,VE12
x-styx-req-id: 09dd000d-74c0-11ef-969e-aa7c95312371
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1877
server: nginx

GET
H2 200 MF_One_wm2line_color_rgb.svg
www.magnetforensics.com/wp-content/uploads/2023/06/ 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/uploads/2023/06/MF_One_wm2line_color_rgb.svg
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f94d56d010d0c777687ee8fa67983469d41613c0af6197245dac813b0a1df8e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-77c9f494cf-8zxw9
content-encoding: gzip
etag: W/"66266eaf-9bd"
age: 62815
expires: Fri, 26 Sep 2025 06:58:04 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-cache-hits: 65, 0
last-modified: Mon, 22 Apr 2024 14:05:35 GMT
x-served-by: cache-yyz4534-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.646339,VS0,VE15
x-styx-req-id: 82da6eb5-7b0b-11ef-9e13-d283848ffd02
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1109
server: nginx

GET
H2 200 magnetforensics-logo-new-2line-white.svg
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/images/ 4 KB
2 KB 23ms
21ms Image
image/svg+xml 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/images/magnetforensics-logo-new-2line-white.svg
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b4b61e1707fd15feaae190a7cdf8aa2fa9fda18273f3d115cf7f7da2fe17996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a23f-1059"
age: 62804
expires: Fri, 24 Oct 2025 18:03:45 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-cache-hits: 57, 1
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-served-by: cache-yyz4522-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.472235,VS0,VE11
x-styx-req-id: 253de4ce-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1984
server: nginx

GET
H2 200 rs6.css
www.magnetforensics.com/wp-content/plugins/revslider/public/assets/css/ 57 KB
15 KB 13ms
12ms Stylesheet
text/css 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.20
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
content-encoding: gzip
etag: W/"67191274-e3d7"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: text/css
vary: Accept-Encoding
x-cache-hits: 14, 0
last-modified: Wed, 23 Oct 2024 15:12:52 GMT
x-served-by: cache-yyz4570-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.493525,VS0,VE8
x-styx-req-id: 715d12d6-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 15173
server: nginx

GET
H2 200 jquery.js Show response
www.magnetforensics.com/wp-includes/js/jquery/ 279 KB
100 KB 11ms
11ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a240-45a96"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 29, 0
last-modified: Wed, 23 Oct 2024 07:14:08 GMT
x-served-by: cache-yyz4562-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.496622,VS0,VE7
x-styx-req-id: 715f9679-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 102492
server: nginx

GET
H2 200 rbtools.min.js Show response
www.magnetforensics.com/wp-content/plugins/revslider/public/assets/js/ 161 KB
69 KB 7ms
7ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.20
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-769rs
content-encoding: gzip
etag: W/"6719076b-285db"
age: 62820
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 77, 1
last-modified: Wed, 23 Oct 2024 14:25:47 GMT
x-served-by: cache-yyz4525-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.665224,VS0,VE5
x-styx-req-id: 1b9c3da8-9169-11ef-8bb7-76d6e1c321ad
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 70525
server: nginx

GET
H2 200 rs6.min.js Show response
www.magnetforensics.com/wp-content/plugins/revslider/public/assets/js/ 401 KB
128 KB 9ms
9ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.20
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5f3b2f654d2d8210a481c0164f0a53430cd09b77c34374fe23c9a03f5ad00fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
content-encoding: gzip
etag: W/"67191274-642f9"
age: 29660
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 0, 1
last-modified: Wed, 23 Oct 2024 15:12:52 GMT
x-served-by: cache-yyz4571-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.682947,VS0,VE7
x-styx-req-id: 1ba1f7f7-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 130513
server: nginx

GET
H2 200 main_71090a07.js Show response
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/scripts/ 660 KB
220 KB 8ms
7ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/scripts/main_71090a07.js
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f005150df847d97b3188709485b414ecf1c1dc0d8a4e7e42d06a69d5f9fdf6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
content-encoding: gzip
etag: W/"67191275-a4f82"
age: 62584
expires: Fri, 24 Oct 2025 18:07:25 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 0, 0
last-modified: Wed, 23 Oct 2024 15:12:53 GMT
x-served-by: cache-yyz4581-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.526943,VS0,VE4
x-styx-req-id: a8810719-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 224568
server: nginx

GET
H2 200 hoverIntent.min.js Show response
www.magnetforensics.com/wp-includes/js/ 1 KB
914 B 8ms
7ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a240-5db"
age: 62820
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 75, 1
last-modified: Wed, 23 Oct 2024 07:14:08 GMT
x-served-by: cache-yyz4541-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.571387,VS0,VE5
x-styx-req-id: 1ba17bc1-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 721
server: nginx

GET
H2 200 maxmegamenu.js Show response
www.magnetforensics.com/wp-content/plugins/megamenu/js/ 33 KB
7 KB 7ms
7ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.3.1.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: de77aed14166ff6c0bee39653090b8cc6eaa2230de83630de11ebfc5f108fa46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: W/"6718a23d-83b2"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 28, 0
last-modified: Wed, 23 Oct 2024 07:14:05 GMT
x-served-by: cache-yyz4553-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.580705,VS0,VE5
x-styx-req-id: 71938756-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 6741
server: nginx

GET
H2 200 public.js Show response
www.magnetforensics.com/wp-content/plugins/megamenu-pro/assets/ 25 KB
6 KB 8ms
7ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2.9.1
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e967f20a8e3e58f11c2b0cfef9d2dda8a3758739f10e83e323c73be8b42653bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
content-encoding: gzip
etag: W/"67191273-64a8"
age: 62676
expires: Fri, 24 Oct 2025 18:05:53 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 29, 0
last-modified: Wed, 23 Oct 2024 15:12:51 GMT
x-served-by: cache-yyz4572-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.591699,VS0,VE6
x-styx-req-id: 7190f7f2-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 5676
server: nginx

GET
H2 200 asyncdc.min.js Show response
www.magnetforensics.com/wp-content/plugins/pardot/js/ 457 B
443 B 9ms
8ms Script
application/x-javascript 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=6.6.2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
content-encoding: gzip
etag: W/"6718e774-1c9"
age: 62820
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
x-cache-hits: 73, 1
last-modified: Wed, 23 Oct 2024 12:09:24 GMT
x-served-by: cache-yyz4553-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.606289,VS0,VE5
x-styx-req-id: 1b9c678d-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 230
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 446 KB
135 KB 125ms
71ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a788ec69c80c7fc2f8f6257fc9b36d8daac7b27af93577fbd8cf4cc5cd3b8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 24 Oct 2024 11:30:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137592
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 110 KB
34 KB 34ms
9ms Script
application/javascript 2600:140b:1c00:e::17cb:851d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:851d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=730
content-encoding: gzip
etag: "42d4c62e8219db1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Thu, 24 Oct 2024 11:42:40 GMT
accept-ranges: bytes
content-length: 34533
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 13:01:25 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 30 KB
9 KB 26ms
3ms Script
application/x-javascript 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7ba2efe3b4b4c0a0ea967ecbc0fa24ca9e773baff3c8449588a7a0bdb604863b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "deed80c1260efaf92c17504503be8a88:1729621687.117761"
Connection: keep-alive
Expires: Thu, 24 Oct 2024 11:50:30 GMT
Accept-Ranges: bytes
X-CC: JP
Content-Length: 9184
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 22 Oct 2024 18:25:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 47ms
22ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3DD4E5AA1744F87A24782F1D3388571 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:30Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14579
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 37ms
3ms Script
application/javascript 2600:140b:a00:e::b81d:8cce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:a00:e::b81d:8cce Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: max-age=27054
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 24 Oct 2024 11:30:30 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 23ms
1ms Script
application/javascript 151.101.108.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Thu, 24 Oct 2024 11:30:30 GMT
x-tw-cdn: FT
last-modified: Wed, 27 Mar 2024 23:09:36 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000135-IAD, cache-tyo11940-TYO
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 280 KB
97 KB 65ms
56ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24bc8c36866cd6cb060f25880e3f33462d3c7b74e9f7d14b951d19dfa854c6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98802
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-1019106.js Show response
static.hotjar.com/c/ 17 KB
6 KB 243ms
209ms Script
application/javascript 13.35.49.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1019106.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.49.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-49-11.nrt20.r.cloudfront.net

Software

Resource Hash

2824d7ee7283f7c5faeb46dbe2ce53e7e6a14cdbd8f48eaeaea627b80757fcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/599291dbd0f6f884e8e87a6d963598f5
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aNXz9g67e0plT1Z6gJlvlx9Cx6ASuE6uKe8s7TRGXRkjubjnzJ99XA==
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: NRT20-C1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 393 KB
126 KB 76ms
68ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886c89ea5c445ac3052f975a2f61d71b3444ab9eb75935b9aa43d82b01fe1842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129249
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK ljxy9c Show response
go.magnetforensics.com/l/52162/2024-02-20/ Frame CBB8 44 KB
11 KB 887ms
499ms Document
text/html 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 42725f1580d7748d0c7632580d72d57d638ecc2cbda52af8f68053091c330371

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 11071
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Oct 2024 11:30:30 GMT
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-pardot-rsp: 0/0/1

GET
DATA 200
OK truncated
/ 117 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab98f025e89e75eb9de8f7f16d7dbd68fff25a42fcf82c706aeb55dede2b4853

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 274 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33911e7c866f8140e67a7243a3f85c4f7d956a4ecd54056a7f21720e65c3e04a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 MF_ResourceCentre_LE-V1_488x488.png
www.magnetforensics.com/wp-content/uploads/2023/01/ 92 KB
92 KB 680ms
679ms Image
image/png 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/uploads/2023/01/MF_ResourceCentre_LE-V1_488x488.png
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a8ac148500db40a58b4cd1ed7b242595c7897896b5066cafe647112c0c191527

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
etag: "6604c433-16e1f"
age: 59649
expires: Fri, 24 Oct 2025 08:33:03 GMT
x-cache: HIT, MISS
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: image/png
last-modified: Thu, 28 Mar 2024 01:13:23 GMT
x-cache-hits: 4, 0
x-served-by: cache-yyz4576-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.035047,VS0,VE677
x-styx-req-id: 6b7c21ea-9119-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 93727
server: nginx

GET
H2 200 Graphik-Regular-Web_7574f6b6.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/graphik/ 36 KB
36 KB 9ms
8ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/graphik/Graphik-Regular-Web_7574f6b6.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c23572c09b94a5896dc046f9f4c5852bcba9465cd9d4ddbfa16cc4a04c6b895c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
etag: "67191275-8e8d"
age: 62821
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 15:12:53 GMT
x-cache-hits: 75, 1
x-served-by: cache-yyz4577-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.055408,VS0,VE6
x-styx-req-id: 1ba85b50-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36493
server: nginx

GET
H2 200 Graphik-Medium-Web_8ed104cd.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/graphik/ 35 KB
35 KB 12ms
12ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/graphik/Graphik-Medium-Web_8ed104cd.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e5b99158c017df5aa0df9c3dc6b1a14d935a46509ec9b6ae38b0bf9ca572c7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
etag: "6719076c-8b61"
age: 62821
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 14:25:48 GMT
x-cache-hits: 74, 1
x-served-by: cache-yyz4546-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.056194,VS0,VE7
x-styx-req-id: 1ba2bbd4-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35681
server: nginx

GET
H2 200 Graphik-Semibold-Web_cc40e941.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/graphik/ 40 KB
40 KB 12ms
11ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/fonts/graphik/Graphik-Semibold-Web_cc40e941.woff2
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c5ba76021aa3832bd518b168fac7f8008a0ddd99ee4ca9dd0bccfac1d86b374

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/styles/main_71090a07.css

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
etag: "67191275-a021"
age: 62821
expires: Fri, 24 Oct 2025 18:03:29 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 15:12:53 GMT
x-cache-hits: 75, 1
x-served-by: cache-yyz4581-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.056278,VS0,VE7
x-styx-req-id: 1ba1ec33-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40993
server: nginx

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 228 KB
58 KB 16ms
3ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-kJnuVsRe' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-kJnuVsRe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6O05SXCc0Mt1jw7SnWCQbFp+YaJgR0xi7BGTKIXTiPCS9cMZSWlKM+Y71qKQCoztgOSH6w+qVVpj7FuE0SvQlQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 / Show response
d3327e487add4206b7e609d4710cb454.js.ubembed.com/ 15 KB
3 KB 66ms
37ms Script
application/javascript 172.64.148.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d3327e487add4206b7e609d4710cb454.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.75 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e2497d86265cd1ce87a221878ad7d573dba931abdc8883a0844a75f8ce9063

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: max-age=0, must-revalidate
content-encoding: br
cf-cache-status: HIT
etag: W/"a8519967a241d25590fd25b8861339af826e52ad"
age: 4795
cf-ray: 8d79a29a0a6a80ea-NRT
access-control-allow-origin: *
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript
vary: Accept-Encoding, Referer
server: cloudflare

GET
H3 200 60f86f99350740001b170896 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 353ms
335ms Script
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60f86f99350740001b170896

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

389b0c9c5e825effa06b58f89d9167ec683826d6c9b3f3faa040bf2464e06f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d79a299fd7f2669-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
server: cloudflare
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url

GET
H2 200 nfebtmd8e2uh.js Show response
js.driftt.com/include/1729769700000/ 221 KB
62 KB 518ms
486ms Script
application/javascript 13.249.160.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-126.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e96abb18e70acf14065e3bacb0dbd6942579a85d3d69d9d7551bea9c627ca3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
x-amz-version-id: px8T70IzhuJ6oS1M7izBjK7Y8.9uRoPx
etag: W/"182931eb99afb01276b448d2f7bd627d"
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: 9DMQuyQrAD-hKHOe7JtisNpeSk00PcRtZt72ETdjfxr41Qto7ueJMQ==
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 18:47:07 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
x-envoy-upstream-service-time: 40
access-control-allow-credentials: true
via: 1.1 b5d3de3f3a74cdfebe8eaeabf94d530c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: NRT12-C3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 526ms
172ms Script
text/javascript 54.146.148.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.148.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-148-156.compute-1.amazonaws.com
Software: /
Resource Hash: 2f8b17f7047808b11a957a01f95780557ef40b5fa965c78aadf40f460287e200

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: text/javascript

GET
H/1.1 200
OK kzq6w7 Show response
go.magnetforensics.com/l/52162/2021-07-19/ Frame 92F4 29 KB
8 KB 796ms
445ms Document
text/html 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: facc649ca3384d33a8a141e8d71c451250a3218521edb6a1071124e5cf5ec4f8

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 7704
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Oct 2024 11:30:30 GMT
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-pardot-rsp: 0/0/1

GET
H2 200 MF_IdentifyInsiderFraud_ResourceCentre_488x488.jpg
www.magnetforensics.com/wp-content/uploads/2022/03/ 21 KB
21 KB 194ms
193ms Image
image/jpeg 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/uploads/2022/03/MF_IdentifyInsiderFraud_ResourceCentre_488x488.jpg
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 273ec762a7292aa7240f6a5821af55c614fc52d473bd5b358cfe34892ee6cd42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-7866c56f79-fx7x6
etag: "6604c433-527b"
age: 58571
expires: Tue, 14 Oct 2025 22:11:12 GMT
x-cache: HIT, MISS
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: image/jpeg
last-modified: Thu, 28 Mar 2024 01:13:23 GMT
x-cache-hits: 0, 0
x-served-by: cache-yyz4523-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.080057,VS0,VE190
x-styx-req-id: 0e70e8ce-89b0-11ef-a1d1-de6c8162ef13
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 21115
server: nginx

GET
H2 200 MF_Webinar_InvestigateMalwareandRansomware_600x341.png
www.magnetforensics.com/wp-content/uploads/2024/02/ 137 KB
137 KB 716ms
715ms Image
image/png 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.magnetforensics.com/wp-content/uploads/2024/02/MF_Webinar_InvestigateMalwareandRansomware_600x341.png
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7b5e07e61976a304a06d014d1a59e2478f8c59c3bd2cb92accdce6818257b00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-85b7d57ccb-n8p44
etag: "667daabd-2224c"
age: 59706
expires: Wed, 15 Oct 2025 22:06:23 GMT
x-cache: HIT, MISS
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: image/png
last-modified: Thu, 27 Jun 2024 18:09:01 GMT
x-cache-hits: 0, 0
x-served-by: cache-yyz4532-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769430.080440,VS0,VE713
x-styx-req-id: 8cffd0a0-8a78-11ef-b412-aa14d3a0dac3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 139852
server: nginx

GET
H3 200 kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v213/ 3 MB
3 MB 45ms
5ms Font
font/woff2 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialsymbolsoutlined/v213/kJEhBvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oFsI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.131 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

6504b9c461f89254f50abd3ebbd871c7f3c1486e7f6f73abbdeb398beb61cd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.magnetforensics.com
Referer: https://fonts.googleapis.com/

Response headers

age: 110753
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 04:44:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 04:44:37 GMT
last-modified: Tue, 15 Oct 2024 19:31:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3319240
x-xss-protection: 0
server: sffe

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 315 KB
96 KB 156ms
142ms Script
application/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095a419a7e9d826faf0efcb8176e529da5c9a2a56e3ff1295c5fd7efa6f448f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

x-goog-metageneration: 3
access-control-expose-headers: *
x-goog-hash: crc32c=1OfI5w==, md5=J0aPpAwiN3HEjj+iDpQeiQ==
cf-cache-status: REVALIDATED
etag: W/"27468fa40c223771c48e3fa20e941e89"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Fri, 24 Oct 2025 11:30:30 GMT
x-goog-stored-content-length: 322112
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 14 Oct 2024 13:05:25 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2XqvU2PXKdgcRcSAy-FSMQk0GzrnmHsOQNLKR4EI9vfVcrv2D_3VsFlAtkxMneyGtUaCQ
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8d79a29a2ddfd774-NRT
access-control-allow-origin: *
x-goog-generation: 1728911125876754
server: cloudflare

GET
H3 200 e9655771-a704-42c9-ad98-19a2f82340aa.js Show response
cdn.mouseflow.com/projects/ 60 KB
17 KB 25ms
12ms Script
application/javascript 104.18.26.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/e9655771-a704-42c9-ad98-19a2f82340aa.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.50 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d868859f87ae94e683c1c3605764c5e87a24be77f49f70e272d4acce9afdf8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f590be39529cd81:0"
age: 553362
x-mf-country: JP
x-content-type-options: nosniff
expires: Fri, 25 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 20 Jul 2022 16:03:17 GMT
x-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-mf-continent: AS
cache-control: public, max-age=86400
cf-ray: 8d79a29a2e32d748-NRT
access-control-allow-origin: *
x-mf-script-region: non-enforced-privacy
server: cloudflare

GET
H2

200

sumome.js Show response
load.sumome.com/
Redirect Chain

https://load.sumome.com/
https://load.sumome.com/sumome.js

2 KB
2 KB

2ms
2ms

Script
application/javascript

2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/sumome.js
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: acf59197679c94a3b3eb2591f4127a1121474dd5c9110067db172a657dadd822

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "7524c7647c5293025519ea102c5573d5"
date: Thu, 24 Oct 2024 11:30:30 GMT
last-modified: Tue, 22 Oct 2024 21:05:16 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: /gUmDbochgeU9FU9HAHhfdIN6ZAX7vTcwh5a0RnfmfDs9MRc0b6yGVbcQMujT9JkoBfw8KAwn+I=
cdn-cachedat: 10/22/2024 21:09:26
cache-control: max-age=600
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 694fe70affada1b35b832b664242e390
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: 2S2AV7PMEVGMWCW0
cdn-edgestorageid: 1172
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

Redirect headers

cache-control: no-cache
location: https://load.sumome.com/sumome.js
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: f3bd8fdbc3d2deb3b2403840647f786e
cdn-pullzone: 1686293
content-length: 162
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: text/html
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
DATA 200
OK truncated
/ 167 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f452579a9d9ec57b6e47afb3afcc605e80707ab6d284d34521d6c50f66d45e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0181f1a87b13da78449842f1773ba41d94e9a7a83f081038f35bcac2068b7da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame A43F 0
0 23ms
3ms Document
text/html 2600:140b:1c00:5a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:5a4::f09 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=30061769
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:30 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 07 Oct 2025 09:59:59 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1729769430225_399782824_142953727_28_969_1_5_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/fe34b718-95dc-4dcb-a860-f4b15ee8ad8b/ 360 KB
108 KB 244ms
243ms Script
application/x-javascript 2600:140b:1c00:e::17cb:851d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/fe34b718-95dc-4dcb-a860-f4b15ee8ad8b/cc.js?renew=false&referer=www.magnetforensics.com&dnt=false&init=false&culture=en
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:851d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6c423303131c1b6498ab7e0ebd95c5646ca1f664f6ab7d74854ed42888e10e88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: private, max-age=1200
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Thu, 24 Oct 2024 11:30:30 GMT
vary: Accept-Encoding

GET
H2 200 adsct
t.co/1/i/ 43 B
627 B 123ms
113ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=36f1d383-4376-4a51-ad95-bd5009b3ebb6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=03140b02-940b-4133-9264-dbc2bf233f7c&tw_document_href=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tw_iframe_status=0&txn_id=o65as&type=javascript&version=2.3.30

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 1a40fef84cb113c6
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 9b57bb9b783b1b57716b713183201282b376ada2af2daec82d92c433f1bbaf15
cf-cache-status: DYNAMIC
cf-ray: 8d79a29ae97534a5-NRT
x-response-time: 95
content-length: 43
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_m

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 119ms
100ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=36f1d383-4376-4a51-ad95-bd5009b3ebb6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=03140b02-940b-4133-9264-dbc2bf233f7c&tw_document_href=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tw_iframe_status=0&txn_id=o65as&type=javascript&version=2.3.30

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: a4a1a2d3807de7ef
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 78ba241f8690d27a33f674bde12e0c1660d331a9a174532ff86cf97ba1232a64
x-response-time: 96
content-length: 43
date: Thu, 24 Oct 2024 11:30:29 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_m

GET
H/1.1 200
OK 0082edd17f2d0d98452b4b1425ac168d14 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 32ms
13ms Script
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/0082edd17f2d0d98452b4b1425ac168d14

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-225-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1729725492949
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection: keep-alive
Expires: Thu, 24 Oct 2024 11:31:30 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 22
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 5d6adf71b9219947a13ac1b256b95e9b

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 17ms
6ms Fetch
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Thu, 24 Oct 2024 11:50:30 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 26
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 319ms
101ms Fetch
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=true&bust=04509438958029106&referrer=&cht=cb&marketerId=0082edd17f2d0d98452b4b1425ac168d14&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&g=1&zone=all&obApiVersion=1.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: image/gif;
x-traceid: e1124c7fdc10724bf9413c320fbd5e69

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 322ms
104ms Script
application/javascript 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=0082edd17f2d0d98452b4b1425ac168d14

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript
x-traceid: 0baf0949d7da6abed8a0ecc2348ed02f

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
309 B 211ms
185ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.magnetforensics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EAFE4479E66E49DBA30413EA8EE924BC Ref B: TYBEDGE0619 Ref C: 2024-10-24T11:30:30Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYlN1RwYSJVAeuzapRerQ==
x-li-proto: http/2
access-control-allow-origin: https://www.magnetforensics.com
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:30 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
761 B 210ms
187ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3041369&time=1729769430232&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://www.magnetforensics.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 00062537547054a12b819dd30e2dda94
x-msedge-ref: Ref A: 5706FC4A45654A9C847EE520E23F4E80 Ref B: TYAEDGE0716 Ref C: 2024-10-24T11:30:30Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlN1RwVKErgZ3TDi3alA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-ent...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-ent...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3041369%26time%3D1729769430232%26li_adsId%3D31f5e4cd-daff-4fab-8a15-1cccf4fa963d%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-ent...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-en...

0
488 B

198ms
180ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLudZWHLBiL0gAAAZK-SuJ1jMoaaWqGaFQMKlEo8b-0a5yty1PL4cMx96Dmk5dQUunn9Q
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 717927F9DBF844688F82FD2B546B82FD Ref B: TYO01EDGE1721 Ref C: 2024-10-24T11:30:31Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlN1SHs9IdQSnCQaCX2g==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769430232&li_adsId=31f5e4cd-daff-4fab-8a15-1cccf4fa963d&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLudZWHLBiL0gAAAZK-SuJ1jMoaaWqGaFQMKlEo8b-0a5yty1PL4cMx96Dmk5dQUunn9Q
x-msedge-ref: Ref A: B5479A1CB02840C79039AEABDEFE4E42 Ref B: TYBEDGE0619 Ref C: 2024-10-24T11:30:31Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlN1SEfBIvviuMpY7R/g==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT

GET
H2 200 136011466.js Show response
bat.bing.com/p/action/ 370 B
426 B 23ms
23ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/136011466.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1985BE1C46854B30B0C5BF35CF364822 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:30Z
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 978327179195886 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 149ms
148ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/978327179195886?v=2.9.173&r=stable&domain=www.magnetforensics.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

a0cd44d7f616d20b0958cc0b11958dc46aa4442817bd54231713014802264247

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-TD9kYaFE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-TD9kYaFE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=75, mss=1232, tbw=68057, tp=66, tpl=0, uplat=146, ullat=0
pragma: public
x-fb-debug: uYzsX5dESs3/7zpNyMPDTXuE+xR9PXCGJQOHG7aaKV2ABvyvno1rvXr60c4rMB5pO6doVgpY7cvPA1W3m1mD2A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.183.0/ 183 KB
49 KB 22ms
2ms Script
application/javascript 3.166.244.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by: Host: d3327e487add4206b7e609d4710cb454.js.ubembed.com
URL: https://d3327e487add4206b7e609d4710cb454.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.166.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-166-244-96.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"ce1f9daa5bfa548f0417f378eb40974e"
age: 6009187
via: 1.1 4129c88b7db23a46f14bad4f49e2e962.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Fi66QaqEGsGlsT56C0g5GYsW9WybIxrm7yns1Z06_KAqUavSOdEcqg==
date: Thu, 15 Aug 2024 22:17:24 GMT
content-type: application/javascript
last-modified: Fri, 24 May 2024 17:48:37 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P6
x-amz-server-side-encryption: AES256

GET
H2 200 modules.7d35ebb92a246d9f66a6.js Show response
script.hotjar.com/ 222 KB
55 KB 70ms
3ms Script
application/javascript 3.165.39.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d35ebb92a246d9f66a6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1019106.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.39.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-39-67.nrt12.r.cloudfront.net

Software

Resource Hash

e2904f976f723cd812b4e1c802967d11c9f6f5d6c97700e5b9386a16bd4ce5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "3740453cbe6e211a68ee29e8f16500a1"
age: 83182
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KDy7nj-zOF3QBiEvrz1pxAEeZgpk4HnUVjfLhu8yK4VYTQXd-CUw2g==
date: Wed, 23 Oct 2024 12:24:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 12:23:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 5dab58be61ab1ecdb108785fdb49e208.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56199
x-amz-cf-pop: NRT12-P5

GET
H2 200 329a98b44c5d7aa0.min.js Show response
tag.demandbase.com/ 89 KB
23 KB 24ms
6ms Script
application/javascript 99.84.133.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/329a98b44c5d7aa0.min.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.133.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-133-116.nrt57.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d7ebbe82b113abafe8c1ed55d84ffa2319843b52b8176d544a1a0035cd035c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
x-amz-version-id: Yj3l_ouKApHtn9iiDSK1cidMLcDPndEB
etag: W/"27150309815fb17d28227d0efe8d5194"
age: 178
x-cache: Hit from cloudfront
x-amz-cf-id: pl9qyucscRKHCLfTlnaOO1FiF6urMHsI0TRYcIJ5M8FxoZbV-4fHDA==
date: Thu, 24 Oct 2024 11:27:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 13:52:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=3600
via: 1.1 2db79171f5f60ceb7ed4b286fa3572be.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: NRT57-C3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 2.8ce2f449e0e5a6831968.js Show response
load.sumome.com/ 315 KB
96 KB 3ms
3ms Script
application/javascript 2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/2.8ce2f449e0e5a6831968.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: 9ce9dde767ac632d60c8fedcf72973d7b73ab31ba4c1b7ba66b54acafea8ad77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "44e1856010ff0b18e84e012db9ef587e"
date: Thu, 24 Oct 2024 11:30:30 GMT
last-modified: Tue, 22 Oct 2024 21:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: 8NobFeVubU963Kbz4RPGCV4GcuUE/2cdf66R3QfSDFlMec+4tyfCTh/X0ZoDT90ZZyf3+n6Zgv4=
cdn-cachedat: 10/22/2024 21:09:27
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: 10ee7446f4bae9507eff452166e61b5a
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: 35BZ7TN1TP3B61SX
cdn-edgestorageid: 1189
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
H2 200 19.8ce2f449e0e5a6831968.js Show response
load.sumome.com/ 41 KB
17 KB 2ms
2ms Script
application/javascript 2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/19.8ce2f449e0e5a6831968.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: 6bd75299c3bfc54423f83442b734f5747df80e300c21899f2abc354c449e44e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "ca087519ca7e70b69918e1a4d518be83"
date: Thu, 24 Oct 2024 11:30:30 GMT
last-modified: Tue, 22 Oct 2024 21:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: 6LvAUo+UhoTSJQzEPd5keP8nvMILcIQBgv0Cg1rvU3sOB8/4CiXLjaHaD1U9ja0O4Z3HK7Q/izQ=
cdn-cachedat: 10/22/2024 21:09:27
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: af93847fb730b650f1ef5902f494bf1a
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: 35BV892AFZ0JEBTP
cdn-edgestorageid: 1148
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
H2 200 config.json Show response
cdn.acsbapp.com/config/magnetforensics.com/ 163 B
695 B 150ms
133ms Fetch
application/json 2606:4700:10::ac43:b9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/config/magnetforensics.com/config.json?page=%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1
Requested by: Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9879ef3d5b4ab0e0135513ce4459dd3d75753ecad966ca5d63ed82cc2d1d93a6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=/piuGA==, md5=dKrNqIJK3YAeLUzwVPEk6A==
cf-cache-status: MISS
etag: W/"74aacda8824add801e2d4cf054f124e8"
content-encoding: br
x-goog-stored-content-encoding: identity
expires: Fri, 24 Oct 2025 11:30:31 GMT
x-goog-stored-content-length: 163
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/json
last-modified: Tue, 20 Feb 2024 15:30:12 GMT
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3S1d7cWFQOAu1oourRbs4Bd0jreSnBT-Aj8gEyn8jjF77NmY4gbSj84HRnNMGTWelKvIE
cache-control: public, max-age=300, must-revalidate
x-goog-storage-class: STANDARD
cf-ray: 8d79a2a10cf180fb-NRT
access-control-allow-origin: *
x-goog-generation: 1708443012419664
server: cloudflare

GET
H2 204 0
bat.bing.com/action/ 0
359 B 24ms
24ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136011466&tm=gtm002&Ver=2&mid=e52fb7ac-8c45-4b72-96b4-59d14acab464&bo=1&sid=6068a71091fb11ef91ab375f10d9100b&vid=6068dd7091fb11ef80d02fb99d18d603&vids=1&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&p=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&r=&lt=4456&evt=pageLoad&sv=1&cdb=AQIR&rn=913519

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3574DED10049478FBDE1F4027582200E Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:31Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 92F4 220 KB
79 KB 53ms
52ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0ddbf6892bad4cc922cedea06e434e88e2937dd274fa94a4a5e64715f540d73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80476
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK piUtils.js Show response
go.magnetforensics.com/js/ Frame 92F4 343 KB
100 KB 326ms
325ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/js/piUtils.js?ver=2021-09-20
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Response headers

Transfer-Encoding: chunked
cache-control: max-age=63072000
content-encoding: gzip
etag: "55cc5-gzip"
Connection: keep-alive
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
expires: Sat, 24 Oct 2026 11:30:31 GMT
accept-ranges: bytes
Date: Thu, 24 Oct 2024 11:30:31 GMT
Content-Type: application/javascript
last-modified: Thu, 24 Oct 2024 05:32:32 GMT
vary: Accept-Encoding,User-Agent

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdn.jsdelivr.net/npm/iframe-resizer@4.4.0/js/ Frame 92F4 13 KB
6 KB 28ms
14ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/iframe-resizer@4.4.0/js/iframeResizer.contentWindow.min.js

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c5b96083471d582d2af9733ace6c12287b8adcc45d4f24dc21a482615f6a0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"34db-txuXIQsOBxDNojrAbKCF3oCrHY4"
age: 731474
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220071-FRA, cache-nrt-rjtf7700065-NRT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5329
x-jsd-version: 4.4.0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CBB8 220 KB
0 47ms
47ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0ddbf6892bad4cc922cedea06e434e88e2937dd274fa94a4a5e64715f540d73e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80476
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK piUtils.js Show response
go.magnetforensics.com/js/ Frame CBB8 343 KB
0 319ms
319ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/js/piUtils.js?ver=2021-09-20
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "55cc5-gzip"
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
expires: Sat, 24 Oct 2026 11:30:31 GMT
accept-ranges: bytes
Date: Thu, 24 Oct 2024 11:30:31 GMT
Content-Type: application/javascript
last-modified: Thu, 24 Oct 2024 05:32:32 GMT
vary: Accept-Encoding,User-Agent

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdn.jsdelivr.net/npm/iframe-resizer@4.4.0/js/ Frame CBB8 13 KB
0 22ms
22ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/iframe-resizer@4.4.0/js/iframeResizer.contentWindow.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c5b96083471d582d2af9733ace6c12287b8adcc45d4f24dc21a482615f6a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"34db-txuXIQsOBxDNojrAbKCF3oCrHY4"
age: 731474
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220071-FRA, cache-nrt-rjtf7700065-NRT
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5329
x-jsd-version: 4.4.0

GET
H2 200 sync
s.company-target.com/s/ Frame A52C 0
0 180ms
169ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.company-target.com/s/sync?exc=lr

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/329a98b44c5d7aa0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

22.71.96.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 24 Oct 2024 11:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCNff6LgGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297fH1rd-J3J_-XPs3hkDFOJi7jB0YT72Msy6u1dATBaLc

26 B
348 B

224ms
158ms

Image
image/gif

13.225.183.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297fH1rd-J3J_-XPs3hkDFOJi7jB0YT72Msy6u1dATBaLc
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: HTTP/1.1
Server: 13.225.183.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-183-4.nrt57.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

Connection: keep-alive
Via: 1.1 3314774a1e77e48ceae8fcb305dccf48.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
Content-Length: 26
X-Amz-Cf-Id: RPJisY6VHLYEFM98hfxfetvgBdGFbVv1PviYKr4k0-nsE80rEJU4pQ==
Date: Thu, 24 Oct 2024 11:30:31 GMT
Content-Type: image/gif
X-Amz-Cf-Pop: NRT57-C4

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297fH1rd-J3J_-XPs3hkDFOJi7jB0YT72Msy6u1dATBaLc
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 487 B
1 KB 275ms
258ms XHR
application/json 3.164.143.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&page_title=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/329a98b44c5d7aa0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.164.143.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-143-83.nrt20.r.cloudfront.net

Software

nginx /

Resource Hash

45035c78dd0c8eeb33732fb39da6243565605137db51c14416b325e985fec1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.magnetforensics.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 3de51791-6680-4123-97e6-0d74adbf7294
expires: Wed, 23 Oct 2024 11:30:31 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: _h9x9S-YJIovOp_aXyJnSpURhTjumzWVpwItnU7WwfarIUir-Y4Wuw==
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 826472e4ca8c43d3ffcbd142363e4822.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.magnetforensics.com
x-amz-cf-pop: NRT20-P3
server: nginx

OPTIONS
H2 204 /
sumome.com/api/load/ Frame 0
0 339ms
110ms Preflight 34.211.221.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/load/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.221.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-221-163.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.magnetforensics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.magnetforensics.com
access-control-max-age: 2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
server: nginx/1.21.5

POST
H2 200 / Show response
sumome.com/api/load/ 790 B
1 KB 118ms
117ms Fetch
application/json 34.211.221.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/load/

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/19.8ce2f449e0e5a6831968.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.211.221.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-221-163.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

c9dafd9603b7c319b58354440fcaa5c3f2f1e7988f8a76e9373ba3fb4a24a171

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.magnetforensics.com/

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
access-control-allow-credentials: true
access-control-allow-origin: https://www.magnetforensics.com
content-length: 790
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
H3 200 524101908201833 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 129ms
128ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/524101908201833?v=2.9.173&r=stable&domain=www.magnetforensics.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C189%2C190%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

30084481f752ea61aaafd9a3e0984e3d166057804bc6d35949147e85e3a645bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EL9fpWcE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EL9fpWcE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=88, mss=1232, tbw=84375, tp=83, tpl=0, uplat=125, ullat=1
pragma: public
x-fb-debug: R3mW2JeTxwotA0DPX4LLiLr1luiH9rCmEk3BGwBlK7VOVNP9q9F0AqcqRujbizmRj+RkPkx+aryoA3urNlZZxA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 15ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=978327179195886&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431367&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=GET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2903, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 172ms
161ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=978327179195886&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431367&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=FGET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303137682583763"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gXbwYK/nJVu0JlakqH52FC96uAGfsitvS+VMAaXtSA9TjETYOkwZfTvWBrXhqYWkK7k/GNkeHhxfip8MlGvnXA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303137682583763", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3220, tp=-1, tpl=-1, uplat=158, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 243691595cd01b309e518b373dd2ee918b93646309ca694c0f14e3b7ea469fea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 171ms
171ms Stylesheet
text/css 54.146.148.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.148.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-148-156.compute-1.amazonaws.com
Software: /
Resource Hash: 9339a5686ce46d242e237489ecb6479c881bc7f4ab2d7aa52ae9e39b1e431375

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 519ms
175ms Fetch
image/jpeg 54.146.148.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.148.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-148-156.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/jpeg

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 92F4 446 KB
0 0ms
0ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a788ec69c80c7fc2f8f6257fc9b36d8daac7b27af93577fbd8cf4cc5cd3b8ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 24 Oct 2024 11:30:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137592
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame CBB8 446 KB
0 0ms
0ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a788ec69c80c7fc2f8f6257fc9b36d8daac7b27af93577fbd8cf4cc5cd3b8ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 24 Oct 2024 11:30:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137592
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CBB8 295 KB
101 KB 54ms
54ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PKFD8FGZRG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c75ceddd9050bbbed76bac047ab587f677f96e39bed8e338a5cc035a5f3af5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103739
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame CBB8 52 KB
21 KB 50ms
3ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
age: 2867
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:42:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 10:42:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CBB8 393 KB
126 KB 61ms
60ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YTB3MPRL03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

edff91075f5d474f3a811de572402ac1259045f0dce511e43439a5c3aa9a8f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129342
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 92F4 295 KB
0 54ms
54ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PKFD8FGZRG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c75ceddd9050bbbed76bac047ab587f677f96e39bed8e338a5cc035a5f3af5fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 103739
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 92F4 52 KB
0 50ms
50ms Script
text/javascript 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
age: 2867
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 12:42:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 10:42:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 92F4 393 KB
0 61ms
61ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YTB3MPRL03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34380560-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

edff91075f5d474f3a811de572402ac1259045f0dce511e43439a5c3aa9a8f62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129342
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uc.js Show response
consent.cookiebot.com/ Frame CBB8 110 KB
34 KB 62ms
61ms Script
application/javascript 2600:140b:1c00:e::17cb:851d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:851d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=729
content-encoding: gzip
etag: "42d4c62e8219db1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Thu, 24 Oct 2024 11:42:40 GMT
accept-ranges: bytes
content-length: 34533
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 13:01:25 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ Frame CBB8 30 KB
0 0ms
0ms Script
application/x-javascript 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7ba2efe3b4b4c0a0ea967ecbc0fa24ca9e773baff3c8449588a7a0bdb604863b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "deed80c1260efaf92c17504503be8a88:1729621687.117761"
Expires: Thu, 24 Oct 2024 11:50:30 GMT
Accept-Ranges: bytes
X-CC: JP
Content-Length: 9184
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 22 Oct 2024 18:25:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 bat.js Show response
bat.bing.com/ Frame CBB8 50 KB
0 0ms
0ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3DD4E5AA1744F87A24782F1D3388571 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:30Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14579
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame CBB8 40 KB
0 1ms
1ms Script
application/javascript 2600:140b:a00:e::b81d:8cce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:a00:e::b81d:8cce Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: max-age=27054
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 24 Oct 2024 11:30:30 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame CBB8 56 KB
18 B 3ms
2ms Script
application/javascript 151.101.108.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Thu, 24 Oct 2024 11:30:31 GMT
x-tw-cdn: FT
last-modified: Wed, 27 Mar 2024 23:09:36 GMT
x-served-by: cache-tyo11940-TYO
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame CBB8 280 KB
0 0ms
0ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24bc8c36866cd6cb060f25880e3f33462d3c7b74e9f7d14b951d19dfa854c6ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98802
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-1019106.js Show response
static.hotjar.com/c/ Frame CBB8 17 KB
0 5ms
5ms Script
application/javascript 13.35.49.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1019106.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.49.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-49-11.nrt20.r.cloudfront.net

Software

Resource Hash

2824d7ee7283f7c5faeb46dbe2ce53e7e6a14cdbd8f48eaeaea627b80757fcde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: max-age=60
content-encoding: br
etag: W/599291dbd0f6f884e8e87a6d963598f5
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aNXz9g67e0plT1Z6gJlvlx9Cx6ASuE6uKe8s7TRGXRkjubjnzJ99XA==
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: NRT20-C1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame CBB8 393 KB
0 5ms
5ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886c89ea5c445ac3052f975a2f61d71b3444ab9eb75935b9aa43d82b01fe1842

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129249
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uc.js Show response
consent.cookiebot.com/ Frame 92F4 110 KB
0 61ms
61ms Script
application/javascript 2600:140b:1c00:e::17cb:851d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:851d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=729
content-encoding: gzip
etag: "42d4c62e8219db1:0"
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires: Thu, 24 Oct 2024 11:42:40 GMT
accept-ranges: bytes
content-length: 34533
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 13:01:25 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ Frame 92F4 30 KB
0 0ms
0ms Script
application/x-javascript 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7ba2efe3b4b4c0a0ea967ecbc0fa24ca9e773baff3c8449588a7a0bdb604863b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "deed80c1260efaf92c17504503be8a88:1729621687.117761"
Expires: Thu, 24 Oct 2024 11:50:30 GMT
Accept-Ranges: bytes
X-CC: JP
Content-Length: 9184
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: application/x-javascript
Last-Modified: Tue, 22 Oct 2024 18:25:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 92F4 50 KB
0 0ms
0ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3DD4E5AA1744F87A24782F1D3388571 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:30Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14579
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 92F4 40 KB
0 2ms
2ms Script
application/javascript 2600:140b:a00:e::b81d:8cce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:a00:e::b81d:8cce Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: max-age=27054
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 24 Oct 2024 11:30:30 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 92F4 56 KB
66 B 3ms
1ms Script
application/javascript 151.101.108.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Thu, 24 Oct 2024 11:30:31 GMT
x-tw-cdn: FT
last-modified: Wed, 27 Mar 2024 23:09:36 GMT
x-served-by: cache-tyo11940-TYO
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 92F4 280 KB
0 2ms
2ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24bc8c36866cd6cb060f25880e3f33462d3c7b74e9f7d14b951d19dfa854c6ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98802
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-1019106.js Show response
static.hotjar.com/c/ Frame 92F4 17 KB
0 3ms
3ms Script
application/javascript 13.35.49.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1019106.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.49.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-49-11.nrt20.r.cloudfront.net

Software

Resource Hash

2824d7ee7283f7c5faeb46dbe2ce53e7e6a14cdbd8f48eaeaea627b80757fcde

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: max-age=60
content-encoding: br
etag: W/599291dbd0f6f884e8e87a6d963598f5
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aNXz9g67e0plT1Z6gJlvlx9Cx6ASuE6uKe8s7TRGXRkjubjnzJ99XA==
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: NRT20-C1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ Frame 92F4 393 KB
0 4ms
3ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886c89ea5c445ac3052f975a2f61d71b3444ab9eb75935b9aa43d82b01fe1842

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129249
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 592017098361447 Show response
connect.facebook.net/signals/config/ 30 KB
4 KB 143ms
142ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/592017098361447?v=2.9.173&r=stable&domain=www.magnetforensics.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C189%2C190%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d84658f533098c4de66a48fba5bf3aa9e2b0affc875b7081022813a1b664ed63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=91, mss=1232, tbw=88425, tp=92, tpl=0, uplat=140, ullat=0
pragma: public
x-fb-debug: wjgxZzcnsGt8f+zaGo/DfLz6mqWZwFo/wYMoc8Id99Mi5D/YNbyZc5kmC+lzVWc3uO6uY2GsZcpEHTgOHJgijg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
101 B 4ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524101908201833&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431544&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=GET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6559, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
885 B 148ms
147ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=524101908201833&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431544&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=FGET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303136762991158"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 8Zsi9QEk913Q33BEwMANwdOmyiDTBRsW8BghT2P3LNgy44Fu2FyFOeEDe7+Y2EVIhSKf2+94opjVfZXEawXmLQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303136762991158", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6704, tp=-1, tpl=-1, uplat=145, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 393 KB
126 KB 61ms
61ms Script
application/javascript 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

529538b800da3e28eabfd7114232283c8b8725c393bb378788158c17203f0d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 24 Oct 2024 11:30:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129309
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 609ms
594ms XHR
text/html 2600:9000:2352:b600:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=_h9x9S-YJIovOp_aXyJnSpURhTjumzWVpwItnU7WwfarIUir-Y4Wuw==&api-version=v3
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/329a98b44c5d7aa0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2352:b600:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 59567
x-cache: Error from cloudfront
x-amz-cf-id: xEVaVcNVYVPMB22ZahwgQQcTKtycWtOHCqzGAPmu7ZnRXr8tdG5XDg==
date: Wed, 23 Oct 2024 18:58:09 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
via: 1.1 17a02959a1dd77a49eeba1ffffcee214.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: NRT57-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame CBB8 1 B
423 B 42ms
41ms XHR
text/plain 2404:6800:4004:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1749924773&t=pageview&_s=1&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&dr=https%3A%2F%2Fwww.magnetforensics.com%2F&ul=ja-jp&de=UTF-8&sd=24-bit&sr=1600x1200&vp=781x150&je=0&_u=YGBACUABBAAAACAAI~&jid=2051355123&gjid=290190086&cid=1600945418.1729769432&tid=UA-34380560-1&_gid=1707341973.1729769432&_r=1&gtm=457e4al0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&jsscut=1&z=623303881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://go.magnetforensics.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://go.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ Frame 92F4 35 B
58 B 6ms
5ms Image
image/gif 142.250.196.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=516866439&t=pageview&_s=1&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&dr=https%3A%2F%2Fwww.magnetforensics.com%2F&ul=ja-jp&de=UTF-8&sd=24-bit&sr=1600x1200&vp=578x156&je=0&_u=QCCACUABBAAAAAAAI~&jid=&gjid=&cid=1600945418.1729769432&tid=UA-34380560-1&_gid=1707341973.1729769432&gtm=457e4al0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101794737~101823848&jsscut=1&z=142637414

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

age: 85673
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 11:42:38 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 169581808443017 Show response
connect.facebook.net/signals/config/ 29 KB
4 KB 131ms
131ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/169581808443017?v=2.9.173&r=stable&domain=www.magnetforensics.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C134%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C189%2C190%2C129%2C232%2C116%2C126%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b7eb51e42368330fcb9068cd7dd3e5d5cff32deeb66d6628653e6c69363676ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=95, mss=1232, tbw=92967, tp=99, tpl=0, uplat=128, ullat=0
pragma: public
x-fb-debug: qs9Hb+y2GRdqtiuuhLY4LC6XZlaBIh04eW4ftzMoU+RwoeDY7EW6ABzjgWy3vttDb+XfMdULpfwm62ozo/RSbw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 3ms
2ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592017098361447&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431694&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=GET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4493, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 161ms
161ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=592017098361447&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431694&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=FGET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303135816368774"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: qxhutv7Oudu+2RX/zp478MmxUPqrh3/XlnQbmc4cksZ7nbGg1WHypy4s1ItX/RS7mgPz6FBmKowF1Jb+kn6YaQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303135816368774", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4861, tp=13, tpl=0, uplat=157, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

OPTIONS
H2 204 services
sumome.com/ Frame 0
0 110ms
110ms Preflight 34.211.221.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/services
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.221.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-221-163.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.magnetforensics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.magnetforensics.com
access-control-max-age: 2592000
date: Thu, 24 Oct 2024 11:30:31 GMT
server: nginx/1.21.5

POST
H2 200 services Show response
sumome.com/ 124 B
655 B 141ms
139ms Fetch
application/json 34.211.221.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/services

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/19.8ce2f449e0e5a6831968.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.211.221.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-221-163.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
access-control-allow-credentials: true
access-control-allow-origin: https://www.magnetforensics.com
content-length: 124
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 4ms
3ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169581808443017&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431875&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=GET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=26, mss=1232, tbw=8269, tp=20, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 112ms
111ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=169581808443017&ev=PageView&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&rl=&if=false&ts=1729769431875&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=empty&cdl=API_unavailable&it=1729769430269&coo=false&rqm=FGET

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303137781227089"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PQQIp5CK36JontR3eXaHHdAHNTt3YZvmP19DnNp1Iw74751X5UjgPQzxG1WWIxNVwp/OQNGu2pKpBxjHwDBnzA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303137781227089", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=26, mss=1232, tbw=8477, tp=23, tpl=0, uplat=108, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 cc.js Show response
consent.cookiebot.com/fe34b718-95dc-4dcb-a860-f4b15ee8ad8b/ Frame CBB8 378 B
0 255ms
255ms Script
application/x-javascript 2600:140b:1c00:e::17cb:851d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/fe34b718-95dc-4dcb-a860-f4b15ee8ad8b/cc.js?renew=false&referer=go.magnetforensics.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:851d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 40e58144d417a26c33d6c709d4cd88c505f72c0a719c6e126d2c81a4a95764b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: private, max-age=60
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length: 365
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 cc.js Show response
consent.cookiebot.com/fe34b718-95dc-4dcb-a860-f4b15ee8ad8b/ Frame 92F4 378 B
602 B 256ms
251ms Script
application/x-javascript 2600:140b:1c00:e::17cb:851d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/fe34b718-95dc-4dcb-a860-f4b15ee8ad8b/cc.js?renew=false&referer=go.magnetforensics.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:e::17cb:851d Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 40e58144d417a26c33d6c709d4cd88c505f72c0a719c6e126d2c81a4a95764b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: private, max-age=60
access-control-expose-headers: Request-Context
content-encoding: gzip
cross-origin-resource-policy: cross-origin
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length: 365
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding

GET
H/1.1 200
OK 0082edd17f2d0d98452b4b1425ac168d14 Show response
wave.outbrain.com/mtWavesBundler/handler/ Frame CBB8 2 B
0 6ms
6ms Script
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/0082edd17f2d0d98452b4b1425ac168d14
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=60
ob-sent-time: 1729725492949
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expires: Thu, 24 Oct 2024 11:31:30 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 22
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 5d6adf71b9219947a13ac1b256b95e9b

GET
H/1.1 200
OK 000600b536bebf09a538048063bd2be44a Show response
wave.outbrain.com/mtWavesBundler/handler/ Frame CBB8 2 B
0 40ms
40ms Script
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/000600b536bebf09a538048063bd2be44a
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=60
ob-sent-time: 1729736117113
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expires: Thu, 24 Oct 2024 11:31:31 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 22
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:31 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: cb9e489663282975ba7a37a812f6cc5

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ Frame CBB8 26 B
0 1ms
1ms Fetch
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=1200
Observe-Browsing-Topics: ?1
Expires: Thu, 24 Oct 2024 11:50:30 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 26
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ Frame CBB8 53 B
321 B 101ms
100ms Fetch
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=true&bust=08430709432963974&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&cht=cb&marketerId=0082edd17f2d0d98452b4b1425ac168d14%2C000600b536bebf09a538048063bd2be44a&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&g=1&zone=all&obApiVersion=1.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/gif;
x-traceid: bc41fa5a03bcaca90c8bfdd0668589be

GET
H/1.1 200
OK log
tr.outbrain.com/ Frame CBB8 53 B
321 B 372ms
99ms Image
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.outbrain.com/log?apiObjVersion=1.0-gtm&obtpVersion=2.0.5&msg=%7B%22error%22%3A%22LOAD%22%2C%20%22apiObjVersion%22%3A%201.0-gtm%2C%20%22marketerID%22%3A%200082edd17f2d0d98452b4b1425ac168d14%2C000600b536bebf09a538048063bd2be44a%2C%20%22referrer%22%3A%20https%3A%2F%2Fwww.magnetforensics.com%2F%2C%20%22extra%22%3A%20%7B%22name%22%3A%22TypeError%22%2C%22line%22%3A%22undefined%22%2C%22script%22%3A%22undefined%22%2C%22stack%22%3A%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27appendChild%27)%0A%20%20%20%20at%20e%20(https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A26159)%0A%20%20%20%20at%20e.getCachedClickId%20(https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A26284)%0A%20%20%20%20at%2081%20(https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A5150)%0A%20%20%20%20at%20n%20(https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A30493)%0A%20%20%20%20at%20https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A30533%0A%20%20%20%20at%20https%3A%2F%2Famplify.outbrain.com%2Fcp%2Fobtp.js%3A1%3A30539%22%2C%22message%22%3A%22Cannot%20read%20properties%20of%20null%20(reading%20%27appendChild%27)%22%7D%7D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/gif;
x-traceid: 077a158bfcc411ab72f8e17a7c8dc00f

GET
H/1.1 200
OK 0082edd17f2d0d98452b4b1425ac168d14 Show response
wave.outbrain.com/mtWavesBundler/handler/ Frame 92F4 2 B
0 4ms
4ms Script
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/0082edd17f2d0d98452b4b1425ac168d14
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=60
ob-sent-time: 1729725492949
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expires: Thu, 24 Oct 2024 11:31:30 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 22
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 5d6adf71b9219947a13ac1b256b95e9b

GET
H/1.1 200
OK 000600b536bebf09a538048063bd2be44a Show response
wave.outbrain.com/mtWavesBundler/handler/ Frame 92F4 2 B
515 B 42ms
41ms Script
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/000600b536bebf09a538048063bd2be44a

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-225-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1729736117113
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection: keep-alive
Expires: Thu, 24 Oct 2024 11:31:31 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 22
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:31 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: cb9e489663282975ba7a37a812f6cc5

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ Frame 92F4 26 B
0 1ms
1ms Fetch
text/html 23.32.225.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.225.140 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-225-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

Cache-Control: max-age=1200
Observe-Browsing-Topics: ?1
Expires: Thu, 24 Oct 2024 11:50:30 GMT
Access-Control-Allow-Origin: *
X-CC: JP
Content-Length: 26
X-RG: AS
Date: Thu, 24 Oct 2024 11:30:30 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ Frame 92F4 53 B
321 B 103ms
102ms Fetch
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=true&bust=06381526371766664&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&cht=cb&marketerId=0082edd17f2d0d98452b4b1425ac168d14%2C000600b536bebf09a538048063bd2be44a&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&g=1&zone=all&obApiVersion=1.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: image/gif;
x-traceid: 7ef9ea723474bc924ffa175f7ecc59cf

GET
H/1.1 200
OK log
tr.outbrain.com/ Frame 92F4 53 B
321 B 274ms
103ms Image
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/gif;
x-traceid: b0bd23f919f0567c52a82a7cd26d563b

GET
H2 200 136011466.js Show response
bat.bing.com/p/action/ Frame CBB8 370 B
0 5ms
5ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/136011466.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1985BE1C46854B30B0C5BF35CF364822 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:30Z
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 136011466.js Show response
bat.bing.com/p/action/ Frame 92F4 370 B
0 9ms
9ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/136011466.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1985BE1C46854B30B0C5BF35CF364822 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:30Z
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ Frame CBB8 2 B
591 B 169ms
162ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3041369&time=1729769431936&url=https%3A%2F%2Fwww.magnetforensics.com%2F&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://go.magnetforensics.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 000625375489cc277bbd1ef50160090a
x-msedge-ref: Ref A: ECECC49D76F443FE9954AE93045446DC Ref B: TYAEDGE0716 Ref C: 2024-10-24T11:30:31Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlN1SJzCd7vR71AWAJCg==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/ Frame CBB8
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431936&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431936&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy...

0
367 B

192ms
192ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431936&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&tm=gtmv2&e_ipv6=AQLr_jjNwLFiSQAAAZK-SuP1eKew30uo8eS25M-cHa3RGxY0MQiQeUznY0hYFyPV_46zSQ
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0AE3EE39A984474AA07E8B43C4FA5C2E Ref B: TYO01EDGE1721 Ref C: 2024-10-24T11:30:32Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlN1SNQIhzkA895+oGYg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431936&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&tm=gtmv2&e_ipv6=AQLr_jjNwLFiSQAAAZK-SuP1eKew30uo8eS25M-cHa3RGxY0MQiQeUznY0hYFyPV_46zSQ
x-msedge-ref: Ref A: 0D5C4754B16F4B4E9203305CA666F68B Ref B: TYBEDGE0619 Ref C: 2024-10-24T11:30:31Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlN1SKDoSlepWePQfPSQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ Frame 92F4 2 B
522 B 191ms
185ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3041369&time=1729769431937&url=https%3A%2F%2Fwww.magnetforensics.com%2F&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://go.magnetforensics.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 00062537548979007e0f462e537679ff
x-msedge-ref: Ref A: 521E436EF503474DBD64774DF1CC9F01 Ref B: TYAEDGE0716 Ref C: 2024-10-24T11:30:31Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYlN1SJeQB+D0YuU3Z5/w==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
x-li-source-fabric: prod-lor1
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 92F4
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431937&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431937&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6...

0
146 B

221ms
221ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431937&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&tm=gtmv2&e_ipv6=AQKHaEBZHJS6-QAAAZK-SuPj3UHHG60I6z_R9gE1w2_SWOXPZreNfvcvR5ibSo9mBXbGDg
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A90D594C3E024E34BF5BC283CE370355 Ref B: TYO01EDGE1721 Ref C: 2024-10-24T11:30:32Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlN1SM+uA65xM2Rhog7w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3041369&time=1729769431937&li_adsId=a8730439-a7e8-48bd-9eba-c6414be251ad&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&tm=gtmv2&e_ipv6=AQKHaEBZHJS6-QAAAZK-SuPj3UHHG60I6z_R9gE1w2_SWOXPZreNfvcvR5ibSo9mBXbGDg
x-msedge-ref: Ref A: A44266CD8E73460CB13C2B1D6AF71B7C Ref B: TYBEDGE0619 Ref C: 2024-10-24T11:30:31Z
x-li-fabric: prod-lva1
x-li-uuid: AAYlN1SKDWVlKiwtLkZDVw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame CBB8 228 KB
0 4ms
4ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-kJnuVsRe' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-kJnuVsRe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6O05SXCc0Mt1jw7SnWCQbFp+YaJgR0xi7BGTKIXTiPCS9cMZSWlKM+Y71qKQCoztgOSH6w+qVVpj7FuE0SvQlQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ Frame CBB8 53 B
321 B 160ms
103ms Fetch
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=true&bust=03533461311724748&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&cht=cb&marketerId=0082edd17f2d0d98452b4b1425ac168d14%2C000600b536bebf09a538048063bd2be44a&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&g=1&zone=all&obApiVersion=1.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/gif;
x-traceid: f60505078b3c0d2d099cade3036f1a0c

GET
H3 200 60f86f99350740001b170896 Show response
ws.zoominfo.com/pixel/ Frame CBB8 3 KB
2 KB 327ms
323ms Script
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60f86f99350740001b170896

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3227bce8081701ff711c3268042d5fc4e3343d0bed226c1507cfd9a459e110ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d79a2a5ada82669-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
server: cloudflare
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url

GET
H2 200 nfebtmd8e2uh.js Show response
js.driftt.com/include/1729769700000/ Frame CBB8 221 KB
611 B 502ms
495ms Script
application/javascript 13.249.160.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-126.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e96abb18e70acf14065e3bacb0dbd6942579a85d3d69d9d7551bea9c627ca3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
x-amz-version-id: px8T70IzhuJ6oS1M7izBjK7Y8.9uRoPx
etag: W/"182931eb99afb01276b448d2f7bd627d"
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: Rbj6uQxZNZVc1fmrNKxt4MAf_kkozhJ3TsqNPgDiBlGEF2B-McwC7A==
date: Thu, 24 Oct 2024 11:30:32 GMT
last-modified: Fri, 11 Oct 2024 18:47:07 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
x-envoy-upstream-service-time: 24
access-control-allow-credentials: true
via: 1.1 b5d3de3f3a74cdfebe8eaeabf94d530c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: NRT12-C3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ Frame CBB8 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88af1c544f63bc3dd6ca2260336f6733f71056bda979e898dc324e75407616f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CBB8 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbfba2d97f5a567198f34e3f996b9adbba2b8a9570794c368abd7a5adcfe9d48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Graphik-Regular-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ Frame CBB8 36 KB
0 3ms
3ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Regular-Web.woff2
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c23572c09b94a5896dc046f9f4c5852bcba9465cd9d4ddbfa16cc4a04c6b895c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.magnetforensics.com
Referer: https://go.magnetforensics.com/

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
etag: "6718e776-8e8d"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 12:09:26 GMT
x-cache-hits: 76, 1
x-served-by: cache-yyz4577-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470758,VS0,VE9
x-styx-req-id: 1b2b1dd2-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36493
server: nginx

GET
H2 200 Graphik-Medium-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ Frame CBB8 35 KB
0 3ms
3ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Medium-Web.woff2
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e5b99158c017df5aa0df9c3dc6b1a14d935a46509ec9b6ae38b0bf9ca572c7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.magnetforensics.com
Referer: https://go.magnetforensics.com/

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
etag: "6718a23f-8b61"
age: 62820
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-cache-hits: 78, 1
x-served-by: cache-yyz4561-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470724,VS0,VE11
x-styx-req-id: 1b2c8886-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35681
server: nginx

GET
H2 200 Graphik-RegularItalic-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ Frame CBB8 38 KB
38 KB 22ms
10ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-RegularItalic-Web.woff2
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d999cbd5c65b5085ce2e477916bfad73c9824f584baf1071f086721514b09ed4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.magnetforensics.com
Referer: https://go.magnetforensics.com/

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-vqs77
etag: "67191275-96dd"
age: 62733
expires: Fri, 24 Oct 2025 18:04:59 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 15:12:53 GMT
x-cache-hits: 10, 0
x-served-by: cache-yyz4530-YYZ, cache-nrt-rjtf7700102-NRT
cache-control: max-age=31622400
x-timer: S1729769432.967335,VS0,VE8
x-styx-req-id: 512ef518-9169-11ef-819d-e69b00d9796a
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38621
server: nginx

GET
DATA 200
OK truncated
/ Frame 92F4 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbfba2d97f5a567198f34e3f996b9adbba2b8a9570794c368abd7a5adcfe9d48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Graphik-Regular-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ Frame 92F4 36 KB
0 0ms
0ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Regular-Web.woff2
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c23572c09b94a5896dc046f9f4c5852bcba9465cd9d4ddbfa16cc4a04c6b895c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.magnetforensics.com
Referer: https://go.magnetforensics.com/

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-h-5f5ff6dfdb-k2w5p
etag: "6718e776-8e8d"
age: 62821
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 12:09:26 GMT
x-cache-hits: 76, 1
x-served-by: cache-yyz4577-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470758,VS0,VE9
x-styx-req-id: 1b2b1dd2-9169-11ef-acb2-4a7564a22749
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36493
server: nginx

GET
H2 200 Graphik-Medium-Web.woff2
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/ Frame 92F4 35 KB
0 1ms
0ms Font
font/woff2 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/resources/assets/fonts/graphik/Graphik-Medium-Web.woff2
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e5b99158c017df5aa0df9c3dc6b1a14d935a46509ec9b6ae38b0bf9ca572c7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://go.magnetforensics.com
Referer: https://go.magnetforensics.com/

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
etag: "6718a23f-8b61"
age: 62820
expires: Fri, 24 Oct 2025 18:03:28 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:29 GMT
content-type: font/woff2
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-cache-hits: 78, 1
x-served-by: cache-yyz4561-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769429.470724,VS0,VE11
x-styx-req-id: 1b2c8886-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35681
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 92F4 228 KB
0 0ms
0ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-kJnuVsRe' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-kJnuVsRe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6O05SXCc0Mt1jw7SnWCQbFp+YaJgR0xi7BGTKIXTiPCS9cMZSWlKM+Y71qKQCoztgOSH6w+qVVpj7FuE0SvQlQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59508
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 adsct
t.co/1/i/ Frame 92F4 43 B
189 B 111ms
110ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0574150a-8b61-49d2-9662-7ba54c839646&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=33d1fb7d-b3bf-4811-8d5b-28a7bab67bba&tw_document_href=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&tw_document_referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&tw_iframe_status=1&txn_id=o65as&type=javascript&version=2.3.30

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 72543337e54c02fc
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 276a315f782a8e047a46599d76939f8e32d78edcbf3433b2fcdec2024cc17dfe
cf-cache-status: DYNAMIC
cf-ray: 8d79a2a5bc3834a5-NRT
x-response-time: 94
content-length: 43
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_m

GET
H2 200 adsct
analytics.twitter.com/1/i/ Frame 92F4 43 B
117 B 101ms
101ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=0574150a-8b61-49d2-9662-7ba54c839646&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=33d1fb7d-b3bf-4811-8d5b-28a7bab67bba&tw_document_href=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&tw_document_referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&tw_iframe_status=1&txn_id=o65as&type=javascript&version=2.3.30

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 482a25dfc5d7eaaf
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 78ba241f8690d27a33f674bde12e0c1660d331a9a174532ff86cf97ba1232a64
x-response-time: 95
content-length: 43
date: Thu, 24 Oct 2024 11:30:31 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_m

GET
H2 200 adsct
t.co/1/i/ Frame CBB8 43 B
161 B 110ms
110ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2bf9f2ce-41a2-4a81-9ca0-003f4006fdd7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=13939aaa-375b-41f7-ae87-03d24bda4da4&tw_document_href=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&tw_document_referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&tw_iframe_status=1&txn_id=o65as&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: de4019f691456967
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 713723e04d6c74758ae51203bf634c0eded4f66095d7923e62e946b4040e8511
cf-cache-status: DYNAMIC
cf-ray: 8d79a2a5cc4034a5-NRT
x-response-time: 95
content-length: 43
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_m

GET
H2 200 adsct
analytics.twitter.com/1/i/ Frame CBB8 43 B
89 B 101ms
101ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=2bf9f2ce-41a2-4a81-9ca0-003f4006fdd7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=13939aaa-375b-41f7-ae87-03d24bda4da4&tw_document_href=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&tw_document_referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&tw_iframe_status=1&txn_id=o65as&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 0fc8fad335bcc10c
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 78ba241f8690d27a33f674bde12e0c1660d331a9a174532ff86cf97ba1232a64
x-response-time: 96
content-length: 43
date: Thu, 24 Oct 2024 11:30:31 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_m

GET
H2 200 / Show response
d3327e487add4206b7e609d4710cb454.js.ubembed.com/ Frame 92F4 425 B
394 B 21ms
20ms Script
application/javascript 172.64.148.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d3327e487add4206b7e609d4710cb454.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.75 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f01785d8b060b787e8eb0cdbbbe5b938123c1d42fcbde96d932a2995497132

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: max-age=0, must-revalidate
content-encoding: br
cf-cache-status: HIT
etag: W/"54a1f2f734d4ac3b92f8e1e23aaf18c557b0b24b"
age: 4796
cf-ray: 8d79a2a5dbad80ea-NRT
access-control-allow-origin: *
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/javascript
vary: Accept-Encoding, Referer
server: cloudflare

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ Frame 92F4 53 B
321 B 123ms
101ms Fetch
image/gif 52.250.45.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=true&bust=018270842823504707&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F&cht=cb&marketerId=0082edd17f2d0d98452b4b1425ac168d14%2C000600b536bebf09a538048063bd2be44a&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&g=1&zone=all&obApiVersion=1.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.250.45.119 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/gif;
x-traceid: a440abd26c2cdff6363c64ba678e5fa5

GET
H3 200 60f86f99350740001b170896 Show response
ws.zoominfo.com/pixel/ Frame 92F4 3 KB
2 KB 604ms
317ms Script
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/60f86f99350740001b170896

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

efca75353ee4caff9f7cd855571361bde581fac3a82182469705f52140319c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d79a2a7a8a32669-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
server: cloudflare
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url

GET
H2 200 nfebtmd8e2uh.js Show response
js.driftt.com/include/1729769700000/ Frame 92F4 221 KB
611 B 645ms
181ms Script
application/javascript 13.249.160.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Requested by

Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-126.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e96abb18e70acf14065e3bacb0dbd6942579a85d3d69d9d7551bea9c627ca3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
x-amz-version-id: px8T70IzhuJ6oS1M7izBjK7Y8.9uRoPx
etag: W/"182931eb99afb01276b448d2f7bd627d"
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: pWluCmbmbqA9b1gArs_47GZ0uKQsMNSA9DJniIGD9CbMx149rqnxDw==
date: Thu, 24 Oct 2024 11:30:32 GMT
last-modified: Fri, 11 Oct 2024 18:47:07 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
x-envoy-upstream-service-time: 22
access-control-allow-credentials: true
via: 1.1 b5d3de3f3a74cdfebe8eaeabf94d530c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: NRT12-C3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
d3327e487add4206b7e609d4710cb454.js.ubembed.com/ Frame CBB8 425 B
63 B 29ms
19ms Script
application/javascript 172.64.148.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d3327e487add4206b7e609d4710cb454.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.75 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f01785d8b060b787e8eb0cdbbbe5b938123c1d42fcbde96d932a2995497132

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: max-age=0, must-revalidate
content-encoding: br
cf-cache-status: HIT
etag: W/"54a1f2f734d4ac3b92f8e1e23aaf18c557b0b24b"
age: 4797
cf-ray: 8d79a2a60bdf80ea-NRT
access-control-allow-origin: *
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: application/javascript
vary: Accept-Encoding, Referer
server: cloudflare

GET
H2 200 modules.7d35ebb92a246d9f66a6.js Show response
script.hotjar.com/ Frame 92F4 222 KB
0 0ms
0ms Script
application/javascript 3.165.39.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d35ebb92a246d9f66a6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1019106.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.39.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-39-67.nrt12.r.cloudfront.net

Software

Resource Hash

e2904f976f723cd812b4e1c802967d11c9f6f5d6c97700e5b9386a16bd4ce5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "3740453cbe6e211a68ee29e8f16500a1"
age: 83182
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KDy7nj-zOF3QBiEvrz1pxAEeZgpk4HnUVjfLhu8yK4VYTQXd-CUw2g==
date: Wed, 23 Oct 2024 12:24:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 12:23:34 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 5dab58be61ab1ecdb108785fdb49e208.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56199
x-amz-cf-pop: NRT12-P5

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 55D1 0
0 0ms
0ms Document
text/html 2600:140b:1c00:5a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:5a4::f09 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=30061769
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:30 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 07 Oct 2025 09:59:59 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1729769430225_399782824_142953727_28_969_1_5_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 116 B
315 B 172ms
172ms XHR
text/plain 54.146.148.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=axzk2E1L8nROzTu9lzNIpg&is_js=true&landing_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&t=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&tip=YhvTMX_1eQux-lwMHwrSSZsTXQimZJF1jb_lJ63kdJ8&host=https%3A%2F%2Fwww.magnetforensics.com&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIOdWmGPJKUbrDIEcefFf7PbeTquDzaWW-VfAD3CXXKEKENYBGAQg1t_ouAYwAToEQiu0oEIE4oT3Lg.PvUQPLZ3L8vLQ71MCOFw%252FXSu6sK2%252BvXloeKG2N%252Bxoks&sa-user-id-v2=s%253A4hzVU_ONUAdQMVAmMltUSpJGye8.WN9402MaX2ReiihdUnuV2dmGY4KgtKlZOnMx7emb0tw&sa-user-id=s%253A0-e21cd553-f38d-5007-5031-5026325b544a.xokXnNTNIvzmANM265uBRdc8IISb2xpeBydR44aUZpw
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.148.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-148-156.compute-1.amazonaws.com
Software: /
Resource Hash: 89f6647ccfb74cf666b86a370bd5d763463b84e5941d90b7fb2d36ac373206e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://www.magnetforensics.com
content-length: 116
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame B61B 0
0 1ms
1ms Document
text/html 2600:140b:1c00:5a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:5a4::f09 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=30061769
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:30 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 07 Oct 2025 09:59:59 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1729769430225_399782824_142953727_28_969_1_5_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 modules.7d35ebb92a246d9f66a6.js Show response
script.hotjar.com/ Frame CBB8 222 KB
0 0ms
0ms Script
application/javascript 3.165.39.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d35ebb92a246d9f66a6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1019106.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.39.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-39-67.nrt12.r.cloudfront.net

Software

Resource Hash

e2904f976f723cd812b4e1c802967d11c9f6f5d6c97700e5b9386a16bd4ce5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "3740453cbe6e211a68ee29e8f16500a1"
age: 83182
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KDy7nj-zOF3QBiEvrz1pxAEeZgpk4HnUVjfLhu8yK4VYTQXd-CUw2g==
date: Wed, 23 Oct 2024 12:24:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 23 Oct 2024 12:23:34 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 5dab58be61ab1ecdb108785fdb49e208.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56199
x-amz-cf-pop: NRT12-P5

GET
H2 204 0
bat.bing.com/action/ Frame CBB8 0
238 B 24ms
24ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136011466&tm=gtm002&Ver=2&mid=d87e50ef-4126-4b4a-9ffb-5ef78c6cd601&bo=1&sid=6068a71091fb11ef91ab375f10d9100b&vid=6068dd7091fb11ef80d02fb99d18d603&vids=0&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.magnetforensics.com%2F&r=&lt=1968&evt=pageLoad&ifm=1&sv=1&cdb=AQIR&rn=851137

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F0F0FB5D5C0D40B7BF7DF711D317FDE2 Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:32Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:31 GMT

GET
H2 204 0
bat.bing.com/action/ Frame 92F4 0
238 B 23ms
23ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136011466&tm=gtm002&Ver=2&mid=1653f66a-6e7c-48ba-9950-3e9827c16ccd&bo=1&sid=6068a71091fb11ef91ab375f10d9100b&vid=6068dd7091fb11ef80d02fb99d18d603&vids=0&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.magnetforensics.com%2F&r=&lt=1902&evt=pageLoad&ifm=1&sv=1&cdb=AQIR&rn=512780

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 746B3087B95B4C0199B9E4EBE5D7D39B Ref B: TYO201100114045 Ref C: 2024-10-24T11:30:32Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 24 Oct 2024 11:30:31 GMT

GET
H3 200 592017098361447 Show response
connect.facebook.net/signals/config/ Frame CBB8 78 KB
15 KB 143ms
142ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

23413d5d8960d38018cbaaa1162314a6e118452768c84ff30ac2bdabb3af82aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=98, mss=1232, tbw=96871, tp=105, tpl=0, uplat=139, ullat=0
pragma: public
x-fb-debug: Xvedj8Dht0y+pLUSO8HZQ5ugOXkOVxLTnaNAW3RBHIkq1cwMfPlT++SvfLHZUr0f5DdnIblfeBQKemTuyGn+ow==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 978327179195886 Show response
connect.facebook.net/signals/config/ Frame 92F4 76 KB
0 0ms
0ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

a0cd44d7f616d20b0958cc0b11958dc46aa4442817bd54231713014802264247

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-TD9kYaFE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-TD9kYaFE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=75, mss=1232, tbw=68057, tp=66, tpl=0, uplat=146, ullat=0
pragma: public
x-fb-debug: uYzsX5dESs3/7zpNyMPDTXuE+xR9PXCGJQOHG7aaKV2ABvyvno1rvXr60c4rMB5pO6doVgpY7cvPA1W3m1mD2A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.183.0/ Frame 92F4 183 KB
0 0ms
0ms Script
application/javascript 3.166.244.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by: Host: d3327e487add4206b7e609d4710cb454.js.ubembed.com
URL: https://d3327e487add4206b7e609d4710cb454.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.166.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-166-244-96.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"ce1f9daa5bfa548f0417f378eb40974e"
age: 6009187
via: 1.1 4129c88b7db23a46f14bad4f49e2e962.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Fi66QaqEGsGlsT56C0g5GYsW9WybIxrm7yns1Z06_KAqUavSOdEcqg==
date: Thu, 15 Aug 2024 22:17:24 GMT
content-type: application/javascript
last-modified: Fri, 24 May 2024 17:48:37 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P6
x-amz-server-side-encryption: AES256

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.183.0/ Frame CBB8 183 KB
0 0ms
0ms Script
application/javascript 3.166.244.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.183.0/bundle.js
Requested by: Host: d3327e487add4206b7e609d4710cb454.js.ubembed.com
URL: https://d3327e487add4206b7e609d4710cb454.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.166.244.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-166-244-96.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=31536000
content-encoding: gzip
etag: W/"ce1f9daa5bfa548f0417f378eb40974e"
age: 6009187
via: 1.1 4129c88b7db23a46f14bad4f49e2e962.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Fi66QaqEGsGlsT56C0g5GYsW9WybIxrm7yns1Z06_KAqUavSOdEcqg==
date: Thu, 15 Aug 2024 22:17:24 GMT
content-type: application/javascript
last-modified: Fri, 24 May 2024 17:48:37 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P6
x-amz-server-side-encryption: AES256

GET
H3 200 524101908201833 Show response
connect.facebook.net/signals/config/ Frame 92F4 25 KB
0 1ms
0ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

30084481f752ea61aaafd9a3e0984e3d166057804bc6d35949147e85e3a645bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EL9fpWcE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EL9fpWcE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=88, mss=1232, tbw=84375, tp=83, tpl=0, uplat=125, ullat=1
pragma: public
x-fb-debug: R3mW2JeTxwotA0DPX4LLiLr1luiH9rCmEk3BGwBlK7VOVNP9q9F0AqcqRujbizmRj+RkPkx+aryoA3urNlZZxA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ Frame 92F4 0
16 B 4ms
2ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=978327179195886&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432163&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=GET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=9581, tp=28, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 92F4 67 B
192 B 117ms
116ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=978327179195886&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432163&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=FGET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303140818532415"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: fDbrBEPq/ktNsBYmfmrGH4TbMKvWdWcAjMB38kremMnsw7Nchhp3HIfdaxQ5JABfHJalIZGmdWpIbTYsOWfDxA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303140818532415", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=28, mss=1232, tbw=10685, tp=43, tpl=0, uplat=112, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 1.8ce2f449e0e5a6831968.js Show response
load.sumome.com/ 94 KB
34 KB 5ms
4ms Script
application/javascript 2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/1.8ce2f449e0e5a6831968.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: 21caa26c33fb920310d8d816e8ba173ff6a7153561d5b12496f12271fe659ddd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "fd781cefb818976a5a9956e71b243174"
date: Thu, 24 Oct 2024 11:30:32 GMT
last-modified: Tue, 22 Oct 2024 21:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: E6CbFgDUkCKNNNk9QfU6OP/HVKINK0T8R7Ja9ht+SRzD00Y5vicksYZqj8uWs28qX0eKZeYmN24=
cdn-cachedat: 10/22/2024 21:09:28
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: c53e45f6d8884a651abae46f9e3f1979
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: V570QG2Z0G0KQ4WS
cdn-edgestorageid: 1188
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
H2 200 4.8ce2f449e0e5a6831968.js Show response
load.sumome.com/ 443 KB
109 KB 4ms
3ms Script
application/javascript 2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/4.8ce2f449e0e5a6831968.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: a785e63bf025fd479a520e92e25d4c0eb58c723d6d381afa674f2be6c1f2d86a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "a155bef1d8cdd6ac0007a4f92f1a55ca"
date: Thu, 24 Oct 2024 11:30:32 GMT
last-modified: Tue, 22 Oct 2024 21:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: iSA85PU8iQWqGVKTprSMGfDmdTLEY4eYn6vs1We1jmWT3Hyux6BN0IOzmyzwteeKrjY7ztTx5TU=
cdn-cachedat: 10/22/2024 21:09:28
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: e162ae42d1417af9bee055d3a2523808
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: V57C9JEQ4YRR7M5Z
cdn-edgestorageid: 1062
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
H2 200 7.8ce2f449e0e5a6831968.js Show response
load.sumome.com/ 439 KB
116 KB 4ms
3ms Script
application/javascript 2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/7.8ce2f449e0e5a6831968.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: d7ad7e23c0da0e9d49b2a166fd37edb30e1691313d4bd1d1a1b1cf52b8174081

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "100a23a0fc15cd57590da38b2872bd65"
date: Thu, 24 Oct 2024 11:30:32 GMT
last-modified: Tue, 22 Oct 2024 21:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: b+Wz61t2+Tbs/DxzisG76J0mqEu2oEOEGLpi5rMElkV2Nmhx4idcvoGpqQ3QUZ/JAyMJ/pDaNlA=
cdn-cachedat: 10/22/2024 21:09:28
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: e33504d60ec016da895634d49eeb9382
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: V577J14FMF3T8PDA
cdn-edgestorageid: 1189
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
H3 200 592017098361447 Show response
connect.facebook.net/signals/config/ Frame 92F4 30 KB
0 1ms
1ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d84658f533098c4de66a48fba5bf3aa9e2b0affc875b7081022813a1b664ed63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=91, mss=1232, tbw=88425, tp=92, tpl=0, uplat=140, ullat=0
pragma: public
x-fb-debug: wjgxZzcnsGt8f+zaGo/DfLz6mqWZwFo/wYMoc8Id99Mi5D/YNbyZc5kmC+lzVWc3uO6uY2GsZcpEHTgOHJgijg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ Frame 92F4 0
16 B 4ms
3ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524101908201833&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432176&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=GET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=9869, tp=32, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 92F4 67 B
192 B 108ms
107ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=524101908201833&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432176&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=FGET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303142155809751"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: t01OYrFm+CAF/2aT9r6T/AoclWM5ADL4Kq6K+uvcpaxL932g8BQcR16v9C8CCXrq+40/Q9PpjR7RHNYJApsyRQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303142155809751", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=28, mss=1232, tbw=11565, tp=44, tpl=0, uplat=104, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 169581808443017 Show response
connect.facebook.net/signals/config/ Frame 92F4 29 KB
0 1ms
0ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b7eb51e42368330fcb9068cd7dd3e5d5cff32deeb66d6628653e6c69363676ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=95, mss=1232, tbw=92967, tp=99, tpl=0, uplat=128, ullat=0
pragma: public
x-fb-debug: qs9Hb+y2GRdqtiuuhLY4LC6XZlaBIh04eW4ftzMoU+RwoeDY7EW6ABzjgWy3vttDb+XfMdULpfwm62ozo/RSbw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ Frame 92F4 0
16 B 3ms
2ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592017098361447&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432182&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=GET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=10157, tp=36, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 92F4 67 B
192 B 108ms
108ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=592017098361447&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432182&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=FGET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303140882746332"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: t5D7t6Dg27tpoX3Rdf25+jkiVyCbkzAqm1oWAoH9Q4kzLwRA1hvnjcCKLOsqpFPHSiZEf2IcAcvw6+miuYwkBg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303140882746332", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=12445, tp=45, tpl=0, uplat=104, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ Frame 92F4 0
16 B 4ms
3ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169581808443017&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432186&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=GET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=28, mss=1232, tbw=10445, tp=40, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 92F4 67 B
192 B 111ms
110ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=169581808443017&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432186&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432114&coo=false&rqm=FGET

Requested by

Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303140963802500"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Q3uFj7NUMa9nGtv02IHLynILV/JBDobf/TpYsARiQ+4tgMEFkOfWQMROJsWuIJaqd6ckdquNfnBRuu1DykVaJQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303140963802500", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=13325, tp=46, tpl=0, uplat=108, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 0.8ce2f449e0e5a6831968.js Show response
load.sumome.com/ 1 MB
61 KB 3ms
2ms Script
application/javascript 2400:52e0:1501::1097:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/0.8ce2f449e0e5a6831968.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1097:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1097 /
Resource Hash: 5a15299baa3aadd5d0989470279e7be9b6431ffa77068783ff2a169f41edf245

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "dacf2d17a63449076dfbf472fab65cdc"
date: Thu, 24 Oct 2024 11:30:32 GMT
last-modified: Tue, 22 Oct 2024 21:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
x-amz-id-2: LKf8N1cUgmwpt2OOt9zmPvI27qib0Nl10sE2duDpiFnmyvPJtwyJEdV3bVNHzVPLqw+RkevhZ8Y=
cdn-cachedat: 10/22/2024 21:09:29
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 9c82050d-8a2a-487e-850e-e2fa1f9b77c3
cdn-requestid: fa96b32aebdc8220a96b390026bba736
cdn-pullzone: 1686293
cdn-proxyver: 1.04
x-amz-request-id: 6EV81YEQWZMWD4JK
cdn-edgestorageid: 1063
server: BunnyCDN-JP1-1097
cdn-requestcountrycode: JP

GET
H3 200 169581808443017 Show response
connect.facebook.net/signals/config/ Frame CBB8 29 KB
0 1ms
0ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b7eb51e42368330fcb9068cd7dd3e5d5cff32deeb66d6628653e6c69363676ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=95, mss=1232, tbw=92967, tp=99, tpl=0, uplat=128, ullat=0
pragma: public
x-fb-debug: qs9Hb+y2GRdqtiuuhLY4LC6XZlaBIh04eW4ftzMoU+RwoeDY7EW6ABzjgWy3vttDb+XfMdULpfwm62ozo/RSbw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ Frame CBB8 0
16 B 4ms
4ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=592017098361447&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432297&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=31, mss=1232, tbw=14301, tp=49, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame CBB8 67 B
193 B 107ms
107ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=592017098361447&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432297&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303141148920404"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: +ID1Us/LxSETP7tPLGTNSAAPANkRYmEUZKsPEtNgpxZvYNh9xFdLjJWfVm8rN5y8GLelhtmY4qrGWsf4uGWhlg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303141148920404", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=31, mss=1232, tbw=14829, tp=56, tpl=0, uplat=103, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 978327179195886 Show response
connect.facebook.net/signals/config/ Frame CBB8 28 KB
3 KB 136ms
135ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1fecb0f4485d21a3aed40485ee694f6ca38f6021a72d1c189174d03aab872f9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=111, mss=1232, tbw=113175, tp=122, tpl=0, uplat=132, ullat=0
pragma: public
x-fb-debug: wNDJ7OoQbJx2rZW2Pfa8D0pZmFVtZ34OjOcG1qyFlh2tlCiWAWEUA6VfvBG4O7L6lwZUTLMG0OmLNhjHh/TgEw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ Frame CBB8 0
16 B 5ms
4ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169581808443017&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432301&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=31, mss=1232, tbw=14589, tp=53, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame CBB8 67 B
190 B 111ms
110ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=169581808443017&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432301&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303140911483783"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: bO9VyhjO8iMs/RZegSmOF2//3BuZYeU01oo1S0TK2v6P6iuz0bh3aNyhp1ZytsGTTVEm1IwwPKQaI7coiML22Q==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303140911483783", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=31, mss=1232, tbw=15709, tp=57, tpl=0, uplat=106, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 features Show response
sumome.com/api/site/32051f000a0fd900d136b000097b7c000a3c10003da85800c06e5e008041b000/ 3 KB
2 KB 126ms
125ms XHR
application/json 34.211.221.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumome.com/api/site/32051f000a0fd900d136b000097b7c000a3c10003da85800c06e5e008041b000/features?site_id=32051f000a0fd900d136b000097b7c000a3c10003da85800c06e5e008041b000

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/2.8ce2f449e0e5a6831968.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.211.221.163 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-221-163.us-west-2.compute.amazonaws.com

Software

nginx/1.21.5 /

Resource Hash

52ae2bead6d942b75e5b9a72db391de07ee8532155744ce84681f67143d6e04c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.myshopify.com https://.shopify.com
X-Frame-Options	SAMEORIGIN

Request headers

X-Sumo-Auth: undefined
Referer: https://www.magnetforensics.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

x-robots-tag: noindex, nofollow
content-security-policy: frame-ancestors 'self' https://*.myshopify.com https://*.shopify.com
content-encoding: gzip
etag: "1340772550"
access-control-allow-credentials: true
access-control-allow-origin: https://www.magnetforensics.com
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: nginx/1.21.5
x-frame-options: SAMEORIGIN

OPTIONS
H2 204 features
sumome.com/api/site/32051f000a0fd900d136b000097b7c000a3c10003da85800c06e5e008041b000/ Frame 0
0 110ms
110ms Preflight 34.211.221.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumome.com/api/site/32051f000a0fd900d136b000097b7c000a3c10003da85800c06e5e008041b000/features?site_id=32051f000a0fd900d136b000097b7c000a3c10003da85800c06e5e008041b000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.211.221.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-221-163.us-west-2.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sumo-auth
Access-Control-Request-Method: GET
Origin: https://www.magnetforensics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: https://www.magnetforensics.com
access-control-max-age: 2592000
date: Thu, 24 Oct 2024 11:30:32 GMT
server: nginx/1.21.5

GET
H3 200 524101908201833 Show response
connect.facebook.net/signals/config/ Frame CBB8 25 KB
0 1ms
0ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

30084481f752ea61aaafd9a3e0984e3d166057804bc6d35949147e85e3a645bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EL9fpWcE' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EL9fpWcE' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=88, mss=1232, tbw=84375, tp=83, tpl=0, uplat=125, ullat=1
pragma: public
x-fb-debug: R3mW2JeTxwotA0DPX4LLiLr1luiH9rCmEk3BGwBlK7VOVNP9q9F0AqcqRujbizmRj+RkPkx+aryoA3urNlZZxA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ Frame CBB8 0
16 B 4ms
4ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=978327179195886&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432441&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=33, mss=1232, tbw=16733, tp=61, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame CBB8 67 B
192 B 111ms
111ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=978327179195886&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432441&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&cs_est=true&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303140195111039"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: U4dnME+2q3mwuV53DiGx0Yv2MC013S+ytm5ILaiWw9VJBqsbCdbOfXbZCMJdZzG65Qhg76+eN4Y3eg9Eahm12A==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303140195111039", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=33, mss=1232, tbw=18189, tp=70, tpl=0, uplat=105, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ Frame CBB8 0
16 B 3ms
2ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524101908201833&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432444&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=33, mss=1232, tbw=17021, tp=65, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame CBB8 67 B
193 B 108ms
107ms Image
image/png 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=524101908201833&ev=PageView&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&rl=https%3A%2F%2Fwww.magnetforensics.com%2F&if=true&ts=1729769432444&sw=1600&sh=1200&v=2.9.173&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1729769431365.465020282740907098&ler=other&cdl=API_unavailable&it=1729769432076&coo=false&rqm=FGET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429303141310095641"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 24 Oct 2024 11:30:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 0BWGd0w0LlS0cnemx5jlN9AzEyrFzlqEWwCLuT3P6jbBh5tQXFJirbm128u0BbRhVR28LSymTRh76HDyM5eboA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429303141310095641", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=33, mss=1232, tbw=17261, tp=68, tpl=0, uplat=103, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 core
js.driftt.com/ Frame 1092 0
0 182ms
178ms Document
text/html 13.249.160.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=nfebtmd8e2uh&eId=nfebtmd8e2uh&region=US&forceShow=false&skipCampaigns=false&sessionId=88fd630e-b807-4ad2-b931-b696e4d1cfb4&sessionStarted=1729769432.564&campaignRefreshToken=b2639ede-e9a0-4363-bd63-b6e9909dd42a&hideController=false&pageLoadStartTime=1729769430904&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-92.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:32 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5517f212e7a3d40e88d0074e711509ac.cloudfront.net (CloudFront)
x-amz-cf-id: vRTFhghcWyvNJt1RiGebp-S326dnpxiHVr6fSUUZwjJ8qi54sLJg8A==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 chat
js.driftt.com/core/ Frame 2112 0
0 173ms
172ms Document
text/html 13.249.160.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729769430904

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-92.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:32 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5517f212e7a3d40e88d0074e711509ac.cloudfront.net (CloudFront)
x-amz-cf-id: _7MfDe-WrLjGdP5mjeKO6TGxlikHVqyNtl4XTCLJpF4VW_soEepemw==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ Frame CBB8 35 B
737 B 23ms
6ms Image
image/gif 2600:140b:1c00:5a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:5a4::f09 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

x-goog-metageneration: 1
Access-Control-Expose-Headers: *
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
Date: Thu, 24 Oct 2024 11:30:32 GMT
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Content-Type: image/gif
X-GUploader-UploadID: AHmUCY1QpfuqC86ccLt7XhZ1bGvU_JKETXvgqzgd_YIOoMraIB8J3mt274mbsOP7I8DuX3qVFpo
Cache-Control: public,max-age=1800
x-goog-storage-class: STANDARD
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1698061172769999
Content-Length: 35
Server: UploadServer

GET
H/1.1 200
OK pd.js Show response
go.magnetforensics.com/ Frame CBB8 5 KB
2 KB 164ms
162ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/pd.js
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
expires: Sat, 24 Oct 2026 11:30:32 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Thu, 24 Oct 2024 11:30:32 GMT
Content-Type: application/javascript
last-modified: Thu, 24 Oct 2024 05:32:32 GMT
vary: Accept-Encoding,User-Agent

OPTIONS
H3 200 collect
ws.zoominfo.com/pixel/ Frame 0
0 274ms
268ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,requestfromzitag,unifiedscriptverified,x-ws-collect-type
Access-Control-Request-Method: POST
Origin: https://go.magnetforensics.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://go.magnetforensics.com
allow: GET,HEAD,POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d79a2a9ebdfb00c-NRT
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:32 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 collect Show response
ws.zoominfo.com/pixel/ Frame 92F4 0
620 B 271ms
270ms XHR
text/plain 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Requested by

Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/60f86f99350740001b170896

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.magnetforensics.com/
x-ws-collect-type: xhr
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8
requestFromZITag: false
unifiedScriptVerified: null

Response headers

x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
cf-ray: 8d79a2ab9e16b00c-NRT
access-control-allow-origin: https://go.magnetforensics.com
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 24 Oct 2024 11:30:33 GMT
x-powered-by: Express
server: cloudflare
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url

GET
H2 200 core
js.driftt.com/ Frame 7FB3 0
0 454ms
454ms Document
text/html 13.249.160.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-92.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:33 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5517f212e7a3d40e88d0074e711509ac.cloudfront.net (CloudFront)
x-amz-cf-id: 5VoQ8jH_cbLkuvGx3wKrrLm17rxR87bGmI0RpfIwMlCkcYBu1jNEcw==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 chat
js.driftt.com/core/ Frame 160C 0
0 440ms
440ms Document
text/html 13.249.160.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729769430857

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-92.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:33 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5517f212e7a3d40e88d0074e711509ac.cloudfront.net (CloudFront)
x-amz-cf-id: yPdRr4PgrhPe7CzCXF-ZhqZXRDr7Bye8Me98ssrNtr8o1Ra3X5CxVw==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ Frame 92F4 35 B
0 23ms
6ms Image
image/gif 2600:140b:1c00:5a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:5a4::f09 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

x-goog-metageneration: 1
Access-Control-Expose-Headers: *
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
Date: Thu, 24 Oct 2024 11:30:32 GMT
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Content-Type: image/gif
X-GUploader-UploadID: AHmUCY1QpfuqC86ccLt7XhZ1bGvU_JKETXvgqzgd_YIOoMraIB8J3mt274mbsOP7I8DuX3qVFpo
Cache-Control: public,max-age=1800
x-goog-storage-class: STANDARD
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1698061172769999
Content-Length: 35
Server: UploadServer

GET
H/1.1 200
OK pd.js Show response
go.magnetforensics.com/ Frame 92F4 5 KB
0 116ms
116ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/pd.js
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
expires: Sat, 24 Oct 2026 11:30:32 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Thu, 24 Oct 2024 11:30:32 GMT
Content-Type: application/javascript
last-modified: Thu, 24 Oct 2024 05:32:32 GMT
vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK analytics Show response
go.magnetforensics.com/ Frame CBB8 0
476 B 313ms
311ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/analytics?ver=3&pi_form=true&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=95208&account_id=53162&title=&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2024-02-20/ljxy9c?page_url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fsubmission%3Dhttps%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&page_title=2024+State+of+enterprise+DFIR+report&has_video=0&submit_title=Download+White+Paper&submit_type=download

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 0
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml"
Date: Thu, 24 Oct 2024 11:30:32 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

GET
H/1.1 200
OK analytics Show response
go.magnetforensics.com/ Frame 92F4 0
476 B 287ms
286ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/analytics?ver=3&pi_form=true&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=9500&account_id=53162&title=&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F
Requested by: Host: go.magnetforensics.com
URL: https://go.magnetforensics.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/l/52162/2021-07-19/kzq6w7

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 0
p3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml"
Date: Thu, 24 Oct 2024 11:30:32 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

GET
H2 200 core
js.driftt.com/ Frame A433 0
0 458ms
457ms Document
text/html 13.249.160.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=nfebtmd8e2uh&eId=nfebtmd8e2uh&region=US&forceShow=false&skipCampaigns=false&sessionId=cce2a6c3-48f2-42d2-9942-9428e08ce47b&sessionStarted=1729769433.176&campaignRefreshToken=7df1cf43-4d04-4101-86b4-04801f59a4fb&hideController=false&pageLoadStartTime=1729769429456&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-92.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:33 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5517f212e7a3d40e88d0074e711509ac.cloudfront.net (CloudFront)
x-amz-cf-id: c7BiE5--34S8W9AfnBhKD8P9kRzX9Wl--TNac93tjwudroY24xQ_Qg==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 chat
js.driftt.com/core/ Frame 1AD5 0
0 194ms
194ms Document
text/html 13.249.160.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1729769429456

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.160.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-160-92.nrt12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 24 Oct 2024 11:30:33 GMT
etag: W/"323cf43fb7dd4d8ce2fbf72604328721"
last-modified: Fri, 11 Oct 2024 18:46:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5517f212e7a3d40e88d0074e711509ac.cloudfront.net (CloudFront)
x-amz-cf-id: Jv7YwR69Jc2RW0y1Idkki4SXKm9H-3B8iMqI1krrxRD4svVSikgIfA==
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-amz-version-id: KOzChVsUmRwQhfJPojbnFLzc1Y3kJgXL
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 19

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 511ms
171ms Script
application/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.magnetforensics.com
URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-219-119.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Sat, 24 Oct 2026 11:30:33 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Thu, 24 Oct 2024 11:30:33 GMT
Content-Type: application/javascript
last-modified: Thu, 24 Oct 2024 05:32:32 GMT
vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
0 0ms
0ms Image
image/gif 2600:140b:1c00:5a4::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1c00:5a4::f09 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

x-goog-metageneration: 1
Access-Control-Expose-Headers: *
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
Date: Thu, 24 Oct 2024 11:30:32 GMT
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Content-Type: image/gif
X-GUploader-UploadID: AHmUCY1QpfuqC86ccLt7XhZ1bGvU_JKETXvgqzgd_YIOoMraIB8J3mt274mbsOP7I8DuX3qVFpo
Cache-Control: public,max-age=1800
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
x-goog-generation: 1698061172769999
Content-Length: 35
Server: UploadServer

GET
H2 200 ip.json Show response
api.company-target.com/api/v3/ Frame CBB8 487 B
1 KB 126ms
118ms Fetch
application/json 3.164.143.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?auth=QQSQvgEcb2A4YMmNUqA1khNqpjovTUJY6c6ETnK2&page=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&page_title=&referrer=https%3A%2F%2Fwww.magnetforensics.com%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.164.143.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-143-83.nrt20.r.cloudfront.net

Software

nginx /

Resource Hash

45035c78dd0c8eeb33732fb39da6243565605137db51c14416b325e985fec1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 12b72647-9bbc-4b0e-8d1f-b1563ea3ee95
expires: Wed, 23 Oct 2024 11:30:33 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: CROc9W1kCGoUdCXhZQ_8C2QBZIpOeKQrFDFJaU4k2n9CvljOjx5mUg==
date: Thu, 24 Oct 2024 11:30:33 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 5ad6ede360a0a258285ddf7aca196f2a.cloudfront.net (CloudFront)
access-control-allow-origin: https://go.magnetforensics.com
x-amz-cf-pop: NRT20-P3
server: nginx

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 464ms
464ms Script
text/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=114875&account_id=53162&title=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-219-119.compute-1.amazonaws.com

Software

Resource Hash

de6b6358d9c072deda12491ed25c12cf48f00463833c4c29985aaab6a9a5bda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 552
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Thu, 24 Oct 2024 11:30:34 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

GET
H2 200 ip.json Show response
api.company-target.com/api/v3/ Frame 92F4 487 B
1 KB 131ms
130ms Fetch
application/json 3.164.143.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.164.143.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-143-83.nrt20.r.cloudfront.net

Software

nginx /

Resource Hash

45035c78dd0c8eeb33732fb39da6243565605137db51c14416b325e985fec1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: a873ea9b-1dea-4243-b414-ac9f15fc6acf
expires: Wed, 23 Oct 2024 11:30:33 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: O9ZI7At-y2RMx8tpo2ENcV0JTduYlsmayiMZZlrT2g9eX0mOy1YCTQ==
date: Thu, 24 Oct 2024 11:30:33 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 5ad6ede360a0a258285ddf7aca196f2a.cloudfront.net (CloudFront)
access-control-allow-origin: https://go.magnetforensics.com
x-amz-cf-pop: NRT20-P3
server: nginx

POST
H3 200 collect
www.google.com/ccm/ 0
0 91ms
43ms Ping
text/html 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1996617338.1729769434&auid=644664452.1729769434&npa=0&us_privacy=1---&gtm=45He4al0v71611945za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&tft=1729769433761&tfd=7924&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.198.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s58-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/ 6 KB
2 KB 90ms
49ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769430289&cv=11&fst=1729769430289&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

bc6b70dedc8e9282cd05182986f9314133932b2efd5d2e4459ad08ce15a1a31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2472
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 367075062
td.doubleclick.net/td/rul/ Frame 37A2 0
0 145ms
91ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/367075062?random=1729769430289&cv=11&fst=1729769430289&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 367075062
td.doubleclick.net/td/rul/ Frame 4797 0
0 250ms
106ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/ 6 KB
2 KB 81ms
51ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/?random=1729769430316&cv=11&fst=1729769430316&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

7c126aed4454a98a921e00b38d946634acfd849e3fb24030025bcf37ec17da92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2473
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 981450958
td.doubleclick.net/td/rul/ Frame 2EFC 0
0 150ms
105ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/981450958?random=1729769430316&cv=11&fst=1729769430316&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/ 6 KB
2 KB 59ms
49ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/?random=1729769433198&cv=11&fst=1729769433198&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za200zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

561d54b6fb5dccaaf2627fdd7c90b54469a0b731c6258ab3c440506ffe11e8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2478
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 981450958
td.doubleclick.net/td/rul/ Frame A924 0
0 133ms
108ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/981450958?random=1729769433198&cv=11&fst=1729769433198&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za200zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.google.co.jp/pagead/1p-user-list/367075062/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769430289&cv=11&fst=1729769430289&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb7161...
https://www.google.com/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&...
https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l...

42 B
64 B

44ms
43ms

Image
image/gif

216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSGwDpaXnfR5BLDakkQ3dcsXMovo1kDgbiHp_1bw&random=2714065495&ipr=y

Protocol

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSGwDpaXnfR5BLDakkQ3dcsXMovo1kDgbiHp_1bw&random=2714065495&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 99ms
38ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YTB3MPRL03&gtm=45je4al0v870840977z871611945za200zb71611945&_p=1729769429556&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101686685~101794737~101823847&gdid=dMWZhNz&cid=1600945418.1729769432&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729769431&sct=1&seg=0&dl=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&dt=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&en=Demandbase_Event&_fv=1&_ss=1&ep.DemandBase_Audience=Wireless&ep.DemandBase_AudienceSegment=Hotspot&ep.DemandBase_City=(Non-Company%20Visitor)&ep.DemandBase_CompanyName=(Non-Company%20Visitor)&ep.DemandBase_CountryName=(Non-Company%20Visitor)&ep.DemandBase_EmployeeRange=(Non-Company%20Visitor)&ep.DemandBase_Industry=(Non-Company%20Visitor)&ep.DemandBase_RevenueRange=(Non-Company%20Visitor)&ep.DemandBase_SID=(Non-Company%20Visitor)&tfd=7995
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:33 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
559 B 148ms
35ms Ping
text/plain 2404:6800:4008:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YTB3MPRL03&cid=1600945418.1729769432&gtm=45je4al0v870840977z871611945za200zb71611945&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101686685~101794737~101823847
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c01::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:33 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame A477 0
0 99ms
98ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-YTB3MPRL03&gacid=1600945418.1729769432&gtm=45je4al0v870840977z871611945za200zb71611945&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101794737~101823847&z=1735981675

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 97ms
47ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YTB3MPRL03&cid=1600945418.1729769432&gtm=45je4al0v870840977z871611945za200zb71611945&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101686685~101794737~101823847&tag_exp=101686685~101794737~101823847&z=1302082793

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 1E4C 0
0 42ms
5ms Document
text/html 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.magnetforensics.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 217522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 23:05:11 GMT
expires: Tue, 21 Oct 2025 23:05:11 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v3/ 487 B
1 KB 122ms
122ms Fetch
application/json 3.164.143.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?auth=QQSQvgEcb2A4YMmNUqA1khNqpjovTUJY6c6ETnK2&page=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&page_title=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&referrer=

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.164.143.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-164-143-83.nrt20.r.cloudfront.net

Software

nginx /

Resource Hash

45035c78dd0c8eeb33732fb39da6243565605137db51c14416b325e985fec1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 76ddd32b-2967-4d87-89b3-a63ff7b45689
expires: Wed, 23 Oct 2024 11:30:33 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: e2yWLZ19CDq9s2jz4Tr4MkprTph6U98OvxZyJeQk70xkOfU-MFczDQ==
date: Thu, 24 Oct 2024 11:30:33 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 5ad6ede360a0a258285ddf7aca196f2a.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.magnetforensics.com
x-amz-cf-pop: NRT20-P3
server: nginx

GET
H3 200 /
www.google.com/pagead/1p-user-list/981450958/ 42 B
64 B 44ms
44ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981450958/?random=1729769433198&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za200zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dMwaYx66fZfmz4-Ck9yaOvJZMBfj05g&random=4044025659&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/981450958/ 42 B
64 B 67ms
47ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/981450958/?random=1729769433198&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za200zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dMwaYx66fZfmz4-Ck9yaOvJZMBfj05g&random=4044025659&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/367075062/ 42 B
64 B 40ms
40ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf9vnuUfSbqOJFP-aO7TQJoLp2HPDgnQ&random=1246130828&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/367075062/ 42 B
64 B 64ms
45ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769430289&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf9vnuUfSbqOJFP-aO7TQJoLp2HPDgnQ&random=1246130828&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/981450958/ 42 B
64 B 47ms
47ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981450958/?random=1729769430316&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7doMTsvmqgr1uhwUV-Mrs_fxFWbPbfRg&random=3773655862&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/981450958/ 42 B
64 B 68ms
49ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/981450958/?random=1729769430316&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&hn=www.googleadservices.com&frm=0&tiba=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1---&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7doMTsvmqgr1uhwUV-Mrs_fxFWbPbfRg&random=3773655862&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:33 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 200 collect
www.google.com/ccm/ Frame 92F4 0
0 43ms
43ms Ping
text/html 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dr=www.magnetforensics.com&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&scrsrc=www.googletagmanager.com&frm=2&rnd=2133444721.1729769434&auid=644664452.1729769434&npa=0&us_privacy=1YNY&gtm=45He4al0v71611945za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&tft=1729769434089&tfd=4030&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.198.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s58-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/ Frame 92F4 6 KB
2 KB 56ms
55ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/?random=1729769431856&cv=11&fst=1729769431856&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

5f96037a329ba6e717f6872d7a0c1743de9c00325a0386cf52cc821d87b797f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2411
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 981450958
td.doubleclick.net/td/rul/ Frame 131C 0
0 89ms
87ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/981450958?random=1729769431856&cv=11&fst=1729769431856&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/ Frame 92F4 6 KB
2 KB 54ms
54ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769432073&cv=11&fst=1729769432073&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

640a5d6cb34888c31ca7170ca3cb61d7fcf90f9fa97f16e01c9ef16f494df7f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2414
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 367075062
td.doubleclick.net/td/rul/ Frame CF08 0
0 86ms
84ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/367075062?random=1729769432073&cv=11&fst=1729769432073&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 367075062
td.doubleclick.net/td/rul/ Frame 7FAE 0
0 169ms
85ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/ Frame 92F4 6 KB
2 KB 53ms
52ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/?random=1729769432097&cv=11&fst=1729769432097&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

55022f12aff0a71c62caa249b2880bd4d28e6cb40e90f173b6bf9e0691aaae7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2394
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 981450958
td.doubleclick.net/td/rul/ Frame 7B4A 0
0 88ms
87ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/981450958?random=1729769432097&cv=11&fst=1729769432097&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.google.co.jp/pagead/1p-user-list/367075062/ Frame 92F4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769432073&cv=11&fst=1729769432073&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb7161...
https://www.google.com/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&...
https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l...

42 B
64 B

47ms
47ms

Image
image/gif

216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfLz-6L3A9oqcee1xmnZkFL6gLhlboZP28ghOAicj4__Br9R8j&random=856981381&ipr=y

Protocol

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfLz-6L3A9oqcee1xmnZkFL6gLhlboZP28ghOAicj4__Br9R8j&random=856981381&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ Frame 92F4 0
0 43ms
41ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PKFD8FGZRG&gtm=45je4al0v9169365053za200&_p=1729769431427&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101686685~101794737~101823847&gdid=dMWZhNz&cid=1600945418.1729769432&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=2&pscdl=noapi&_eu=EAAI&_s=1&sid=1729769431&sct=1&seg=0&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&dr=https%3A%2F%2Fwww.magnetforensics.com%2F&dt=&en=page_view&_fv=1&_ss=1&tfd=4073
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PKFD8FGZRG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 92F4 0
79 B 35ms
35ms Ping
text/plain 2404:6800:4008:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PKFD8FGZRG&cid=1600945418.1729769432&gtm=45je4al0v9169365053za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=2&tag_exp=101686685~101794737~101823847
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PKFD8FGZRG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c01::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:34 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 rul
td.doubleclick.net/td/ga/ Frame 3851 0
0 41ms
40ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-PKFD8FGZRG&gacid=1600945418.1729769432&gtm=45je4al0v9169365053za200&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=2&tag_exp=101686685~101794737~101823847&z=1270995940

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PKFD8FGZRG&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ Frame 92F4 0
0 44ms
43ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YTB3MPRL03&gtm=45be4al0v870840977za200&_p=1729769431427&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101686685~101794737~101823847&gdid=dMWZhNz&cid=1600945418.1729769432&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=2&pscdl=noapi&_eu=EA&_s=1&sid=1729769431&sct=1&seg=1&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&dr=https%3A%2F%2Fwww.magnetforensics.com%2F&dt=&en=page_view&_ee=1&tfd=4087
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:34 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.co.jp/ads/ Frame 92F4 42 B
63 B 44ms
44ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PKFD8FGZRG&cid=1600945418.1729769432&gtm=45je4al0v9169365053za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=2&tag_exp=101686685~101794737~101823847&tag_exp=101686685~101794737~101823847&z=43650445

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame C53A 0
0 4ms
3ms Document
text/html 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgo.magnetforensics.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 207678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Oct 2024 01:49:16 GMT
expires: Wed, 22 Oct 2025 01:49:16 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
www.google.com/ccm/ Frame CBB8 0
0 39ms
38ms Ping
text/html 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dr=www.magnetforensics.com&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c&scrsrc=www.googletagmanager.com&frm=2&rnd=1280036749.1729769434&auid=644664452.1729769434&npa=0&us_privacy=1YNY&gtm=45He4al0v71611945za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&tft=1729769434156&tfd=4149&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.198.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s58-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/ Frame CBB8 6 KB
3 KB 64ms
63ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/?random=1729769431843&cv=11&fst=1729769431843&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

443f4274d0720c131f6692b37500345946c43af9fa62e5882d3cef89bb9f4286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2565
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 981450958
td.doubleclick.net/td/rul/ Frame EF3F 0
0 92ms
90ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/981450958?random=1729769431843&cv=11&fst=1729769431843&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YTB3MPRL03&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/ Frame CBB8 6 KB
3 KB 93ms
93ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769432064&cv=11&fst=1729769432064&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

9901d22f437cfaa627436a43765dc4d81fdeea027e738fb9eb628fee86eef74f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2567
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 367075062
td.doubleclick.net/td/rul/ Frame EA23 0
0 85ms
83ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/367075062?random=1729769432064&cv=11&fst=1729769432064&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 367075062
td.doubleclick.net/td/rul/ Frame E91B 0
0 171ms
87ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/ Frame CBB8 6 KB
3 KB 80ms
79ms Script
text/javascript 142.250.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981450958/?random=1729769432111&cv=11&fst=1729769432111&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f2.1e100.net

Software

cafe /

Resource Hash

304e41789bc07099e19b8b7da87a4482116e0e718c478b789ddc4501c7752afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2562
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 981450958
td.doubleclick.net/td/rul/ Frame B919 0
0 93ms
91ms Document
text/html 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/981450958?random=1729769432111&cv=11&fst=1729769432111&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.magnetforensics.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Oct 2024 11:30:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.google.co.jp/pagead/1p-user-list/367075062/ Frame CBB8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/367075062/?random=1729769432064&cv=11&fst=1729769432064&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb7161...
https://www.google.com/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&...
https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l...

42 B
64 B

42ms
41ms

Image
image/gif

216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfUuluS2SoQh-wG_uOCCP8wcdafLuyn3z9OZdP9UeC75FRHstr&random=3347899254&ipr=y

Protocol

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&is_vtc=1&cid=CAQSKQDpaXnfUuluS2SoQh-wG_uOCCP8wcdafLuyn3z9OZdP9UeC75FRHstr&random=3347899254&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 collect
analytics.google.com/g/ Frame CBB8 0
0 40ms
40ms Fetch
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YTB3MPRL03&gtm=45be4al0v870840977za200&_p=1729769431441&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101686685~101794737~101823847&gdid=dMWZhNz&cid=1600945418.1729769432&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=2&pscdl=noapi&_eu=EA&_s=1&sid=1729769431&sct=1&seg=1&dl=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&dr=https%3A%2F%2Fwww.magnetforensics.com%2F&dt=&en=page_view&_ee=1&tfd=4182
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://go.magnetforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 11:30:34 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 12D6 0
0 1ms
0ms Document
text/html 142.250.207.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fgo.magnetforensics.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 207678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Oct 2024 01:49:16 GMT
expires: Wed, 22 Oct 2025 01:49:16 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/981450958/ Frame 92F4 42 B
64 B 44ms
43ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981450958/?random=1729769431856&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dnk3RrudlVHwOi1Z4Xi40NnUD0BQfxtgoOfRL7EOk4g7oNuLl&random=3560472593&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/981450958/ Frame 92F4 42 B
64 B 45ms
45ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/981450958/?random=1729769431856&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dnk3RrudlVHwOi1Z4Xi40NnUD0BQfxtgoOfRL7EOk4g7oNuLl&random=3560472593&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK analytics Show response
go.magnetforensics.com/ 50 B
1016 B 298ms
297ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.magnetforensics.com/analytics?conly=true&visitor_id=600703602&visitor_id_sign=ab965640f2355e58cf710e03c4d2b3507c653a2642acf42182a170732d015f8b16ae6b48b39e6a883e254b4d15d8a6c2a92990f5&pi_opt_in=&campaign_id=114875&account_id=53162&title=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=114875&account_id=53162&title=2024%20State%20of%20enterprise%20DFIR%20report%20-%20Magnet%20Forensics&url=https%3A%2F%2Fwww.magnetforensics.com%2Fresources%2F2024-state-of-enterprise-dfir-report%2F%3Fd_utk%3D9deba01d-cceb-4b91-9eca-7bb93155e5e1&referrer=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 50
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Thu, 24 Oct 2024 11:30:34 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

GET
H3 200 /
www.google.com/pagead/1p-user-list/367075062/ Frame 92F4 42 B
64 B 43ms
43ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d9HLI5B6EujUsJefNRK_iukHwHkqMaYXOJ6r9OBucV7WF_5iS&random=3179603145&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/367075062/ Frame 92F4 42 B
64 B 44ms
44ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432073&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d9HLI5B6EujUsJefNRK_iukHwHkqMaYXOJ6r9OBucV7WF_5iS&random=3179603145&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/981450958/ Frame 92F4 42 B
64 B 46ms
45ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981450958/?random=1729769432097&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfdTqXgki0v9e86_y-PmAK97XDO4BHiGd1NmRzO2wdWPpgaPy4&random=3824403910&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/981450958/ Frame 92F4 42 B
64 B 43ms
43ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/981450958/?random=1729769432097&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2021-07-19%2Fkzq6w7&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfdTqXgki0v9e86_y-PmAK97XDO4BHiGd1NmRzO2wdWPpgaPy4&random=3824403910&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/981450958/ Frame CBB8 42 B
64 B 45ms
44ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981450958/?random=1729769431843&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf2P3uMuekeIltbWIza1xpJMYeKAnni6aFmXlplpqq2JrEcvuD&random=3123954231&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/981450958/ Frame CBB8 42 B
64 B 64ms
64ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/981450958/?random=1729769431843&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45je4al0v870840977z871611945za201&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf2P3uMuekeIltbWIza1xpJMYeKAnni6aFmXlplpqq2JrEcvuD&random=3123954231&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/981450958/ Frame CBB8 42 B
64 B 52ms
51ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981450958/?random=1729769432111&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfH9Q92zmMy79vsAbCEwdqLP2HpT52aaok3TMl8U6Kqhks3sX4&random=2752071846&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/981450958/ Frame CBB8 42 B
64 B 45ms
44ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/981450958/?random=1729769432111&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v870840977za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfH9Q92zmMy79vsAbCEwdqLP2HpT52aaok3TMl8U6Kqhks3sX4&random=2752071846&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/367075062/ Frame CBB8 42 B
64 B 51ms
51ms Image
image/gif 142.250.198.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf-nKGG7Y6troAoBZID_fBPBjLWt5pvIlnlveKm55KBw_0evHa&random=3620222802&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/367075062/ Frame CBB8 42 B
64 B 45ms
45ms Image
image/gif 216.58.220.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/367075062/?random=1729769432064&cv=11&fst=1729767600000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9165012256z871611945za201zb71611945&gcd=13t3t3t3t5l1&dma=0&tag_exp=101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.magnetforensics.com%2Fl%2F52162%2F2024-02-20%2Fljxy9c%3Fpage_url%3Dhttps%253A%252F%252Fwww.magnetforensics.com%252Fresources%252F2024-state-of-enterprise-dfir-report%252F%253Fsubmission%253Dhttps%253A%252F%252Fgo.magnetforensics.com%252Fl%252F52162%252F2024-02-20%252Fljxy9c%26page_title%3D2024%2BState%2Bof%2Benterprise%2BDFIR%2Breport%26has_video%3D0%26submit_title%3DDownload%2BWhite%2BPaper%26submit_type%3Ddownload&ref=https%3A%2F%2Fwww.magnetforensics.com%2F&top=https%3A%2F%2Fwww.magnetforensics.com%2F&hn=www.googleadservices.com&frm=2&did=dMWZhNz&gdid=dMWZhNz&npa=0&us_privacy=1YNY&pscdl=noapi&auid=644664452.1729769434&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf-nKGG7Y6troAoBZID_fBPBjLWt5pvIlnlveKm55KBw_0evHa&random=3620222802&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s01-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://go.magnetforensics.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 24 Oct 2024 11:30:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 favicon_73ad54bc.ico
www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/images/favicon/ 32 KB
6 KB 9ms
8ms Other
image/x-icon 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.magnetforensics.com/wp-content/themes/magnet-forensics-wordpress/dist/images/favicon/favicon_73ad54bc.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 20a8d1ab38b0ecd61ea192aae2166fde4a7e888e6c8c631a5853ff51ec77febd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1

Response headers

x-pantheon-styx-hostname: styx-fe1fe2-g-6d46c9bf7-znj4w
content-encoding: gzip
etag: "6718a23f-7f5e"
age: 62839
expires: Fri, 24 Oct 2025 18:03:16 GMT
x-cache: HIT, HIT
date: Thu, 24 Oct 2024 11:30:35 GMT
content-type: image/x-icon
vary: Accept-Encoding
x-cache-hits: 60, 21
last-modified: Wed, 23 Oct 2024 07:14:07 GMT
x-served-by: cache-yyz4575-YYZ, cache-nrt-rjtf7700094-NRT
cache-control: max-age=31622400
x-timer: S1729769435.220856,VS0,VE4
x-styx-req-id: 140c46d3-9169-11ef-b669-e6603a00b358
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 5590
server: nginx

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.js.ubembed.com/	1970-01-21 00:29:31	Name: __cf_bm Value: iP5Iw4rjtEIpq_5rpfxv3eIjvDY4_aUVD1GHBAc87.I-1729769430-1.0.1.1-7tQyQfc8cu0TH7hZHi_ccgreR_soPE9gbQlEVw9C6tO1Mz.4FIA108OzUqlP.g02roPSDFke2fhHiCy7aFyoZg
www.magnetforensics.com/	1969-12-31 23:59:59	Name: wp-wpml_current_language Value: en
.twitter.com/	1970-01-21 10:05:29	Name: guest_id_marketing Value: v1%3A172976943028875856
.twitter.com/	1970-01-21 10:05:29	Name: guest_id_ads Value: v1%3A172976943028875856
.twitter.com/	1970-01-21 10:05:29	Name: personalization_id Value: "v1_iuqQ5AlK/paAgYZOycCGCA=="
.twitter.com/	1970-01-21 10:05:29	Name: guest_id Value: v1%3A172976943028875856
.t.co/	1970-01-21 10:05:29	Name: muc_ads Value: 248d2219-5bb5-4645-ad0f-9252a0deeea8
.t.co/	1970-01-21 00:29:31	Name: __cf_bm Value: Th0FeQzW53joQ.wOzeh0ao8KqbyUwwzchwKTGVPPHFM-1729769430-1.0.1.1-cSpJbhjFymy8AKOuF8o7fBpqJGDkKQklRM4p9Q0rJHJ0PkdJin4suZ0JG7gYpQHhr8Fuks_IO8wj.6fQN7PbhA
.ws.zoominfo.com/	1970-01-21 09:15:05	Name: visitorId Value: 12aeb3c1d2729d561b83ad89d79c12aacd98b1c0ae3834359297b24f96d114b8
.zoominfo.com/	1970-01-21 00:29:31	Name: __cf_bm Value: bhipWu7lfU_8amosz39GygM2A0ILIvbHeuyZ4iFYmk0-1729769430-1.0.1.1-xE7z94bFRO7TL98.rjVygUm6xHhej7BYTTk4KwOn44Nzsr6RYMytnu3C6yYpKHYO0i8laLugqR_wrz0T8L6NyA
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 5OxWr4tRcSSM127i1HW_QKC_oSFMTFk1196pscYnKAs-1729769430407-0.0.1.1-604800000
.linkedin.com/	1970-01-21 02:39:05	Name: li_sugr Value: b923f41d-0c9c-45fc-8900-9c6abf5ad5ed
.linkedin.com/	1970-01-21 00:30:55	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3373:u=1:x=1:i=1729769430:t=1729855830:v=2:sig=AQGoIJmuMTl_OjGQTwYlcXGtvc4SUfqX"
.linkedin.com/	1970-01-21 09:15:05	Name: bcookie Value: "v=2&0b07db14-576d-405e-84f6-ba748dad6b6a"
tags.srv.stackadapt.com/	1970-01-21 09:15:05	Name: sa-user-id Value: s%3A0-e21cd553-f38d-5007-5031-5026325b544a.xokXnNTNIvzmANM265uBRdc8IISb2xpeBydR44aUZpw
.srv.stackadapt.com/	1970-01-21 09:15:05	Name: sa-user-id Value: s%3A0-e21cd553-f38d-5007-5031-5026325b544a.xokXnNTNIvzmANM265uBRdc8IISb2xpeBydR44aUZpw
tags.srv.stackadapt.com/	1970-01-21 09:15:05	Name: sa-user-id-v2 Value: s%3A4hzVU_ONUAdQMVAmMltUSpJGye8.WN9402MaX2ReiihdUnuV2dmGY4KgtKlZOnMx7emb0tw
.srv.stackadapt.com/	1970-01-21 09:15:05	Name: sa-user-id-v2 Value: s%3A4hzVU_ONUAdQMVAmMltUSpJGye8.WN9402MaX2ReiihdUnuV2dmGY4KgtKlZOnMx7emb0tw
tags.srv.stackadapt.com/	1970-01-21 09:15:05	Name: sa-user-id-v3 Value: s%3AAQAKIOdWmGPJKUbrDIEcefFf7PbeTquDzaWW-VfAD3CXXKEKENYBGAQg1t_ouAYwAToEQiu0oEIE4oT3Lg.PvUQPLZ3L8vLQ71MCOFw%2FXSu6sK2%2BvXloeKG2N%2Bxoks
.srv.stackadapt.com/	1970-01-21 09:15:05	Name: sa-user-id-v3 Value: s%3AAQAKIOdWmGPJKUbrDIEcefFf7PbeTquDzaWW-VfAD3CXXKEKENYBGAQg1t_ouAYwAToEQiu0oEIE4oT3Lg.PvUQPLZ3L8vLQ71MCOFw%2FXSu6sK2%2BvXloeKG2N%2Bxoks
.bing.com/	1970-01-21 09:51:05	Name: MUID Value: 1D65521F2204666011B7473D23266778
.bat.bing.com/	1970-01-21 00:39:34	Name: MR Value: 0
www.magnetforensics.com/	1970-01-21 01:12:41	Name: __smVID Value: 7ab2b92cafbae099ac0fc0f2e1eba9c46938be49ba8c82643f4c93d98a80021e
.magnetforensics.com/	1970-01-21 09:15:05	Name: _hjSessionUser_1019106 Value: eyJpZCI6ImM5YTFhOGNhLTJiMjItNTlhZC05ZTZlLTIwOTY5NmZjODdlZCIsImNyZWF0ZWQiOjE3Mjk3Njk0MzEzNTQsImV4aXN0aW5nIjp0cnVlfQ==
.magnetforensics.com/	1970-01-21 00:29:31	Name: _hjSession_1019106 Value: eyJpZCI6IjZhN2Q5ZWY0LTE5YjctNGIzYS1hY2ZkLTFhNzg4ZjUyZWNjNCIsImMiOjE3Mjk3Njk0MzEzNTUsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.linkedin.com/	1970-01-21 01:12:41	Name: UserMatchHistory Value: AQKzzn55NXnJ3gAAAZK-SuDtc-UhFJGuq1of-NWyWBuKn8DnAgQqoTbXjvU-haAC5DBGVUJyeOvkiA
.linkedin.com/	1970-01-21 01:12:41	Name: AnalyticsSyncHistory Value: AQJazUjdA94XPQAAAZK-SuDtfNUFGleGwBbmabAwobeZ2RA9YxQwiRq8MAYJbH6WiQOBBl1RALd4WIcJfKjVuw
.magnetforensics.com/	1970-01-21 02:39:05	Name: _fbp Value: fb.1.1729769431365.465020282740907098
www.magnetforensics.com/	1970-01-21 09:15:05	Name: sa-user-id Value: s%253A0-e21cd553-f38d-5007-5031-5026325b544a.xokXnNTNIvzmANM265uBRdc8IISb2xpeBydR44aUZpw
www.magnetforensics.com/	1970-01-21 09:15:05	Name: sa-user-id-v2 Value: s%253A4hzVU_ONUAdQMVAmMltUSpJGye8.WN9402MaX2ReiihdUnuV2dmGY4KgtKlZOnMx7emb0tw
www.magnetforensics.com/	1970-01-21 09:15:05	Name: sa-user-id-v3 Value: s%253AAQAKIOdWmGPJKUbrDIEcefFf7PbeTquDzaWW-VfAD3CXXKEKENYBGAQg1t_ouAYwAToEQiu0oEIE4oT3Lg.PvUQPLZ3L8vLQ71MCOFw%252FXSu6sK2%252BvXloeKG2N%252Bxoks
.rlcdn.com/	1970-01-21 09:15:05	Name: rlas3 Value: s18F/dzzGLpRpT1ck623Q2HQsX6/Ap0rZUJqaMDFY9k=
.company-target.com/	1970-01-21 10:05:29	Name: tuuid Value: ddfa4421-dd92-47d0-b876-c8991e75fde8
.company-target.com/	1970-01-21 10:05:29	Name: tuuid_lu Value: 1729769431\|ix:0\|mctv:0\|rp:0
.casalemedia.com/	1970-01-21 09:15:05	Name: CMID Value: Zxov1xdaRHcAAEixAkbMAAAA
.casalemedia.com/	1970-01-21 02:39:05	Name: CMPS Value: 5428
.casalemedia.com/	1970-01-21 02:39:05	Name: CMPRO Value: 5428
.www.linkedin.com/	1970-01-21 09:15:05	Name: bscookie Value: "v=1&20241024113031db514783-33e4-4c55-8e80-47552109c994AQHPfa7fpEE2qqMg86ZjZYB0eW8WG2B0"
.rlcdn.com/	1970-01-21 01:55:53	Name: pxrc Value: CNff6LgGEgUI6AcQABIGCMrdKhAA
.magnetforensics.com/	1970-01-21 00:30:55	Name: _gid Value: GA1.2.1707341973.1729769432
.magnetforensics.com/	1970-01-21 00:29:29	Name: _gat_gtag_UA_34380560_1 Value: 1
.rubiconproject.com/	1970-01-21 09:15:05	Name: audit_p Value: 1\|lrVm9iuAftDDOQJibzt8nb6rZrutT4JNZn9xHdigABYRdwtRav1lhsFrrumjuqswVI8Y1rvz2OuM1KxoLazIt5mwZQnb46mpoc9kuWvRBdoIyYtO1ecbbQ2v6sHbnvd8Uw+Ub8sUDGLVaC/fGHD8Hz/R0ELEsty6cmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.rubiconproject.com/	1970-01-21 09:15:05	Name: khaos Value: M2N823LQ-P-6LBK
.rubiconproject.com/	1970-01-21 09:15:05	Name: khaos_p Value: M2N823LQ-P-6LBK
.rubiconproject.com/	1970-01-21 09:15:05	Name: audit Value: 1\|lrVm9iuAftDDOQJibzt8nb6rZrutT4JNZn9xHdigABYRdwtRav1lhsFrrumjuqswVI8Y1rvz2OuM1KxoLazIt5mwZQnb46mpoc9kuWvRBdoIyYtO1ecbbQ2v6sHbnvd8Uw+Ub8sUDGLVaC/fGHD8Hz/R0ELEsty6cmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.rubiconproject.com/	1970-01-21 02:39:05	Name: receive-cookie-deprecation Value: 1
.tremorhub.com/	1970-01-21 09:15:26	Name: tvid Value: 6cb5669c251c42d8a7306e010051bd77
.tremorhub.com/	1970-01-21 10:05:29	Name: tv_UIDM Value: ddfa4421-dd92-47d0-b876-c8991e75fde8
.magnetforensics.com/	1970-01-21 00:30:55	Name: _uetsid Value: 6068a71091fb11ef91ab375f10d9100b
.magnetforensics.com/	1970-01-21 09:51:05	Name: _uetvid Value: 6068dd7091fb11ef80d02fb99d18d603
.bing.com/	1970-01-21 09:51:05	Name: MSPTC Value: eT_40PC8T9SB6FhmAlJoGZRs2dt_NwXNKQc4Wy8yehY
go.magnetforensics.com/	1970-01-21 00:29:31	Name: drift_campaign_refresh Value: b2639ede-e9a0-4363-bd63-b6e9909dd42a
www.magnetforensics.com/	1970-01-21 00:29:31	Name: drift_campaign_refresh Value: 7df1cf43-4d04-4101-86b4-04801f59a4fb
go.magnetforensics.com/	1970-01-21 10:05:29	Name: drift_aid Value: d22c6184-42f0-4f4f-8a9f-a94d43c90d33
go.magnetforensics.com/	1970-01-21 10:05:29	Name: driftt_aid Value: d22c6184-42f0-4f4f-8a9f-a94d43c90d33
.magnetforensics.com/	1970-01-21 02:39:05	Name: _gcl_au Value: 1.1.644664452.1729769434
.magnetforensics.com/	1970-01-21 10:05:29	Name: _ga Value: GA1.1.1600945418.1729769432
www.magnetforensics.com/	1970-01-21 10:05:29	Name: drift_aid Value: 96567cc7-a138-48d4-891f-795e4d0ba5c1
www.magnetforensics.com/	1970-01-21 10:05:29	Name: driftt_aid Value: 96567cc7-a138-48d4-891f-795e4d0ba5c1
.pardot.com/	1970-01-21 09:15:05	Name: visitor_id52162 Value: 600703602
.pardot.com/	1970-01-21 09:15:05	Name: visitor_id52162-hash Value: ab965640f2355e58cf710e03c4d2b3507c653a2642acf42182a170732d015f8b16ae6b48b39e6a883e254b4d15d8a6c2a92990f5
pi.pardot.com/	1970-01-21 00:29:31	Name: lpv52162 Value: aHR0cHM6Ly93d3cubWFnbmV0Zm9yZW5zaWNzLmNvbS9yZXNvdXJjZXMvMjAyNC1zdGF0ZS1vZi1lbnRlcnByaXNlLWRmaXItcmVwb3J0Lz9kX3V0az05ZGViYTAxZC1jY2ViLTRiOTEtOWVjYS03YmI5MzE1NWU1ZTE%3D
.magnetforensics.com/	1970-01-21 10:05:29	Name: _ga_PKFD8FGZRG Value: GS1.1.1729769431.1.1.1729769431.60.0.0
.magnetforensics.com/	1970-01-21 10:05:29	Name: _ga_YTB3MPRL03 Value: GS1.1.1729769431.1.1.1729769432.58.0.0
www.magnetforensics.com/	1970-01-21 09:15:05	Name: visitor_id52162 Value: 600703602
www.magnetforensics.com/	1970-01-21 09:15:05	Name: visitor_id52162-hash Value: ab965640f2355e58cf710e03c4d2b3507c653a2642acf42182a170732d015f8b16ae6b48b39e6a883e254b4d15d8a6c2a92990f5
.doubleclick.net/	1970-01-21 10:05:29	Name: IDE Value: AHWqTUn2-btkl_p8NYl17fm0fAvHovtBScdCR-uXk5gyiGOmAOWVn4JFilvVRJjo
go.magnetforensics.com/	1970-01-21 09:15:05	Name: visitor_id52162 Value: 600703602
go.magnetforensics.com/	1970-01-21 09:15:05	Name: visitor_id52162-hash Value: ab965640f2355e58cf710e03c4d2b3507c653a2642acf42182a170732d015f8b16ae6b48b39e6a883e254b4d15d8a6c2a92990f5

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1 Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://www.magnetforensics.com/resources/2024-state-of-enterprise-dfir-report/?d_utk=9deba01d-cceb-4b91-9eca-7bb93155e5e1 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: about:blank Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://consent.cookiebot.com/uc.js?cbid=fe34b718-95dc-4dcb-a860-f4b15ee8ad8b&implementation=gtm&consentmode-dataredaction=dynamic&culture=en(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://acsbapp.com/apps/app/dist/js/app.js Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://acsbapp.com/apps/app/dist/js/app.js Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://acsbapp.com/apps/app/dist/js/app.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://tag.demandbase.com/329a98b44c5d7aa0.min.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://script.hotjar.com/modules.7d35ebb92a246d9f66a6.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://script.hotjar.com/modules.7d35ebb92a246d9f66a6.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://script.hotjar.com/modules.7d35ebb92a246d9f66a6.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://load.sumome.com/7.8ce2f449e0e5a6831968.js Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://load.sumome.com/7.8ce2f449e0e5a6831968.js Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://load.sumome.com/7.8ce2f449e0e5a6831968.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://js.driftt.com/include/1729769700000/nfebtmd8e2uh.js Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c(Line 134) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=AW-367075062&l=dataLayer&cx=c(Line 134) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=AW-981450958&l=dataLayer&cx=c(Line 285) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c(Line 285) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-YTB3MPRL03&l=dataLayer&cx=c(Line 285) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV(Line 207) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV(Line 207) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.
security	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV(Line 207) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJWWJV(Line 534) Message: Unrecognized Content-Security-Policy directive 'navigate-to'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: .storylane.io .vimeo.com .sumome.com .hotjar.com; style-src 'self' 'unsafe-inline' https: data: fonts.googleapis.com; img-src 'self' https: data: .vimeocdn.com gstatic.com .sumome.com; connect-src 'self' https: data: go.magnetforensics.com .sumome.com fonts.gstatic.com googletagmanager.com cdn.jsdelivr.net google.com acsbapp.com cdn.mouseflow.com consent.cookiebot.com player.vimeo.com cdnjs.cloudflare.com .hotjar.com wss://ws.hotjar.com; font-src 'self' https: data: fonts.gstatic.com fonts.googleapis.com; media-src 'self' 'unsafe-inline' player.vimeo.com; child-src 'self' https:; form-action 'self' https: go.magnetforensics.com; frame-ancestors 'self'; worker-src 'self' https:; manifest-src 'self'; navigate-to 'self' https:; base-uri 'self'; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-top-navigation allow-top-navigation-by-user-activation
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
amplify.outbrain.com
analytics.google.com
analytics.twitter.com
api.company-target.com
app.salesloft.com
assets.ubembed.com
bat.bing.com
cdn.acsbapp.com
cdn.jsdelivr.net
cdn.mouseflow.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d3327e487add4206b7e609d4710cb454.js.ubembed.com
fonts.googleapis.com
fonts.gstatic.com
go.magnetforensics.com
googleads.g.doubleclick.net
id.rlcdn.com
imgsct.cookiebot.com
js.driftt.com
load.sumome.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.company-target.com
script.hotjar.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sumome.com
t.co
t.magnetforensics.com
tag-logger.demandbase.com
tag.demandbase.com
tags.srv.stackadapt.com
td.doubleclick.net
tr.outbrain.com
wave.outbrain.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.linkedin.com
www.magnetforensics.com
104.16.117.43
104.18.26.50
104.244.42.3
13.107.42.14
13.225.183.4
13.249.160.126
13.249.160.92
13.35.49.11
142.250.196.110
142.250.198.4
142.250.207.34
142.250.207.8
142.251.42.131
151.101.108.157
172.64.148.75
172.66.0.227
2001:4860:4802:38::181
216.239.34.181
216.58.220.131
216.58.220.98
23.32.225.140
2400:52e0:1501::1097:1
2404:6800:4004:810::200a
2404:6800:4004:818::2008
2404:6800:4004:822::2002
2404:6800:4004:824::200e
2404:6800:4008:c01::9b
2600:140b:1c00:5a4::f09
2600:140b:1c00:e::17cb:851d
2600:140b:a00:e::b81d:8cce
2600:9000:2352:b600:1d:8d6d:3b40:93a1
2606:4700:10::6816:cc
2606:4700:10::ac43:b9b
2620:12a:8000::2
2620:1ec:21::14
2620:1ec:33:1::10
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42::485
3.164.143.83
3.165.39.67
3.166.244.96
3.218.146.139
31.13.82.36
31.13.82.7
34.211.221.163
34.237.219.119
34.96.71.22
35.244.154.8
52.250.45.119
52.28.222.96
52.54.96.194
54.146.148.156
99.84.133.116
095a419a7e9d826faf0efcb8176e529da5c9a2a56e3ff1295c5fd7efa6f448f0
0ddbf6892bad4cc922cedea06e434e88e2937dd274fa94a4a5e64715f540d73e
0e5b99158c017df5aa0df9c3dc6b1a14d935a46509ec9b6ae38b0bf9ca572c7b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb
1fecb0f4485d21a3aed40485ee694f6ca38f6021a72d1c189174d03aab872f9a
20a8d1ab38b0ecd61ea192aae2166fde4a7e888e6c8c631a5853ff51ec77febd
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
21caa26c33fb920310d8d816e8ba173ff6a7153561d5b12496f12271fe659ddd
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
23413d5d8960d38018cbaaa1162314a6e118452768c84ff30ac2bdabb3af82aa
243691595cd01b309e518b373dd2ee918b93646309ca694c0f14e3b7ea469fea
24bc8c36866cd6cb060f25880e3f33462d3c7b74e9f7d14b951d19dfa854c6ef
24e2497d86265cd1ce87a221878ad7d573dba931abdc8883a0844a75f8ce9063
24f48568a1daa32eb4c7a896c7bd45779459243dd98245a1b8dbfd58e226bf19
273ec762a7292aa7240f6a5821af55c614fc52d473bd5b358cfe34892ee6cd42
2824d7ee7283f7c5faeb46dbe2ce53e7e6a14cdbd8f48eaeaea627b80757fcde
2f8b17f7047808b11a957a01f95780557ef40b5fa965c78aadf40f460287e200
30084481f752ea61aaafd9a3e0984e3d166057804bc6d35949147e85e3a645bb
304e41789bc07099e19b8b7da87a4482116e0e718c478b789ddc4501c7752afe
3227bce8081701ff711c3268042d5fc4e3343d0bed226c1507cfd9a459e110ee
33911e7c866f8140e67a7243a3f85c4f7d956a4ecd54056a7f21720e65c3e04a
389b0c9c5e825effa06b58f89d9167ec683826d6c9b3f3faa040bf2464e06f64
38af1a92a1febe60ea6cdf48747328db032bbb53c8f6d691e223e97cba19e2e5
3a788ec69c80c7fc2f8f6257fc9b36d8daac7b27af93577fbd8cf4cc5cd3b8ed
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
40e58144d417a26c33d6c709d4cd88c505f72c0a719c6e126d2c81a4a95764b3
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
42725f1580d7748d0c7632580d72d57d638ecc2cbda52af8f68053091c330371
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443f4274d0720c131f6692b37500345946c43af9fa62e5882d3cef89bb9f4286
45035c78dd0c8eeb33732fb39da6243565605137db51c14416b325e985fec1bc
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
529538b800da3e28eabfd7114232283c8b8725c393bb378788158c17203f0d40
52ae2bead6d942b75e5b9a72db391de07ee8532155744ce84681f67143d6e04c
52b4cc17432578ffd29d1480648b4225424df2a57aa632dfe86b276aacc204d2
5363fabedc9da6f922057e554d89a70e96d3f9106ee1843bff53f3b475fe330b
55022f12aff0a71c62caa249b2880bd4d28e6cb40e90f173b6bf9e0691aaae7e
561d54b6fb5dccaaf2627fdd7c90b54469a0b731c6258ab3c440506ffe11e8bd
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5a15299baa3aadd5d0989470279e7be9b6431ffa77068783ff2a169f41edf245
5f96037a329ba6e717f6872d7a0c1743de9c00325a0386cf52cc821d87b797f8
640a5d6cb34888c31ca7170ca3cb61d7fcf90f9fa97f16e01c9ef16f494df7f4
64f77a13c6e6d3adce340a06f37c55054d9cdd48cb1d9347943749592a2a565e
6504b9c461f89254f50abd3ebbd871c7f3c1486e7f6f73abbdeb398beb61cd92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd75299c3bfc54423f83442b734f5747df80e300c21899f2abc354c449e44e4
6c423303131c1b6498ab7e0ebd95c5646ca1f664f6ab7d74854ed42888e10e88
6c5ba76021aa3832bd518b168fac7f8008a0ddd99ee4ca9dd0bccfac1d86b374
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ba2efe3b4b4c0a0ea967ecbc0fa24ca9e773baff3c8449588a7a0bdb604863b
7c126aed4454a98a921e00b38d946634acfd849e3fb24030025bcf37ec17da92
7f452579a9d9ec57b6e47afb3afcc605e80707ab6d284d34521d6c50f66d45e0
7f81b07075f86226ce8fc5e8d6f05c7b01061e66714af5036741a79ffec58d5d
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87fbc6477d07c0b9eb56d8839da504fcaf1cdbb8bec3e7f6581cfe92f4abdfce
886c89ea5c445ac3052f975a2f61d71b3444ab9eb75935b9aa43d82b01fe1842
88af1c544f63bc3dd6ca2260336f6733f71056bda979e898dc324e75407616f3
88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f
89f6647ccfb74cf666b86a370bd5d763463b84e5941d90b7fb2d36ac373206e0
8b4b61e1707fd15feaae190a7cdf8aa2fa9fda18273f3d115cf7f7da2fe17996
8c5b96083471d582d2af9733ace6c12287b8adcc45d4f24dc21a482615f6a0d1
8f005150df847d97b3188709485b414ecf1c1dc0d8a4e7e42d06a69d5f9fdf6c
91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d
9339a5686ce46d242e237489ecb6479c881bc7f4ab2d7aa52ae9e39b1e431375
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
9879ef3d5b4ab0e0135513ce4459dd3d75753ecad966ca5d63ed82cc2d1d93a6
9901d22f437cfaa627436a43765dc4d81fdeea027e738fb9eb628fee86eef74f
9ce9dde767ac632d60c8fedcf72973d7b73ab31ba4c1b7ba66b54acafea8ad77
a0cd44d7f616d20b0958cc0b11958dc46aa4442817bd54231713014802264247
a785e63bf025fd479a520e92e25d4c0eb58c723d6d381afa674f2be6c1f2d86a
a8ac148500db40a58b4cd1ed7b242595c7897896b5066cafe647112c0c191527
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab5dfe376631b4a619dbe4a8011ff34c4fb67660e00193b9c652724f8b86b851
ab98f025e89e75eb9de8f7f16d7dbd68fff25a42fcf82c706aeb55dede2b4853
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf59197679c94a3b3eb2591f4127a1121474dd5c9110067db172a657dadd822
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b7eb51e42368330fcb9068cd7dd3e5d5cff32deeb66d6628653e6c69363676ed
bbfba2d97f5a567198f34e3f996b9adbba2b8a9570794c368abd7a5adcfe9d48
bc6b70dedc8e9282cd05182986f9314133932b2efd5d2e4459ad08ce15a1a31d
c0bfdde523377c07339bdc26cbe44faf49466d10f7af3bd4169ac84694a810e6
c0f01785d8b060b787e8eb0cdbbbe5b938123c1d42fcbde96d932a2995497132
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c23572c09b94a5896dc046f9f4c5852bcba9465cd9d4ddbfa16cc4a04c6b895c
c39fa609f4a9b43e493115c723b102147f9025008bd24841e7732c5f253edd51
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
c5f3b2f654d2d8210a481c0164f0a53430cd09b77c34374fe23c9a03f5ad00fb
c75ceddd9050bbbed76bac047ab587f677f96e39bed8e338a5cc035a5f3af5fb
c9dafd9603b7c319b58354440fcaa5c3f2f1e7988f8a76e9373ba3fb4a24a171
cee682bc57d94c16933b0422aa0bd7ad8c7a6e04643eb7ce170e2d5ce6e25b48
cf00d934ead4eecba65eca6bc0426e734218d5d2a33e9677f3c2fff724069a9a
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05
d5c55cae0e7c6225775f74c5ad1a4351b5ea4218baddea714b3a363a6351780f
d7ad7e23c0da0e9d49b2a166fd37edb30e1691313d4bd1d1a1b1cf52b8174081
d7b5e07e61976a304a06d014d1a59e2478f8c59c3bd2cb92accdce6818257b00
d7ebbe82b113abafe8c1ed55d84ffa2319843b52b8176d544a1a0035cd035c76
d84658f533098c4de66a48fba5bf3aa9e2b0affc875b7081022813a1b664ed63
d868859f87ae94e683c1c3605764c5e87a24be77f49f70e272d4acce9afdf8a0
d999cbd5c65b5085ce2e477916bfad73c9824f584baf1071f086721514b09ed4
dc8e317c924d49916e599d91520cb5f64eb9b1ff74120e5d058ca526d0ec6266
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6b6358d9c072deda12491ed25c12cf48f00463833c4c29985aaab6a9a5bda0
de77aed14166ff6c0bee39653090b8cc6eaa2230de83630de11ebfc5f108fa46
e0181f1a87b13da78449842f1773ba41d94e9a7a83f081038f35bcac2068b7da
e2904f976f723cd812b4e1c802967d11c9f6f5d6c97700e5b9386a16bd4ce5be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e967f20a8e3e58f11c2b0cfef9d2dda8a3758739f10e83e323c73be8b42653bc
e96abb18e70acf14065e3bacb0dbd6942579a85d3d69d9d7551bea9c627ca3a0
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
edff91075f5d474f3a811de572402ac1259045f0dce511e43439a5c3aa9a8f62
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efca75353ee4caff9f7cd855571361bde581fac3a82182469705f52140319c19
f3b2655e46f94794cd3f71c4a555dae4fc5c1aa1a179551f0ee0d9f2b18866d6
f94d56d010d0c777687ee8fa67983469d41613c0af6197245dac813b0a1df8e5
facc649ca3384d33a8a141e8d71c451250a3218521edb6a1071124e5cf5ec4f8
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
ff90abc7f28634b9669240cc556dd6f62a8000882e2186e229e30527afb1e230

www.magnetforensics.com Open in urlscan Pro 2620:12a:8000::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

291 Requests

97 %HTTPS

34 %IPv6

32 Domains

50 Subdomains

51 IPs

6 Countries

7168 kBTransfer

21669 kBSize

69 Cookies

37 Outgoing links

Page URL History

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.magnetforensics.com Open in urlscan Pro
2620:12a:8000::2 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

97 %
HTTPS

34 %
IPv6

32
Domains

50
Subdomains

51
IPs

6
Countries

7168 kB
Transfer

21669 kB
Size

69
Cookies

291 HTTP transactions
10 data transactions