duo.com Open in urlscan Pro
65.9.95.120  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

• https://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&d_nsid=0&ts=1702692488752 HTTP 302
• https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&d_nsid=0&ts=1702692488752

Request Chain 40

• https://cisco-tags.cisco.com/tag/auth/ntpagetag.gif?js=1&ts=1702692488801.748&lc=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&rs=1600x1200&cd=24&ln=en&tz=GMT%20%2B01%3A00&jv=0&ck=UnicaNIODID%3Dundefined&meta.viewport=width%3Ddevice-width%2C%20initial-scale%3D1.0%2C%20user-scalable%3Dyes&title=fbi%20guidance%20evolves%20on%20ransomware%20payments%20%7C%20decipher&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&webdriver=false&tag=ut4.51.202312152201&locale=en-us&meta.country=us&meta.locale=us&breakpoint=unavailable&content_type=no%20contenttype&linktrack=linkpage&loc=http%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookie_length=500&meta.iapath=no%20iapath&hier1=no%20iapath&meta.wm_reporting_category=no%20iapath&sa_source=meta.iapath&t_profile=cisco.duo&t_load=ctm&suite=cisco-complete&returnVisit=false&cookies=true&localstorage=true&dnt=false&conversion=event1&adobeVersions=AppMeasurement%3Dna%2CVisitorJS%3Dna%2CMbox%3Dna&meta.msapplication-tilecolor=%23000000&meta.msapplication-config=%2Fassets%2Fimg%2Fdecipher%2Ffavicons%2Fbrowserconfig.xml&meta.theme-color=%23ffffff&meta.robots=index%2Cfollow%2Carchive&meta.fb:app_id=2090208394329663&meta.og:site_name=decipher&meta.og:type=website&meta.og:url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&meta.twitter:card=summary_large_image&meta.twitter:site=%40deciphersec&meta.twitter:creator=%40deciphersec&meta.og:title=fbi%20guidance%20evolves%20on%20ransomware%20payments&meta.twitter:title=fbi%20guidance%20evolves%20on%20ransomware%20payments&meta.description=the%20fbi%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.&meta.og:description=the%20fbi%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.&meta.twitter:description=the%20fbi%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.&meta.twitter:image=https%3A%2F%2Fduo.com%2Fassets%2Fimg%2Fseo-images%2Fmoney-house-decipher.jpg&meta.og:image=https%3A%2F%2Fduo.com%2Fassets%2Fimg%2Fseo-images%2Fmoney-house-decipher.jpg&meta.og:image:width=1200&meta.og:image:height=630&meta.bitly-verification=040b99f315c6&meta.google-site-verification=svd8ahbyylsc2wljqdzwij1d2tnu8-u3fbldciehxdu&meta.twitter:widgets:csp=on&meta.msvalidate.01=27fb624dbd3f07315a4bf69f5d649c68&ets=1702692488802.258 HTTP 302
• https://id.cisco.com/oauth2/default/v1/authorize?response_type=code&scope=openid%20email&client_id=bf6c50dc-2843-4dab-aa45-9e994a90ea8c&state=ZP652YP8KCxRvGExALpA9b1LEY4&redirect_uri=https%3A%2F%2Fcisco-tags.cisco.com%2Fcallback%2Faction.html&nonce=Tugp5E3XeYiZAFCm9TkIuaMPlqys7LVVcEhhIOHkyRI&prompt=none HTTP 302
• https://cisco-tags.cisco.com/callback/action.html?state=ZP652YP8KCxRvGExALpA9b1LEY4&error=login_required&error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in.

Request Chain 54

• https://s.amazon-adsystem.com/iu3?pid=f808e024-acca-4e83-a13b-f65567e77575&event=Pageview&ts=1702692488851 HTTP 302
• https://s.amazon-adsystem.com/iu3?pid=f808e024-acca-4e83-a13b-f65567e77575&event=Pageview&ts=1702692488851&dcc=t

Request Chain 58

• https://s860818199.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=860818199&ref2=elqNone&tzo=-60&ms=882&optin=disabled HTTP 302
• https://s860818199.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=860818199&ref2=elqNone&tzo=-60&ms=882&optin=disabled&elqCookie=1

Request Chain 64

• https://unpkg.com/web-vitals HTTP 302
• https://unpkg.com/web-vitals@3.5.0 HTTP 302
• https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js

Request Chain 69

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1709786%252C7540%26time%3D1702692488970%26url%3Dhttps%253A%252F%252Fduo.com%252Fdecipher%252Ffbi-guidance-evolves-on-ransomware-payments%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true&liSync=true&e_ipv6=AQLkXlnSe0ecsQAAAYxwYYjZV6CGUMsfiBF6tXmZcoYxFwVNfUNfyS-hzgGdPmYsigQ2blu2MXd3hHoEuQ0Qg2lw3xkFvw

Request Chain 83

• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjAwODc2ODk0OTU3MjYxNzMwNTI4MDgzNzcwMTM0NTc1Njc0MTg= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjAwODc2ODk0OTU3MjYxNzMwNTI4MDgzNzcwMTM0NTc1Njc0MTg=&google_tc= HTTP 302
• https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEWihbP7cOeLa2nKMd2g-yo&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 98

• https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=20087689495726173052808377013457567418&gdpr=0&gdpr_consent= HTTP 302
• https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=20087689495726173052808377013457567418&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-n7RVtsFE2pE4hX_6KDBGGv5Vrn9fs0E3j.w-~A

Request Chain 101

• https://usermatch.krxd.net/um/v2?partner=adobe&id=20087689495726173052808377013457567418 HTTP 302
• https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=20087689495726173052808377013457567418

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request fbi-guidance-evolves-on-ransomware-payments Show response duo.com/decipher/	32 KB 13 KB	1535ms 1479ms	Document text/html	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash ab17bd3bc0860378f24dc2f90c3d5f29402b6584b09d008f14376ec0d441929d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.cisco.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=300 content-encoding gzip content-security-policy frame-ancestors 'self' *.cisco.com; content-type text/html; charset=UTF-8 date Sat, 16 Dec 2023 02:08:06 GMT expires Sat, 16 Dec 2023 02:13:06 GMT permissions-policy interest-cohort=() referrer-policy no-referrer-when-downgrade server Duo/1.0 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-id In6AI3gLTaKFqUpSBvNaLdWA_aCtVq24mItqeB7qK4u8BfP11sBWXg== x-amz-cf-pop PRG50-C1 x-cache Miss from cloudfront x-content-type-options nosniff x-ua-compatible IE=Edge,chrome=1 x-xss-protection 1; mode=block
GET H2	200	production-2021.css duo.com/css/	546 KB 106 KB	209ms 209ms	Stylesheet text/css	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/css/production-2021.css?v=1702571410 Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash 02ce67749055a754e8779c758bb15fd6ca6706ffcd9babd3f76c42f5fcf0a5fa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma public date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip last-modified Thu, 14 Dec 2023 16:30:10 GMT server Duo/1.0 via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 etag W/"657b2d92-888e0" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 x-amz-cf-id 6UDLFlwk45hCfbpo66CS0EsDZJ9TCDnoL8_Qy6CqIYsX7cAfaDsn4g== expires Sun, 15 Dec 2024 02:08:07 GMT
GET H2	200	d-logo--dark.svg duo.com/assets/img/decipher/logos/	4 KB 2 KB	533ms 533ms	Image image/svg+xml	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://duo.com/assets/img/decipher/logos/d-logo--dark.svg Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash 431a961732e7d25ade3585946346fb7851946a1d8f4f4270b0b988914ba01520 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma public date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip last-modified Thu, 12 Oct 2023 17:30:20 GMT server Duo/1.0 via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 etag W/"65282d2c-ff5" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 x-amz-cf-id h_ifOLYNiClNVzreKgx2ghGuJfO1Q7ZrzLmooI4APKrH7cJWqKN0uQ== expires Sun, 15 Dec 2024 02:08:07 GMT
GET H2	200	aW1nL3Nlby1pbWFnZXMvbW9uZXktaG91c2UtZGVjaXBoZXIuanBn duo.com/img/asset/	153 KB 153 KB	910ms 910ms	Image image/jpeg	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://duo.com/img/asset/aW1nL3Nlby1pbWFnZXMvbW9uZXktaG91c2UtZGVjaXBoZXIuanBn?w=1000&h=470&fit=crop&s=0dcd1a8d0aeb7808b19eba73ed3a24cf Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash 1485a5093e9dfe57d0cbbcb912cd8c3e7c8e2089c64c27509f8ec8a0305b17e2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.cisco.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy frame-ancestors 'self' *.cisco.com; via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-cache Miss from cloudfront content-length 156396 x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 referrer-policy no-referrer-when-downgrade last-modified Sat, 16 Dec 2023 02:08:07 GMT server Duo/1.0 content-type image/jpeg cache-control max-age=300 permissions-policy interest-cohort=() x-amz-cf-id vLYneWz2JssR0rQISITJ1wSTtEyHM7lDRbjeLbM0m1oqXx9FQDySrg== expires Sat, 16 Dec 2023 02:13:07 GMT
GET H2	200	d-logo--footer.svg duo.com/assets/img/decipher/logos/	3 KB 2 KB	498ms 496ms	Image image/svg+xml	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://duo.com/assets/img/decipher/logos/d-logo--footer.svg Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash c33592c7a249c98164b3d533c58fae62ced2b403deab8f2d0cce4c4f1cbb285d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma public date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip last-modified Thu, 12 Oct 2023 17:30:20 GMT server Duo/1.0 via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 etag W/"65282d2c-b5f" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 x-amz-cf-id k7PZKhxqD1y7cgC4oe9Q_pwDG7EHRC55aRLwFmHltdomySEwZqNpbQ== expires Sun, 15 Dec 2024 02:08:07 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.1/	88 KB 31 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 12 Dec 2023 02:28:06 GMT content-encoding gzip x-content-type-options nosniff age 344401 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31100 x-xss-protection 0 last-modified Thu, 08 Sep 2022 18:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Dec 2024 02:28:06 GMT
GET H2	200	jquery-migrate-3.4.0.min.js Show response code.jquery.com/	13 KB 5 KB	29ms 6ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-migrate-3.4.0.min.js Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:07 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 7890282 x-cache HIT, HIT content-length 4792 x-served-by cache-lga21926-LGA, cache-fra-eddf8230106-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1702692487.200648,VS0,VE0 etag W/"28feccc0-3470" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 6969, 42105
GET H2	200	production-2021.min.js Show response duo.com/js/build/	818 KB 287 KB	215ms 214ms	Script application/javascript	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/js/build/production-2021.min.js?v=1701468610 Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash f14a0d52ae07e6186fde2ac9fe53b1af557c42e4b7d512fb29d30cfbefdfb08b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma public date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip last-modified Fri, 01 Dec 2023 22:10:10 GMT server Duo/1.0 via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 etag W/"656a59c2-cc98b" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 x-amz-cf-id Wtc3BwRiiF9oPXc4bdQj7208SKkQcfDqTygltvGdJJ0gxYjq7E1iGQ== expires Sun, 15 Dec 2024 02:08:07 GMT
GET H2	200	ctm.js Show response www.cisco.com/c/dam/cdc/t/	116 KB 30 KB	143ms 20ms	Script application/x-javascript	2a02:26f0:3500:88d::b33 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.cisco.com/c/dam/cdc/t/ctm.js Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:88d::b33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash ddd9cd88d53e18fee753c72e438c3db074505675f8d4a8bb151592fad687a917 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:07 GMT content-encoding gzip x-content-type-options nosniff content-security-policy upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/; strict-transport-security max-age=31536000 x-test-debug nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1 x-xss-protection 1; mode=block content-length 29128 pragma no-cache cdchost wemxweb-publish-prod2-05 server Apache etag "1d02e-60c7a40c40edb-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript cache-control max-age=0, no-cache, no-store accept-ranges bytes expires Sat, 16 Dec 2023 02:08:07 GMT
GET H2	200	search-script.min.js Show response customer.cludo.com/scripts/bundles/	211 KB 47 KB	53ms 18ms	Script application/javascript	2606:4700:10::6816:1d60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://customer.cludo.com/scripts/bundles/search-script.min.js Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1d60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e82d137f14ce692d5d0592699638b39e95e63a9389bf6141b940950f6c9d6d46 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:07 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 07 Dec 2023 15:59:24 GMT server cloudflare age 18 etag W/"0567592629da1:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=300 cf-ray 8363606d189fbb5c-FRA alt-svc h3=":443"; ma=86400 x-lb 4
GET H2	200	din1451alt-webfont.woff2 duo.com/fonts/din1451alt/	17 KB 18 KB	202ms 202ms	Font application/octet-stream	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/fonts/din1451alt/din1451alt-webfont.woff2 Requested by Host: duo.com URL: https://duo.com/css/production-2021.css?v=1702571410 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash e9f76eabead93f85fc4dc190dca4b1419dcd76b57b1c22649856b01d3ac2536e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.cisco.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://duo.com/css/production-2021.css?v=1702571410 Origin https://duo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy frame-ancestors 'self' *.cisco.com; via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-cache Miss from cloudfront content-length 17424 x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 referrer-policy no-referrer-when-downgrade last-modified Thu, 12 Oct 2023 17:30:43 GMT server Duo/1.0 etag "65282d43-4410" content-type application/octet-stream cache-control max-age=300 accept-ranges bytes x-amz-cf-id ik7ENqJ-FBf9HiSN8YONPDkiMQSboO6pjC3u82cStpStErhRqvXvHQ== expires Sat, 16 Dec 2023 02:13:07 GMT
GET H2	200	din1451alt_g-webfont.woff2 duo.com/fonts/din1451alt/	22 KB 23 KB	198ms 198ms	Font application/octet-stream	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/fonts/din1451alt/din1451alt_g-webfont.woff2 Requested by Host: duo.com URL: https://duo.com/css/production-2021.css?v=1702571410 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash ede067783c02098828dfe0bda385a9913ff79006eb2cd1a406bcc18e66cd7bad Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.cisco.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://duo.com/css/production-2021.css?v=1702571410 Origin https://duo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy frame-ancestors 'self' *.cisco.com; via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-cache Miss from cloudfront content-length 22668 x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 referrer-policy no-referrer-when-downgrade last-modified Thu, 12 Oct 2023 17:30:43 GMT server Duo/1.0 etag "65282d43-588c" content-type application/octet-stream cache-control max-age=300 accept-ranges bytes x-amz-cf-id jH3LDSWiSgp_4wTQO4Gjf_YKMhS_jV2rBRlG3xuEPWLD4PWfKnLGpg== expires Sat, 16 Dec 2023 02:13:07 GMT
GET H2	200	d-shape--blockquote.svg duo.com/assets/img/decipher/svg/	239 B 720 B	200ms 200ms	Image image/svg+xml	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://duo.com/assets/img/decipher/svg/d-shape--blockquote.svg Requested by Host: duo.com URL: https://duo.com/css/production-2021.css?v=1702571410 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash e2b5ac6297e5e12b9122d79ee4d3da217fd76f6631d2dc0c764442a7d05464b2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/css/production-2021.css?v=1702571410 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma public date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) last-modified Thu, 12 Oct 2023 17:30:20 GMT server Duo/1.0 x-amz-cf-pop PRG50-C1 etag "65282d2c-ef" x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 accept-ranges bytes content-length 239 x-amz-cf-id xHS0TDg2QX6JpGbqT_N8j2XCCzUCMFAUPi55qIPv_URKp3H-A6xo3Q== expires Sun, 15 Dec 2024 02:08:07 GMT
GET H2	200	diamond.svg duo.com/assets/img/decipher/svg/	187 B 668 B	507ms 506ms	Image image/svg+xml	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://duo.com/assets/img/decipher/svg/diamond.svg Requested by Host: duo.com URL: https://duo.com/css/production-2021.css?v=1702571410 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash 45f9c9efb71fae4c333607520017c544fb9dc13100dd260f6148eb179b919d68 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/css/production-2021.css?v=1702571410 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma public date Sat, 16 Dec 2023 02:08:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) last-modified Thu, 12 Oct 2023 17:30:20 GMT server Duo/1.0 x-amz-cf-pop PRG50-C1 etag "65282d2c-bb" x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 accept-ranges bytes content-length 187 x-amz-cf-id dYB4YyFwb6ZeeE3xsW2SEKGq-vzA-4lNVLbqFOwWpnZxctU48dKIrQ== expires Sun, 15 Dec 2024 02:08:07 GMT
GET H2	200	icon-sprite.svg Show response duo.com/fonts/	246 KB 82 KB	43ms 43ms	XHR image/svg+xml	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/fonts/icon-sprite.svg Requested by Host: duo.com URL: https://duo.com/js/build/production-2021.min.js?v=1701468610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash 060f31e069efd27cbc556f12d2ee13b502952a3b766b459d92451e211b84a2d3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 13:46:04 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 217323 x-cache Hit from cloudfront pragma public last-modified Wed, 22 Nov 2023 16:40:10 GMT server Duo/1.0 etag W/"655e2eea-3d92d" vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, public, must-revalidate, proxy-revalidate, max-age=31536000 x-amz-cf-id sB8MNlR8bg9wlHWHwlJaX-8UJQgzU6mqxXJtLw5eSbaR7FE5ElGBzA== expires Thu, 12 Dec 2024 13:46:04 GMT
GET H2	200	data.json Show response duo.com/assets/data/d-logo-dark/	195 KB 23 KB	209ms 209ms	XHR application/json	65.9.95.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://duo.com/assets/data/d-logo-dark/data.json Requested by Host: duo.com URL: https://duo.com/js/build/production-2021.min.js?v=1701468610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-120.prg50.r.cloudfront.net Software Duo/1.0 / Resource Hash 3876824c31a6ce8eb7d05c2e8c83ac54d557d91d32319903714ea5b9ec163a9c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.cisco.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff content-security-policy frame-ancestors 'self' *.cisco.com; content-encoding gzip via 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 x-cache Miss from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge,chrome=1 referrer-policy no-referrer-when-downgrade last-modified Thu, 12 Oct 2023 17:30:09 GMT server Duo/1.0 etag W/"65282d21-30b9d" vary Accept-Encoding content-type application/json cache-control max-age=300 x-amz-cf-id seBdPEelOc-IN_r_uSdp4VkdjS_dbBcU3BDC2Bu4FnKl7N9qC7Q2oQ== expires Sat, 16 Dec 2023 02:13:08 GMT
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	242 KB 60 KB	81ms 39ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Requested by Host: www.cisco.com URL: https://www.cisco.com/c/dam/cdc/t/ctm.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d49a7bb2dd9763733e04454fbd0b5c7f88fdf0d738651e15eb1c1dfe3c2a5d1e Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id .sQcPL0rQcOkINqD0I3U8vvYuk_zHWI5 content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:04:41 GMT last-modified Fri, 15 Dec 2023 22:02:21 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 208 x-amz-server-side-encryption AES256 etag W/"700fb3336e6c9ecd66ef5d04dd674dc0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id BFAEINuE--vBqRLXDliUFrFkfjuG2FDfaT-5LMuiC9J0IAg9JGBnxw==
GET H2	200	qualified.js Show response js.qualified.com/	326 KB 101 KB	441ms 425ms	Script text/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.qualified.com/qualified.js?token=QZjwGwGpcBiwkfRA&utv=ut4.51.202307052034 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c944c38321a12026f65557e2ca47c366a3f7992caf9b9713174423b70fd54086 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding gzip via 1.1 spaces-router (devel) strict-transport-security max-age=63072000; includeSubDomains cf-cache-status MISS x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id 036867fe-ad03-6dbb-46ef-9fa587229849 pragma no-cache x-runtime 0.019685 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"c944c38321a12026f65557e2ca47c366" x-download-options noopen vary Accept,Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 83636072a8b83a82-FRA expires Sat, 16 Dec 2023 06:08:08 GMT
GET H2	200	ga.js Show response ga.clearbit.com/v1/	4 KB 1 KB	281ms 253ms	Script application/javascript	18.153.4.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ga.clearbit.com/v1/ga.js?authorization=pk_c1d84afacb2932ce323e73b444908d45&utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-153-4-44.eu-central-1.compute.amazonaws.com Software envoy / Resource Hash 0e41b5d292bd4ba4d0eb7278327f366804b21e39b50cfb00506174a5d0dfd0da Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server envoy x-api-version 2018-02-14 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding content-type application/javascript;charset=utf-8 x-account-id 0b168c3a-7e98-434a-96e5-e211e5b08da1
GET H2	200	SmartForms.js Show response sfc.leadspace.com/	3 KB 3 KB	177ms 146ms	Script application/javascript	35.190.114.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sfc.leadspace.com/SmartForms.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.114.154 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 154.114.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 0645386b306fc6a2e7a59f44e38fb44e53c519a4ba0f0701e0caa07e9ab601d6 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=31536000 content-security-policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; age 0 x-guploader-uploadid ABPtcPovg6QDRyRxZc8QEoYlGE0ufHBnynMn6KM65eDh1IT11V7qnrgSLVsYgApzG50GKMnDrOXpYw-g8g x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2718 x-xss-protection 1; mode=block referrer-policy no-referrer last-modified Sun, 03 Dec 2023 06:36:49 GMT server UploadServer etag "557a04d61944100c7badd3f08c3e0fd3" x-frame-options SAMEORIGIN x-goog-generation 1701585409725275 x-goog-hash crc32c=6Pcn1A==, md5=VXoE1hlEEAx7rdPwjD4P0w== access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=3600 feature-policy camera 'none';payment 'none'; usermedia 'none'; sync-xhr 'self' https://*.leadspace.com x-goog-stored-content-length 2718 accept-ranges bytes content-type application/javascript expires Sat, 16 Dec 2023 03:08:08 GMT
GET H2	200	rd Show response dpm.demdex.net/id/ Redirect Chain https://dpm.demdex.net/id?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&d_nsid=0&ts=1702692488752 https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&d_nsid=0&ts=1702692488752	973 B 1 KB	36ms 35ms	XHR application/json	52.16.195.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&d_nsid=0&ts=1702692488752 Protocol H2 Server 52.16.195.54 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-195-54.eu-west-1.compute.amazonaws.com Software / Resource Hash 6696cf4dbaf80c8d2703293c426c2080222314c78ac3b9b4113691c6c637bb48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v054-074995c50.edge-irl1.demdex.com 2 ms pragma no-cache date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-tid +NpHBbI5QuE= vary Origin content-type application/json;charset=utf-8 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://duo.com cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 535 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-1-v054-083ffdefc.edge-irl1.demdex.com 0 ms pragma no-cache date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid 6iBoh+egRPk= vary Origin p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/id/rd?d_visid_ver=4.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&d_nsid=0&ts=1702692488752 access-control-allow-origin https://duo.com cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	xdcLsFrame.html Show response www.cisco.com/assets/ctm/xdc/ Frame EE67	171 B 1 KB	22ms 19ms	Document text/html	2a02:26f0:3500:88d::b33 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.cisco.com/assets/ctm/xdc/xdcLsFrame.html Requested by Host: www.cisco.com URL: https://www.cisco.com/c/dam/cdc/t/ctm.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:88d::b33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash c5a8e23e12a62ebdaf338a17bf129613d51570708ea83d12bbe48fde419ede55 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=4953 cdchost wemxweb-publish-prod1-03 content-encoding gzip content-length 147 content-security-policy upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/; content-type text/html;charset=utf-8 date Sat, 16 Dec 2023 02:08:08 GMT expires Sat, 16 Dec 2023 03:30:41 GMT server Apache strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-edgeconnect-midmile-rtt 0 0 x-edgeconnect-origin-mex-latency 37 37 x-frame-options SAMEORIGIN x-test-debug nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1 x-xss-protection 1; mode=block
GET H2	200	utag.5.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	74 KB 26 KB	43ms 41ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.5.js?utv=ut4.51.202312151545 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c344734258e7b14f296a3ebc53feebb20ebdef039c1bd3bb45ab92d329be1f9d Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id ZFDWz1p._MP0CAo2w6M6M7WaO95PZCEj content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:08:08 GMT last-modified Fri, 15 Dec 2023 22:02:16 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 269 x-amz-server-side-encryption AES256 etag W/"c0c934d1196779896fb2b8c7141b4e93" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 6nUpE3BjZMh_ZHHYEA9KtTDa0k9PojereVFrytFYXK1fUea65LVuCQ==
GET H2	200	utag.52.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	20 KB 7 KB	39ms 37ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.52.js?utv=ut4.51.202311281631 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c8ab34921e5e63f9a900948da91d759afde9627c6b1dfd7c19d9e359827f4004 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id mh54v25GstSNnqXFJrGPe.3Gbf3F2YJr content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:03:40 GMT last-modified Fri, 15 Dec 2023 22:02:19 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 269 x-amz-server-side-encryption AES256 etag W/"40145893ac787960452b2ef81bb2da60" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id pfMPbynpc_x9KSS4U6NucgW9q1t91T_QtxsAAfiZ2lGKjmGAf4Nr9w==
GET H2	200	utag.28.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	2 KB 1 KB	49ms 47ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.28.js?utv=ut4.51.202106171628 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ede5884449abd319a2e810d2874f030bc69eba57313ae0908dd70f7934ec8580 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id v0hDtMSs9NhsBEmioHj6.cgR.F9Cv3Kg content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:20 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"ebcc919db57088406456c7d18e43cf40" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id hcfqZTffMcaAdKpHjNoI_Q2FFTJIwr6kSSRvQNTqvmeDGTvfiIyMQw==
GET H2	200	utag.60.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	3 KB 2 KB	48ms 46ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.60.js?utv=ut4.51.202303102021 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c1b9aeda60188ff69d048e70d2ca26d87013a97c493ace9aacb8a747da4a51d0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id .Xc1KBHCuXagP8Hto7u9xjNVX9q2S21f content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:08:08 GMT last-modified Fri, 15 Dec 2023 22:02:18 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 268 x-amz-server-side-encryption AES256 etag W/"62c2600f74a8af5c5d9f72597fc9eb20" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id d-WC5NAqEmpiXq35lVNYMPqahKdNepvJ2vam9j96PvL-KMNtr0HoQA==
GET H2	200	utag.83.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	3 KB 2 KB	46ms 44ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.83.js?utv=ut4.51.202309011414 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ab61a7af323b0691a1a864946c5b325e07715bb98c39d10ab607ac73ac9f90d5 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id e.pA9K9GvKLIqhxbYuwuHMLJb_lMext4 content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:20 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"7ecb96f414699688bb2749cb9ad3b3a1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id TMUO-lVmmuBZBPBL0Vd5b_t74J41HW8ELrneNozYNVYSx9WSDkA85Q==
GET H2	200	utag.87.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	2 KB 1 KB	45ms 44ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.87.js?utv=ut4.51.202306151912 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 14360de400f83f1eb0b85ee92380111fc8ead68497a9ef0bdf1823abfdfb57e8 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id Qdw_9X_Ao2IywEXrwARTzuL7VkpY9Tha content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:16 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"a953a0cce28bf2acabc38ab5b17d3df6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id gL83R_OS6P4WafLxXKNgR-cJFNS29axL6Ck7Eqz9YE0wQUyAxRsH2A==
GET H2	200	utag.89.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	8 KB 3 KB	68ms 67ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.89.js?utv=ut4.51.202308031541 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9ad0a13a77f3029dc72026964dd61aca3a4758e4d692fe50a5c567fc4dc70b5c Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 6AtQrM0qJaE89BfpMaME7o5ykbtIZ4nf content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:08:08 GMT last-modified Fri, 15 Dec 2023 22:02:17 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 268 x-amz-server-side-encryption AES256 etag W/"4982de3d613da02de3f371c7ac1fe840" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id mDrMU0SFDnMFRlj13ZbRI_f-_RIa5zcpcJ903aEtbgeiklnmqZwGYw==
GET H2	200	utag.94.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	6 KB 2 KB	47ms 45ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.94.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1c04c053006124d13400454ca15570fc916d66a0821278a3c59a0a12d083e41d Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id n1ptUtQJhdabHTqpo7K8LEFjxwg9xj6n content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:21 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"81504c0ea7d8e5b9efc0225d3e1b6220" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 5-3zawKnx30ueDcFQOpWMtV3JIdtkYE_M8v-IclhdbKFFPO2NBHo6g==
GET H2	200	utag.95.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	5 KB 2 KB	50ms 48ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.95.js?utv=ut4.51.202310051646 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b6f79123d094b4e86627c272c9ffd7c50ee0550c2d0d3034d203efa9d854437c Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id lSzJZlJj7APMfFm8XSeYLalL.qWmJMIo content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:20 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"a6fc95b4334fd2afc6afac6f1972b329" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id Hht4lA5edEDQlzx-lYmK3kigta9Ca9QEPZXD5GcIgC8NhCSHCVKQKg==
GET H2	200	utag.96.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	2 KB 1 KB	48ms 47ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.96.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79e5d7a49956928199ac23c3ee2b44222bb9ee725719c773216232b8126e6ef1 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id FYEww41ycYV977XsDN2Twm_pl1nBFvMo content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:18 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"40673a7e077cc264566bebd9fafe551b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id pqeQU1de3g3E7wFdjSsBwyoGpWzOrTWTBPo9AC62sMSNppHQylYfeA==
GET H2	200	utag.97.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	2 KB 1 KB	62ms 61ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.97.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3cf118d268e04211ac39a0535491b1f336d6e9f543e0e7d7ed04bb7b380645a0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id tZ9vVESAka44VLBI_WuOMUDEM0wXAxvG content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:20 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"3e65768ac3d39dea0116737c342bb465" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id QtXdUhBr8i7GegVQRATeSbNSg59ni2Gu0yiQ6TECeZ8_mvhS9xhJVA==
GET H2	200	utag.99.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	3 KB 2 KB	61ms 60ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.99.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8db9fd6501705eb69339fd69f8cdf299c61bcb7d0c78fc351c36bdc1ca050a8c Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id Q.v6w66is67Q6zQnTTkT2ARmoBPKmQYb content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:21 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"28d313bb07dac2b30b1f7fb761848e3d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id cwumeSMGT0nTMBFlbPt28iXwvEVKNGxk-toO7gvuxKOUmpPMPO-z2g==
GET H2	200	utag.100.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	22 KB 7 KB	60ms 59ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.100.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f8d7955c125b6fc34aa6b5445782788dfd9dbc1e971557e7514e21cf185aa639 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id l40UQm6ATbSK6paa1CM_AlVIzCoNJVmW content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:19 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"2252e8bc1760091ebe32aebcc4532fbc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id UrPkCSFkwemhSRcQ9Pv4rh7ZWs-Ao664OxjXTVXUAhWDO6JsRqG5ug==
GET H2	200	utag.102.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	12 KB 5 KB	65ms 64ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.102.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash df22400eba0198978e80870bba8896e78b69135f1fcc10fda60ed1f19c9764f3 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id y7BtIlOfpyEFzvC4BIFI3Exaq05vZxgD content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:19 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"cfa8a018cdc821588c853445c6356b51" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id CvGxIdByX0bJw_HZVwENuSj-4Q7SWmaeE06a3iOUan_AfXjeneXgZw==
GET H2	200	utag.103.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	2 KB 1 KB	66ms 65ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.103.js?utv=ut4.51.202309272204 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a7c489c0f528fcc45481b29462e1496e02b90bbe63b5d5c5b70d3cf0f0d870d4 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id CIiAKRgb8BFgorCKsY3TBQKZZzi4i1pt content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:16 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"1157448cbd5bd1332c9fced7552b7033" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 3oOe0Eh3vX6kz234AGyi86FguETHWa7aOg9nkv4z23uUylB23WhMSA==
GET H2	200	utag.104.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	17 KB 6 KB	63ms 62ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.104.js?utv=ut4.51.202310051646 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a97d732fb03d2799289b67598ec5cc109b6368002f628cc9935a834db4ee8795 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id wJhlyh_FQkm4t6YcgbKy7FKEOF.sKbPO content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:17 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"cdd4e24e953bea045c5b835cea374b5d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id J16H_d34952UoHhSnQK4xdqym4Q09D3Sii-F7bK67-GVr7h5c8-D8g==
GET H2	200	utag.106.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	12 KB 5 KB	64ms 63ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.106.js?utv=ut4.51.202312112113 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0d82904124e348c060b139fa61117fadd1ec6026e4ce214127ac5ee65d30eb0c Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 6BlHPLwigx7M8tPkk4dcoqS2roexaCo7 content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:18 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"797755b0a1bc43cf63ef0a5c1237726e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 7mntjdx35Zft3FhnwvrZA_BUwBDl2sR_D1lDlOksOERoIqYpAuy4Cg==
GET H2	200	utag.107.js Show response tags.tiqcdn.com/utag/cisco/duo/prod/	2 KB 1 KB	63ms 63ms	Script application/javascript	2600:9000:2127:e000:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.107.js?utv=ut4.51.202312152200 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 49df780082c22dd1a435d616079684415d59223b8184b85d62e0741aba3731b3 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id yrUbcPwJG.DVmV6YGPUFDHRXW5gWHiB5 content-encoding br via 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront) date Sat, 16 Dec 2023 02:05:57 GMT last-modified Fri, 15 Dec 2023 22:02:20 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 132 x-amz-server-side-encryption AES256 etag W/"3cce7e6e6553f2b2e94f6e1f63e7e539" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 4hQgwNM7rbsaIIwYOgk85OGz7yzKa700mWTk1kkiRBvyL3na-wLn_w==
GET H2	200	xdc_ls_frame.js Show response www.cisco.com/assets/ctm/xdc/ Frame EE67	4 KB 3 KB	18ms 18ms	Script application/x-javascript	2a02:26f0:3500:88d::b33 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.cisco.com/assets/ctm/xdc/xdc_ls_frame.js Requested by Host: www.cisco.com URL: https://www.cisco.com/assets/ctm/xdc/xdcLsFrame.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:88d::b33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash f14921c01d1d4ba729dae79db6b5ce92b5bf50e1ac06b3c6746cd16b8c43c61f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.cisco.com/assets/ctm/xdc/xdcLsFrame.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 35, 35 date Sat, 16 Dec 2023 02:08:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy upgrade-insecure-requests; frame-ancestors *.cisco.com *.jasper.com *.ciscospark.com *.ciscolive.com http://cisco.lookbookhq.com https://cisco.lookbookhq.com testcisco.marketing.adobe.com cisco.marketing.adobe.com ciscosales.my.salesforce.com test.salesforce.com zedo.com hindustantimes.com economictimes.indiatimes.com *.webex.com *.cdw.com *.cdwg.com *.cdw.ca *.meraki-go.com http://ciscopartners.lookbookhq.com https://ciscopartners.lookbookhq.com ciscolearningsystem.com ciscocustomer.lookbookhq.com cisco.lookbookhq.com ccsmedia.com *.itquotes.ie dteonline.com ampito-cisco.com arkphire.com *.insight.com *.ccsmedia.com *.ebuyer.com *.lambda-tek.com *.storm-technologies.com *.vohkus.com *.bechtle.com *.rainfocus.com *.broadbandbuyer.com *.hardware.com shop.redpontem.com *.miro.com cisco.techdatavendors.be *.service-now.com *.thousandeyes.com *.duo.com duo.com *.umbrella.com *.pricespider.com *.mapbox.com cdnjs.cloudflare.com https://community.cisco.com/; strict-transport-security max-age=31536000 x-edgeconnect-midmile-rtt 0, 0 x-test-debug nURL=www.cisco.com,realm=0,isRealm=0,realmDomain=0,shortrealm=0,upgradeTest=1 x-xss-protection 1; mode=block content-length 1633 cdchost wemxweb-publish-prod2-01 server Apache etag "10f5-5fbf969ddc57c-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-javascript cache-control max-age=15838 accept-ranges bytes expires Sat, 16 Dec 2023 06:32:06 GMT
GET H/1.1	400 Bad Request	action.html cisco-tags.cisco.com/callback/ Redirect Chain https://cisco-tags.cisco.com/tag/auth/ntpagetag.gif?js=1&ts=1702692488801.748&lc=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&rs=1600x1200&cd=24&ln=en&tz=GMT%20%2B... https://id.cisco.com/oauth2/default/v1/authorize?response_type=code&scope=openid%20email&client_id=bf6c50dc-2843-4dab-aa45-9e994a90ea8c&state=ZP652YP8KCxRvGExALpA9b1LEY4&redirect_uri=https%3A%2F%2F... https://cisco-tags.cisco.com/callback/action.html?state=ZP652YP8KCxRvGExALpA9b1LEY4&error=login_required&error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in.	0 0	126ms 126ms	Image text/html	72.163.10.10 CISCOSYSTEMS
General Check archive.org Show headers Download Go to Show image Full URL https://cisco-tags.cisco.com/callback/action.html?state=ZP652YP8KCxRvGExALpA9b1LEY4&error=login_required&error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in. Protocol HTTP/1.1 Server 72.163.10.10 , United States, ASN109 (CISCOSYSTEMS, US), Reverse DNS cisco-tags.cisco.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Redirect headers x-okta-request-id ZX0GiVXLNbQ6eCPAhCfqDAAADII strict-transport-security max-age=315360000; includeSubDomains date Sat, 16 Dec 2023 02:08:09 GMT x-rate-limit-limit 60 x-rate-limit-remaining 59 p3p CP="HONK" server-timing cdn-cache; desc=MISS, edge; dur=99, origin; dur=250, ak_p; desc="1702692489521_3092670099_477151846_34841_8928_16_35_146";dur=1 content-length 0 x-xss-protection 0 pragma no-cache referrer-policy no-referrer server nginx content-language de location https://cisco-tags.cisco.com/callback/action.html?state=ZP652YP8KCxRvGExALpA9b1LEY4&error=login_required&error_description=The+client+specified+not+to+prompt%2C+but+the+user+is+not+logged+in. x-rate-limit-reset 1702692549 cache-control max-age=0, no-cache, no-store x-robots-tag noindex,nofollow expires Sat, 16 Dec 2023 02:08:09 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	78ms 20ms	Script application/x-javascript	65.9.99.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.99.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-99-119.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 15 Dec 2023 06:08:18 GMT Content-Encoding gzip Via 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront) Last-Modified Thu, 30 Nov 2023 03:37:28 GMT Server AmazonS3 X-Amz-Cf-Pop PRG50-C1 Age 71991 x-amz-server-side-encryption AES256 ETag W/"b7474eac210849250426a8f6a39d00f3" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id s07XRTmM_5H8fZlJRCi6RVQll34txyO1945M2eA2UH0IwlLnkArg_w==
GET H2	200	ebdaa317731b0.js Show response t.contentsquare.net/uxa/	288 KB 69 KB	172ms 42ms	Script application/javascript	65.9.95.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://t.contentsquare.net/uxa/ebdaa317731b0.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-10.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 916584fea353d6b693308f42bddff416b38ee4fb4d5b827b2e5f934b9279dc42 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 09:01:16 GMT content-encoding br via 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 0 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 70592 last-modified Wed, 13 Dec 2023 09:00:06 GMT server AmazonS3 etag "e672ee883f5695b74be4d27b330af9a5" vary Origin content-type application/javascript;charset=utf-8 cache-control max-age=900 accept-ranges bytes timing-allow-origin * x-amz-cf-id v-xv_ql-0bm2zgQbxETwkVVflw-o1ZIDDl5OozqK5ervOA9i2sHu1A==
GET H2	200	amzn.js Show response c.amazon-adsystem.com/aat/	10 KB 10 KB	35ms 6ms	Script application/javascript	108.138.1.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aat/amzn.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.1.25 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-1-25.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4718f2f95ea76dc896b886691313284821dfdc5756c231e408c0e561245ef148 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id pKjOAyJ1afZgyDhZMivejSJCVk4Z671j date Sat, 16 Dec 2023 02:00:09 GMT via 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:19:36 GMT server AmazonS3 x-amz-cf-pop FRA56-P6 age 480 x-amz-server-side-encryption AES256 etag "a299e3aa8a30791a9bed47cb3d084bac" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 9992 x-amz-cf-id TfEvTBJ8pw3_woC5DTUDNNm9kdABoH9RgvRsjufeUkL33QLzHip50w==
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	50ms 35ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.96.js?utv=ut4.51.202309272204 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sat, 16 Dec 2023 02:08:08 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 19AB2314F317452AB0EA418B1232D509 Ref B: FRAEDGE1422 Ref C: 2023-12-16T02:08:08Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	gtm.js Show response www.googletagmanager.com/	378 KB 110 KB	52ms 26ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MFPB9D&l=dataLayer Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 61faf12fb5a80abbc200827ba89a350aaf897b8cf47528355ffff1a7a58686fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111797 x-xss-protection 0 last-modified Sat, 16 Dec 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 16 Dec 2023 02:08:08 GMT
GET H2	200	6si.min.js Show response j.6sc.co/	63 KB 17 KB	722ms 176ms	Script application/javascript	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 866f95a29f2e5243396cc414fb76d4d75718843cfe1e2f4435f6ad21351ba402 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 15 Dec 2023 02:04:15 GMT server nginx/1.14.0 (Ubuntu) etag "657bb41f-fdbc" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 17422 expires Sat, 16 Dec 2023 02:08:09 GMT
GET H/1.1	200 OK	elqCfg.min.js Show response img.en25.com/i/	6 KB 3 KB	49ms 12ms	Script application/x-javascript	23.37.51.81 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/i/elqCfg.min.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.51.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-51-81.deploy.static.akamaitechnologies.com Software / Resource Hash 3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Sat, 16 Dec 2023 02:08:08 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 2183 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 04 Oct 2023 18:38:07 GMT ETag "b8e913ebf1f6d91:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex, nofollow Expires Sat, 16 Dec 2023 02:08:08 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	23ms 8ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 16 Dec 2023 02:08:08 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug bUY4vrTJowC7+gIMMkUaJxH3Ea3EMshjqvWs9WL01PqmZSTHq8cY6NNHUKyqseQYb/Xj/JIkVuteaeWVKcWIGg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	bizible.js Show response cdn.bizible.com/scripts/	67 KB 25 KB	78ms 14ms	Script application/x-javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/scripts/bizible.js?account=duo.com Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6BA7) / Resource Hash 196d92bf5816c956d998e5e2eb9579e8169d427dc9e6c19b07ef3c304c950686 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSub last-modified Thu, 14 Dec 2023 23:05:32 GMT server ECS (amb/6BA7) age 17743 etag "b4aa99e22eda1:0" vary Accept-Encoding x-cache HIT content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes content-length 25393
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	4 KB 2 KB	654ms 278ms	Script application/javascript	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKAV1QJC77U2JMMIPBFG&lib=ttq Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 448c20442e67c7be98d3dc8cfc81bc7414a1c3adf1094fdcbaf7e1de0ed4a246 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-akamai-request-id 9862082c.3d8ca84d date Sat, 16 Dec 2023 02:08:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020809EF2C6A11636AC26F96E4-6193C28595FDA203-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 100,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=6, inner; dur=3 content-length 1545 pragma no-cache server nginx x-tt-logid 20231216020809EF2C6A11636AC26F96E4 x-cache-remote TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 6,23.48.100.43 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051ecbf342052f68e7c8aa58d82379668092b5479a5b8e03013323658712c60cee40fae6ad95057eaffad96efdab49e4b1d6ac94737de6c9f1f4c4f5e7b69f5efe4605b08dfd1f9aacf8c4389f7d7defb53 expires Sat, 16 Dec 2023 02:08:09 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	42 KB 15 KB	58ms 13ms	Script application/javascript	2a02:26f0:3500:16::215:148d AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Dec 2023 13:09:33 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=22414 accept-ranges bytes content-length 15541
GET H2	200	site-script.js Show response cdn.metadata.io/	7 KB 3 KB	117ms 33ms	Script application/javascript	2600:9000:2127:8800:9:d7d4:1380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.metadata.io/site-script.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.107.js?utv=ut4.51.202312152200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:8800:9:d7d4:1380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2e8ac193dd69f6561479a2c46c7089f5b1c66c4afa36ec74958be270e25e3db3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id mWfr8wxku1ozz3DdYlV.O4nCQVFUqKXx content-encoding gzip via 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront) date Fri, 15 Dec 2023 16:53:49 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop PRG50-C1 age 33290 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 12 Dec 2023 16:47:45 GMT server AmazonS3 etag W/"4c08eb9605ac986944978f7081c30a96" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/javascript x-amz-cf-id JH_aVdjQVQ5mqOnCAC_ZFtLiqB5no-u4BeeQrzckyY7ZMSVnFsS5vw==
GET H2	200	lp.js Show response metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/	6 KB 2 KB	38ms 13ms	Script application/x-javascript	2606:4700::6812:cc0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.103.js?utv=ut4.51.202309272204 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT x-amz-request-id tx0000000000000996d86e6-00656a239e-521f6452-sfo2a age 28016 x-envoy-upstream-healthchecked-cluster last-modified Thu, 22 Sep 2022 17:10:43 GMT server cloudflare etag W/"9a8767fa98da937fb02cdbbc52a101bb" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/x-javascript x-do-cdn-uuid 80b6018b-293e-4962-9bc8-48075e637d03 x-rgw-object-type Normal cache-control max-age=604800 cf-ray 83636077ac023661-FRA
GET H/1.1	200 OK	iu3 Show response s.amazon-adsystem.com/ Frame EDE2 Redirect Chain https://s.amazon-adsystem.com/iu3?pid=f808e024-acca-4e83-a13b-f65567e77575&event=Pageview&ts=1702692488851 https://s.amazon-adsystem.com/iu3?pid=f808e024-acca-4e83-a13b-f65567e77575&event=Pageview&ts=1702692488851&dcc=t	65 B 896 B	132ms 132ms	Document text/html	52.46.151.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/iu3?pid=f808e024-acca-4e83-a13b-f65567e77575&event=Pageview&ts=1702692488851&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aat/amzn.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 65 Content-Type text/html;charset=ISO-8859-1 Date Sat, 16 Dec 2023 02:08:09 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid D7SA11C4EVYNKT751311 Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Sat, 16 Dec 2023 02:08:09 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://s.amazon-adsystem.com/iu3?pid=f808e024-acca-4e83-a13b-f65567e77575&event=Pageview&ts=1702692488851&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid 24EZ54CFPEJR85J2B5WA
GET H2	200	216127175396154 Show response connect.facebook.net/signals/config/	139 KB 36 KB	70ms 69ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/216127175396154?v=2.9.138&r=stable&domain=duo.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cec34de85f0fd42563f7ebade6803e428f9498da70f1599cb4f8c79efae56a1a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 16 Dec 2023 02:08:08 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug Gzon7P9uwPpaS3K8QzfDc13qGVzVoW0kIicWCiNfsZOe0wrDijkWN00HyzUJn7UbE3rtLeo/PZsvxrkm4k1a7g== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	4006052.js Show response bat.bing.com/p/action/	0 116 B	77ms 76ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4006052.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sat, 16 Dec 2023 02:08:08 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: C828775225944373A998B43258858410 Ref B: FRAEDGE1422 Ref C: 2023-12-16T02:08:08Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 285 B	29ms 29ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4006052&Ver=2&mid=0e57f06b-0af2-4e03-9e5f-1693e0d96bc1&sid=f51eaa209bb711ee82d087f02ea6b6aa&vid=f51ebc209bb711eeb994750191d28bcd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&p=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&r=&lt=3139&evt=pageLoad&sv=1&rn=341570 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sat, 16 Dec 2023 02:08:08 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 51F852DFF00448488B493EB8C70FB0E3 Ref B: FRAEDGE1422 Ref C: 2023-12-16T02:08:08Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	svrGP.aspx s860818199.t.eloqua.com/visitor/v200/ Redirect Chain https://s860818199.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=860818199&ref2=elqNone&tzo=-60&ms=882&optin=disabled https://s860818199.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=860818199&ref2=elqNone&tzo=-60&ms=882&optin=disabled&elqCookie=1	49 B 448 B	150ms 150ms	Image image/gif	147.154.54.13 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://s860818199.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=860818199&ref2=elqNone&tzo=-60&ms=882&optin=disabled&elqCookie=1 Protocol HTTP/1.1 Server 147.154.54.13 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software / Resource Hash f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Sat, 16 Dec 2023 02:08:09 GMT X-Content-Type-Options nosniff Content-Type image/gif P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Cache-Control no-store X-Robots-Tag noindex, nofollow Content-Length 49 X-Xss-Protection 1; mode=block Expires -1 Redirect headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Sat, 16 Dec 2023 02:08:09 GMT X-Content-Type-Options nosniff Content-Type text/html; charset=utf-8 Location https://s860818199.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=860818199&ref2=elqNone&tzo=-60&ms=882&optin=disabled&elqCookie=1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Cache-Control no-store X-Robots-Tag noindex, nofollow Content-Length 274 X-Xss-Protection 1; mode=block Expires -1
GET H2	200	up Show response insight.adsrvr.org/track/ Frame E670	0 60 B	104ms 33ms	Document text/html	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=rshxraz&ref=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&upid=hpvhlc2&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 0 content-type text/html date Sat, 16 Dec 2023 02:08:08 GMT server Kestrel
GET H2	200	js Show response www.googletagmanager.com/gtag/	264 KB 88 KB	24ms 22ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-95Z7P6PE75&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFPB9D&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c37de9c945f3b14496913b69b4ace65be548c70898ad9068f4bc4b0d9bbcaf30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90305 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 16 Dec 2023 02:08:08 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	270 KB 90 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-KP8QEFW4ML&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFPB9D&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 47635cf974a3d4308943918f7a5b6ce939b6dd5d8ea4cdab592abe93fdee598d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92251 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 16 Dec 2023 02:08:08 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFPB9D&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 16 Dec 2023 01:48:14 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1194 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 16 Dec 2023 03:48:14 GMT
GET H/1.1	200 OK	munchkin-beta.js Show response munchkin.marketo.net/	1 KB 1 KB	86ms 26ms	Script application/x-javascript	104.64.124.188 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin-beta.js Requested by Host: duo.com URL: https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-64-124-188.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash aaf173c00687da3d4328c0a1593d764175af1cb6708fa79ca5febcdc5f7de161 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 02:08:08 GMT Content-Encoding gzip Last-Modified Fri, 03 Feb 2023 02:35:29 GMT Server AkamaiNetStorage ETag "7ea9bdc17bda32d919638e9e573666e3:1675391729.535053" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 728
GET H2	200	web-vitals.iife.js Show response unpkg.com/web-vitals@3.5.0/dist/ Redirect Chain https://unpkg.com/web-vitals https://unpkg.com/web-vitals@3.5.0 https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js	7 KB 3 KB	16ms 16ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js Protocol H2 Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 3113535 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HEVCSGHNMFFWGEWZZRQK9BA7-fra server cloudflare etag W/"1c0d-zW8RvTlYH7YAF4tIT+4z8RfNaCg" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8363607869174d49-FRA Redirect headers date Sat, 16 Dec 2023 02:08:08 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HGEZF0A1GYXK5R4G836TX0JF-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 1382679 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /web-vitals@3.5.0/dist/web-vitals.iife.js cache-control public, max-age=31536000 cf-ray 8363607818f44d49-FRA
GET H2	200	dest5.html Show response cisco.demdex.net/ Frame 2335	7 KB 3 KB	42ms 34ms	Document text/html	52.16.195.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cisco.demdex.net/dest5.html?d_nsid=0 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.16.195.54 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-195-54.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Sat, 16 Dec 2023 02:08:08 GMT dcs dcs-prod-irl1-2-v054-0b71ea9a0.edge-irl1.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Fri, 17 Nov 2023 11:54:10 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid yOfKpqVrTZs=
GET H2	200	id Show response smetrics.cisco.com/	48 B 450 B	124ms 19ms	XHR application/x-javascript	63.140.62.22 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://smetrics.cisco.com/id?d_visid_ver=4.1.0&d_fieldgroup=A&mcorgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&mid=13243537110904580723420699533659252539&ts=1702692488913 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.22 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-22.data.adobedc.net Software jag / Resource Hash f971d9f974fe96ff7ca81237eacfe8140aa44402bd7ddfee4dcb5c6767c5b611 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://duo.com p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 48 x-xss-protection 1; mode=block
GET H2	200	ipv cdn.bizible.com/	43 B 306 B	13ms 13ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=51c9a2f588984473b74af98524416b5a&_biz_l=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&_biz_t=1702692488956&_biz_i=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&_biz_n=0&rnd=100089&cdn_o=a&_biz_z=1702692488957 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B77) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=31536000; includeSub last-modified Tue, 12 Dec 2023 17:44:10 GMT server ECS (amb/6B77) age 289438 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	u cdn.bizibly.com/	43 B 204 B	22ms 13ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizibly.com/u?_biz_u=51c9a2f588984473b74af98524416b5a&_biz_l=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&_biz_t=1702692488958&_biz_i=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&rnd=407427&cdn_o=a&_biz_z=1702692488958 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B97) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=31536000; includeSub last-modified Tue, 12 Dec 2023 17:44:16 GMT server ECS (amb/6B97) age 289432 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1709786%252C7540%26time%3D1702692488970%26url%3Dhttps%253A%252F%252Fduo.com%252Fd... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true&liSync=true...	0 263 B	184ms 148ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true&liSync=true&e_ipv6=AQLkXlnSe0ecsQAAAYxwYYjZV6CGUMsfiBF6tXmZcoYxFwVNfUNfyS-hzgGdPmYsigQ2blu2MXd3hHoEuQ0Qg2lw3xkFvw Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:08 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 2763B5F30B14499880840C8A30E99757 Ref B: FRAEDGE2018 Ref C: 2023-12-16T02:08:09Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYMlv0BTLJ12MM/omACIA== Redirect headers date Sat, 16 Dec 2023 02:08:09 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 50FEE1ED71674890A7C4E64F4003FD92 Ref B: FRAEDGE1105 Ref C: 2023-12-16T02:08:09Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709786%2C7540&time=1702692488970&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cookiesTest=true&liSync=true&e_ipv6=AQLkXlnSe0ecsQAAAYxwYYjZV6CGUMsfiBF6tXmZcoYxFwVNfUNfyS-hzgGdPmYsigQ2blu2MXd3hHoEuQ0Qg2lw3xkFvw x-li-proto http/2 content-length 0 x-li-uuid AAYMlvz+ebEfHiOE8zP0Kw==
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 829 B	171ms 151ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 16 Dec 2023 02:08:08 GMT nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 1379127AFECD4DF988C4DCD2F3327122 Ref B: FRAEDGE1105 Ref C: 2023-12-16T02:08:08Z linkedin-action 1 vary Origin report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-fabric prod-ltx1 access-control-allow-origin https://duo.com x-cache CONFIG_NOCACHE x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYMlvz47Iu0k808kpgp9g==
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 141 B	15ms 13ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=857165174&t=pageview&_s=1&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&ul=en-us&de=UTF-8&dt=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=2116791846&gjid=548436187&cid=1557098894.1702692489&tid=UA-20141016-1&_gid=1424799834.1702692489&_r=1&_slc=1&gtm=45He3bt0n71MFPB9Dv71885818&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=377370173 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:08 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 343 B	80ms 37ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20141016-1&cid=1557098894.1702692489&jid=1891351867&gjid=1752364224&_gid=1424799834.1702692489&_u=YGDAgAABAAAAAG~&z=1505191298 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	7ms 7ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=857165174&t=pageview&_s=1&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&ul=en-us&de=UTF-8&dt=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAABAAAAAC~&jid=1891351867&gjid=1752364224&cid=1557098894.1702692489&tid=UA-20141016-1&_gid=1424799834.1702692489&gtm=45He3bt0n71MFPB9Dv71885818&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cg3=Decipher%20Traffic%20Only&z=1130946336 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 15 Dec 2023 23:13:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 10464 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 248 B	34ms 13ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-95Z7P6PE75&gtm=45je3bt0v884482885z871885818&_p=1702692488814&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1557098894.1702692489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702692489&sct=1&seg=0&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&dt=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&en=page_view&_fv=1&_ss=1&tfd=3388 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-95Z7P6PE75&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	61ms 41ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-95Z7P6PE75&cid=1557098894.1702692489&gtm=45je3bt0v884482885z871885818&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-95Z7P6PE75&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	38ms 18ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-95Z7P6PE75&cid=1557098894.1702692489&gtm=45je3bt0v884482885z871885818&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=121361749 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xdc.js Show response cdn.bizible.com/	116 B 326 B	122ms 121ms	Script text/javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/xdc.js?_biz_u=51c9a2f588984473b74af98524416b5a&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.12.14 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6BC3) / Resource Hash 79829231a69f5d218713900118644c173916b5fee3b2490d0ad3fabd5d9c8e94 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSub server ECS (amb/6BC3) etag FFA3CC85 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 content-length 219
GET H2	200	/ www.facebook.com/tr/	0 185 B	22ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=216127175396154&ev=PageView&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&rl=&if=false&ts=1702692489023&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1702692489022.1552703624&cs_est=true&ler=empty&it=1702692488873&coo=false&eid=efed4d335bd70bbd41eba1c102c89836&tm=1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 16 Dec 2023 02:08:09 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	45ms 45ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20141016-1&cid=1557098894.1702692489&jid=2116791846&gjid=548436187&_gid=1424799834.1702692489&_u=YEBAAAAAAAAAAC~&z=371456401 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	14ms 13ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-KP8QEFW4ML&gtm=45je3bt0v880413333z871885818&_p=1702692488814&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1557098894.1702692489&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702692489&sct=1&seg=0&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&dt=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&en=page_view&_fv=1&_ss=1&tfd=3425 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-KP8QEFW4ML&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 45 B	45ms 45ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KP8QEFW4ML&cid=1557098894.1702692489&gtm=45je3bt0v880413333z871885818&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-KP8QEFW4ML&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://duo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	18ms 18ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KP8QEFW4ML&cid=1557098894.1702692489&gtm=45je3bt0v880413333z871885818&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=234026701 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ibs:dpid=771&dpuuid=CAESEEWihbP7cOeLa2nKMd2g-yo&google_cver=1 dpm.demdex.net/ Frame 2335 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjAwODc2ODk0OTU3MjYxNzMwNTI4MDgzNzcwMTM0NTc1Njc0MTg= https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjAwODc2ODk0OTU3MjYxNzMwNTI4MDgzNzcwMTM0NTc1Njc0MTg=&google_tc= https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEWihbP7cOeLa2nKMd2g-yo&google_cver=1?gdpr=0&gdpr_consent=	42 B 717 B	37ms 37ms	Image image/gif	52.16.195.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEWihbP7cOeLa2nKMd2g-yo&google_cver=1?gdpr=0&gdpr_consent= Protocol H2 Server 52.16.195.54 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-195-54.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cisco.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers dcs dcs-prod-irl1-1-v054-0dd64a28b.edge-irl1.demdex.com 2 ms pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid klGBg0YNSB8= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEWihbP7cOeLa2nKMd2g-yo&google_cver=1?gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	s67892262147783 Show response smetrics.cisco.com/b/ss/cisco-complete/10/JS-2.12.0/	927 B 1 KB	42ms 42ms	Script application/x-javascript	63.140.62.22 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://smetrics.cisco.com/b/ss/cisco-complete/10/JS-2.12.0/s67892262147783?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F11%2F2023%203%3A8%3A9%206%20-60&d.&nsid=0&jsonv=1&.d&sdid=7C2C4271DAE45CA6-18FBEE85C889C9B5&mid=13243537110904580723420699533659252539&aamlh=6&ce=UTF-8&ns=cisco&pageName=duo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&g=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&cc=USD&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=fbi%20guidance%20evolves%20on%20ransomware%20payments%20%7C%20decipher&h1=duo.com%3Adecipher%3Afbi-guidance-evolves-on-ransomware-payments&c2=undefined%3Ano%20iapath%3Afbi-guidance-evolves-on-ransomware-payments&c3=duo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&h3=no%20iapath&c10=6%3A08%20PM%7CFriday&v10=6%3A08%20PM%7CFriday&v25=duo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&v26=no%20contenttype&c28=no%20iapath&v28=no%20iapath&c33=en-us&v33=en-us&c41=duo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&c46=ut4.51.202312152201&c50=cisco-complete&c51=unavailable&c53=no%20contenttype&v63=unavailable&v77=AppMeasurement%3D2.12.0%2CVisitorJS%3D4.1.0%2CMbox%3Dna&v78=dnt%3Dfalse%2Ccookies%3Dtrue%2Clocalstorage%3Dtrue&v92=0.057411221327527295_1702692488924&v98=cisco.duo&v106=13243537110904580723420699533659252539&v177=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B8D07FF4520E94C10A490D4C%40AdobeOrg&AQE=1 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/cisco/duo/prod/utag.5.js?utv=ut4.51.202312151545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.62.22 , United States, ASN15224 (OMNITURE, US), Reverse DNS ip-63-140-62-22.data.adobedc.net Software jag / Resource Hash 2297dd16c5f252df49fea00763786e43f863533f3fd1985f30f17cbeceeaedc6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-aam-tid YZjVWigiQM8= date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff p3p CP="This is not a P3P policy" content-length 927 x-xss-protection 1; mode=block dcs dcs-prod-irl1-2-v054-05129358f.edge-irl1.demdex.com 3 ms pragma no-cache last-modified Sun, 17 Dec 2023 02:08:09 GMT server jag etag 3656504279287693312-4617501847363498844 vary * content-type application/x-javascript;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Fri, 15 Dec 2023 02:08:09 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/163/	11 KB 5 KB	27ms 27ms	Script application/x-javascript	104.64.124.188 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/163/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin-beta.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-64-124-188.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 02:08:09 GMT Content-Encoding gzip Last-Modified Fri, 06 Jan 2023 02:26:40 GMT Server AkamaiNetStorage ETag "ea7826f34518d7c2295738f39c7640fa:1672972000.238769" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Length 4741 Expires Mon, 25 Mar 2024 02:08:09 GMT
GET H2	200	u cdn.bizible.com/	43 B 109 B	13ms 13ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/u?mapType=ecid&mapValue=B8D07FF4520E94C10A490D4C%40AdobeOrg_13243537110904580723420699533659252539&_biz_u=51c9a2f588984473b74af98524416b5a&_biz_l=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&_biz_t=1702692488959&_biz_i=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&_biz_n=1&rnd=826820&cdn_o=a&_biz_z=1702692489072 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B97) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSub last-modified Tue, 12 Dec 2023 17:44:16 GMT server ECS (amb/6B97) age 289433 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	39ms 17ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20141016-1&cid=1557098894.1702692489&jid=1891351867&_u=YGDAgAABAAAAAG~&z=1522089174 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	19ms 18ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20141016-1&cid=1557098894.1702692489&jid=1891351867&_u=YGDAgAABAAAAAG~&z=1522089174 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	36ms 18ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20141016-1&cid=1557098894.1702692489&jid=2116791846&_u=YEBAAAAAAAAAAC~&z=2022889883 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	17ms 16ms	Image image/gif	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20141016-1&cid=1557098894.1702692489&jid=2116791846&_u=YEBAAAAAAAAAAC~&z=2022889883 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xdframe-single-domain-1.2.0.html Show response csxd.contentsquare.net/uxa/ Frame 5B59	2 KB 1 KB	142ms 20ms	Document text/html	2600:9000:2127:3e00:1b:ed91:4680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://csxd.contentsquare.net/uxa/xdframe-single-domain-1.2.0.html?pid=5637 Requested by Host: t.contentsquare.net URL: https://t.contentsquare.net/uxa/ebdaa317731b0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:3e00:1b:ed91:4680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 535feb1335a0a42ed2cd06f68cb63002dbda9d385ecd00fbbc0697ae98c6b32f Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 5261214 cache-control max-age=31536000 content-encoding gzip content-type text/html date Mon, 16 Oct 2023 04:41:16 GMT etag W/"17303eed7f8afe41b1523ca58723426b" last-modified Fri, 04 Aug 2023 17:04:45 GMT server AmazonS3 vary Accept-Encoding via 1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront) x-amz-cf-id 2gfg7HeszI5RuomXO8qBZI1OthdFtiSUjn5-qOuyjTFJwA16wBHYIg== x-amz-cf-pop PRG50-C1 x-amz-server-side-encryption AES256 x-amz-version-id null x-cache Hit from cloudfront
GET BLOB	200 OK	cef3cb16-b83d-4d01-bdb3-6842cf6dd677 https://duo.com/	7 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://duo.com/cef3cb16-b83d-4d01-bdb3-6842cf6dd677 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash cd6f19ed889f24b9bcbde6c982c5b4ec540eb533baea58bf8e6bb1c14155c7d3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Length 7329 Content-Type application/javascript
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 6ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=857165174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&ul=en-us&de=UTF-8&dt=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v3-1702692489103-6575912050404&ev=3327&_u=aGDAAEABAAAAAGAAI~&jid=&gjid=&cid=1557098894.1702692489&tid=UA-20141016-1&_gid=1424799834.1702692489&gtm=45He3bt0n71MFPB9Dv71885818&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=667119835 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 15 Dec 2023 06:03:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72300 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	6ms 6ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=857165174&t=event&ni=1&_s=1&dl=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&ul=en-us&de=UTF-8&dt=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=v3-1702692489103-2934601431304&ev=1535&_u=aGDAAEABAAAAAGAAI~&jid=&gjid=&cid=1557098894.1702692489&tid=UA-20141016-1&_gid=1424799834.1702692489&gtm=45He3bt0n71MFPB9Dv71885818&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1887065121 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 15 Dec 2023 06:03:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 72300 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.0	200 OK	visitWebPage 074-uqx-410.mktoresp.com/webevents/	43 B 121 B	1308ms 156ms	Ping image/gif	199.15.214.243 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://074-uqx-410.mktoresp.com/webevents/visitWebPage?_mchNc=1702692489118&_mchCn=&_mchId=074-UQX-410&_mchTk=_mch-duo.com-1702692489118-32048&_mchHo=duo.com&_mchPo=&_mchRu=%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&_mchPc=https%3A&_mchVr=163&_mchEcid=B8D07FF4520E94C10A490D4C%40AdobeOrg%3A6%3A13243537110904580723420699533659252539&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/163/munchkin.js Protocol HTTP/1.0 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.15.214.243 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software BigIP / Resource Hash cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Connection Keep-Alive Content-Length 43 Server BigIP
GET H2	200	adsct analytics.twitter.com/i/ Frame 2335	43 B 392 B	229ms 189ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?p_user_id=20087689495726173052808377013457567418&p_id=38594 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_f / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://cisco.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-response-time 171 date Sat, 16 Dec 2023 02:08:08 GMT strict-transport-security max-age=631138519 server tsa_f content-type image/gif;charset=utf-8 x-transaction-id f72e77194b12be8e cache-control no-cache, no-store, max-age=0 perf 7469935968 x-connection-hash a0b0b657b41ce160b0c1c0a0e44e5b471a5e71b6ee122ba8d50eb8824090d070 content-length 43
GET H2	204	pageview c.contentsquare.net/	0 320 B	122ms 29ms	Image text/plain	52.208.62.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.contentsquare.net/pageview?pid=5637&uu=490a71ec-97c5-af7f-fd84-c346853140e4&sn=1&hd=1702692489&pn=1&dw=1600&dh=4016&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&uc=0&la=en-US&v=13.75.4&pvt=n&ex=&r=041744 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.62.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-62-184.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 content-disposition inline timing-allow-origin * access-control-allow-headers Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With expires Sun, 24 Oct 1982 23:00:00 GMT
GET H2	200	ibs:dpid=30646 dpm.demdex.net/ Frame 2335 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=20087689495726173052808377013457567418&gdpr=0&gdpr_consent= https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=20087689495726173052808377013457567418&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-n7RVtsFE2pE4hX_6KDBGGv5Vrn9fs0E3j.w-~A	42 B 718 B	35ms 35ms	Image image/gif	52.16.195.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-n7RVtsFE2pE4hX_6KDBGGv5Vrn9fs0E3j.w-~A Protocol H2 Server 52.16.195.54 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-195-54.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cisco.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers dcs dcs-prod-irl1-2-v054-0d743c645.edge-irl1.demdex.com 1 ms pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid 9+nBWvReTgI= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers location https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-n7RVtsFE2pE4hX_6KDBGGv5Vrn9fs0E3j.w-~A date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.94 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	200 OK	messenger Show response app.qualified.com/w/1/QZjwGwGpcBiwkfRA/ Frame 31DC	6 KB 3 KB	315ms 116ms	Document text/html	54.225.233.21 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.qualified.com/w/1/QZjwGwGpcBiwkfRA/messenger?uuid=e2314771-55c6-4b7d-a5bb-3e2ab05eb08f Requested by Host: js.qualified.com URL: https://js.qualified.com/qualified.js?token=QZjwGwGpcBiwkfRA&utv=ut4.51.202307052034 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.225.233.21 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-225-233-21.compute-1.amazonaws.com Software / Resource Hash 34d41214bae54184f3776a5ee221573803a0b1f1317422cfd9afcbc6a69764af Security Headers Name Value Content-Security-Policy Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, private, must-revalidate Content-Encoding gzip Content-Length 1794 Content-Security-Policy Content-Type text/html; charset=utf-8 Date Sat, 16 Dec 2023 02:08:09 GMT Etag W/"34d41214bae54184f3776a5ee2215738" Link <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush Referrer-Policy strict-origin-when-cross-origin Strict-Transport-Security max-age=63072000; includeSubDomains Vary Accept-Encoding Via 1.1 spaces-router (devel) X-Content-Type-Options nosniff X-Download-Options noopen X-Permitted-Cross-Domain-Policies none X-Request-Id df42c299-1b34-dbbb-9a8a-73b8ca9d1cb2 X-Runtime 0.021523 X-Xss-Protection 1; mode=block
GET H2	204	dvar c.contentsquare.net/	0 319 B	91ms 29ms	Image text/plain	52.208.62.184 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://c.contentsquare.net/dvar?v=13.75.4&pid=5637&pn=1&sn=1&uu=490a71ec-97c5-af7f-fd84-c346853140e4&dv=H4sIAAAAAAAAA6tWSi72TSxJzsjMS%2FdOrVSyUjLQMzA1NzE0NDIyNDYyNzUyN7I0jTc0NzAyszQysbAAEkq1AGOuOcw2AAAA&ct=2&r=105335 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.208.62.184 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-208-62-184.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 content-disposition inline timing-allow-origin * access-control-allow-headers Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With expires Sun, 24 Oct 1982 23:00:00 GMT
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 2335 Redirect Chain https://usermatch.krxd.net/um/v2?partner=adobe&id=20087689495726173052808377013457567418 https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=20087689495726173052808377013457567418	0 338 B	93ms 29ms	Image text/plain	54.217.28.190 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=20087689495726173052808377013457567418 Protocol H2 Server 54.217.28.190 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-217-28-190.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cisco.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-served-by beacon-n024-dub-prod.krxd.net date Sat, 16 Dec 2023 02:08:09 GMT cache-control private, no-cache, no-store x-request-time D=38 t=1702692489 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=20087689495726173052808377013457567418 date Sat, 16 Dec 2023 02:08:09 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a007-ash-prod.krxd.net
GET H2	200	main.MTdjYzNiZDU2NA.js Show response analytics.tiktok.com/i18n/pixel/static/	432 KB 112 KB	178ms 178ms	Script application/javascript	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKAV1QJC77U2JMMIPBFG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f0fc7af60b98a57cccf7d5d7ea6e10f640db6f7553fb131e991b120dd6a62e6e Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-akamai-request-id 3d8ca927 date Sat, 16 Dec 2023 02:08:09 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20231109073142A970F645242BECEBC28A vary Accept-Encoding x-cache TCP_MEM_HIT from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01fc9b7cf12ead81e1ee05920d8698af1162099726ca772076213a5abbb2c2172d2ad7fcd4f9f42d1bad01f5a13430ae4f5f6d78b0b76db92009472fc4d7b8f0a5b87fc3ed2e3da0e6e141ffaf836357c1769f6712bad18f3df8ee8a1a64746edc server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=2 content-length 114216
GET H2	200	messenger-94e6eccc.chunk.css assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 31DC	35 KB 7 KB	21ms 21ms	Stylesheet text/css	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id IzqZYXeP3wFtducKYcOYmpjQ0p7iO2tw content-encoding gzip cf-cache-status HIT x-amz-request-id ET8EKVGBBTA8FXPV age 2689 x-amz-server-side-encryption AES256 x-amz-id-2 3MoPnBzVULdPIvatnGr6263Pwt/sFlWJ2HdQw7r0iM/n1wDzWf+xZ5HbBF9bjIOm7P9qyMd+Xqo= last-modified Fri, 01 Dec 2023 21:38:11 GMT server cloudflare etag W/"a788ecf510f83ee517cbaf79306145dd" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 8363607c0def3a82-FRA expires Sat, 16 Dec 2023 06:08:09 GMT
GET H2	200	messenger-ea37ea0f.chunk.css assets.qualified.com/packs/css/widget/sandboxed/ Frame 31DC	5 KB 1 KB	17ms 17ms	Stylesheet text/css	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id ApqmuMJojZUDq6nY8d97spCm_9dMWavP content-encoding gzip cf-cache-status HIT x-amz-request-id YXAHBJ1R3MXWW967 age 3636 x-amz-server-side-encryption AES256 x-amz-id-2 zYQoUsg7rNhqNHa6iIlFZ9xjXmZ9SN/8H4MDFbEbxJVB2FEnXnHF+DBTZsZpnIacwRf0ATuyTlM= last-modified Tue, 28 Nov 2023 23:32:35 GMT server cloudflare etag W/"22d5f23e695250d3c5a5b1e76a015c5e" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 8363607c0df23a82-FRA expires Sat, 16 Dec 2023 06:08:09 GMT
GET H2	200	messenger~runtime-12a4356b25dc00e21009.js Show response assets.qualified.com/packs/js/widget/sandboxed/ Frame 31DC	2 KB 1 KB	15ms 14ms	Script application/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-12a4356b25dc00e21009.js Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/QZjwGwGpcBiwkfRA/messenger?uuid=e2314771-55c6-4b7d-a5bb-3e2ab05eb08f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04ae340fe641b50225a136fd975a06038932d2edf3262afb992437e330be9fe4 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id Xq3f50_hfPTjyXqDSDM1ZaGlvLgN5WaA content-encoding gzip cf-cache-status HIT x-amz-request-id 6YN4GF7D8RPMX0NW age 5277 x-amz-server-side-encryption AES256 x-amz-id-2 lTqAmqVI0sX2pctSYjktebj6UUrdCJKxT3HpJSH/uLik35r8HNvUzwKERjhWQ8VLl2CNCPBP2zg= last-modified Mon, 11 Dec 2023 20:26:04 GMT server cloudflare etag W/"a7878e62f4e53c14b2f5dffdb6cf33bc" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 8363607c0e023a82-FRA expires Sat, 16 Dec 2023 06:08:09 GMT
GET H2	200	messenger-191570b0e91eadf70b22.chunk.js Show response assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 31DC	1 MB 368 KB	19ms 19ms	Script application/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-191570b0e91eadf70b22.chunk.js Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/QZjwGwGpcBiwkfRA/messenger?uuid=e2314771-55c6-4b7d-a5bb-3e2ab05eb08f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28e3332baf3b748b3a0f10ab56958db3af34f2d033b2cd1c7ff798fbf1bda097 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id OA2d__vBLcqrxraAyxlq0muNTE8u.zu_ content-encoding gzip cf-cache-status HIT x-amz-request-id 0H6WZCT713W4RG4A age 5277 x-amz-server-side-encryption AES256 x-amz-id-2 edXVLa2yUjTL7JvSmgOeVf+KfSgw9sZ1e+OnrZfNi3eHOm6WuJ3A7gJ3UTVzrPnzvq7hTK+WTZw= last-modified Wed, 13 Dec 2023 22:33:12 GMT server cloudflare etag W/"9dce2d1b2a896f8b84b060df57592520" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 8363607c0e063a82-FRA expires Sat, 16 Dec 2023 06:08:09 GMT
GET H2	200	messenger-df93bb804753b303a24f.chunk.js Show response assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 31DC	869 KB 199 KB	23ms 23ms	Script application/javascript	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-df93bb804753b303a24f.chunk.js Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/QZjwGwGpcBiwkfRA/messenger?uuid=e2314771-55c6-4b7d-a5bb-3e2ab05eb08f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a5514a4a491d83ab8252bfda07a6e543811d0f7743918e40379d29a66158567 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id mhGqMlSkrvr5cUk2b9Nq7EEE7FrIKA0_ content-encoding gzip cf-cache-status HIT x-amz-request-id HGYYD8A76YY7HB9C age 3926 x-amz-server-side-encryption AES256 x-amz-id-2 8DhCyTGYG2VMplQ0iRbA536CQQcgNRl9S+cd2URaQDkCg6mjTjymZSbHA2VFyZmoVe3/e999525ShAq533WIavUlsK6ujPKarCteLW0jhY8= last-modified Sat, 16 Dec 2023 00:58:24 GMT server cloudflare etag W/"f3b05ccd98bb1500ffe5786aac414c87" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-ray 8363607c1e343a82-FRA expires Sat, 16 Dec 2023 06:08:09 GMT
GET H2	200	Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2 assets.qualified.com/packs/media/fonts/inter/ Frame 31DC	97 KB 97 KB	32ms 15ms	Font font/woff2	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2 Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/QZjwGwGpcBiwkfRA/messenger?uuid=e2314771-55c6-4b7d-a5bb-3e2ab05eb08f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6 Request headers Referer https://app.qualified.com/ Origin https://app.qualified.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id E6YIfM36rydnMaf4sGSvJLBNDyS.ADNG cf-cache-status HIT x-amz-request-id T318VWP84NWYB8N1 age 1291599 x-amz-server-side-encryption AES256 content-length 98868 x-amz-id-2 izCCEidg+4aPasBFcOg/yTcmOYbKkVN0h+GeoIm/YRox05v27bE5y3nAHGEF4I5YbA0IvUqj19Y= last-modified Thu, 30 Nov 2023 23:59:22 GMT server cloudflare etag "dc131113894217b5031000575d9de002" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31557600 accept-ranges bytes cf-ray 8363607c2dbc4d31-FRA expires Sun, 15 Dec 2024 08:08:09 GMT
GET H2	200	Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2 assets.qualified.com/packs/media/fonts/inter/ Frame 31DC	103 KB 104 KB	38ms 22ms	Font font/woff2	2606:4700::6812:1105 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2 Requested by Host: app.qualified.com URL: https://app.qualified.com/w/1/QZjwGwGpcBiwkfRA/messenger?uuid=e2314771-55c6-4b7d-a5bb-3e2ab05eb08f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1105 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5 Request headers Referer https://app.qualified.com/ Origin https://app.qualified.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT x-amz-version-id _rRYa2sPGNB5athLTFbmNGewSIAAC_sF cf-cache-status HIT x-amz-request-id QSYAJGG94K88EMD2 age 1463434 x-amz-server-side-encryption AES256 content-length 105804 x-amz-id-2 t9E0NxiZoUz7nV2Ww/KQWxQGcxoOZzqmSsKRl28vqBbqpj18pboGFM0O24erxLHbDylU6T42ODE= last-modified Wed, 29 Nov 2023 02:17:21 GMT server cloudflare etag "007ad31a53f4ab3f58ee74f2308482ce" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cache-control public, max-age=31557600 accept-ranges bytes cf-ray 8363607c2dbd4d31-FRA expires Sun, 15 Dec 2024 08:08:09 GMT
POST H2	200	/ Show response sentry.io/api/1332833/envelope/ Frame 31DC	2 B 324 B	141ms 122ms	Fetch application/json	35.186.247.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 Requested by Host: assets.qualified.com URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-191570b0e91eadf70b22.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 156.247.186.35.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.qualified.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
GET H2	200	/ Show response c.6sc.co/	7 B 187 B	184ms 176ms	XHR text/html	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:09 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://duo.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	36 B 330 B	44ms 7ms	XHR text/html	2a02:26f0:ab00::214:8e70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=duo.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 68223d1e12852d93d806d0be1cd8ee403efb7f62baaec9def8a6ed7117a4bd9a Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT vary Origin content-type text/html access-control-allow-origin https://duo.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2001:ac8:20:3a00:1011:c79a:804c:d02b server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702692489843_34901612_422156086_26_748_5_13_219";dur=1 content-length 36 expires Sat, 16 Dec 2023 02:08:09 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	402ms 383ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A09%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:10 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	401ms 381ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22877f8628c5c481832a1ecc46c52a3bbbeb587394%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2016%20Dec%202023%2002%3A08%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2016%20Dec%202023%2002%3A08%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2016%20Dec%202023%2002%3A08%3A09%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:10 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	381ms 381ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A20%3A3a00%3A1011%3Ac79a%3A804c%3Ad02b%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:10 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	u cdn.bizible.com/	43 B 86 B	13ms 13ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A074-UQX-410%26token%3A_mch-duo.com-1702692489118-32048&_biz_u=51c9a2f588984473b74af98524416b5a&_biz_l=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&_biz_t=1702692489960&_biz_i=FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher&_biz_n=2&rnd=442323&cdn_o=a&_biz_z=1702692489960 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B97) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Sat, 16 Dec 2023 02:08:09 GMT strict-transport-security max-age=31536000; includeSub last-modified Tue, 12 Dec 2023 17:44:16 GMT server ECS (amb/6B97) age 289433 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	identify_bb163.js Show response analytics.tiktok.com/i18n/pixel/static/	135 KB 36 KB	177ms 177ms	Script application/javascript	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-akamai-request-id 3d8caa98 date Sat, 16 Dec 2023 02:08:10 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202311090731338BA6EF6D793B37F9D2ED vary Accept-Encoding x-cache TCP_MEM_HIT from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 016e55e35c7ea4ef961c2997f9013c2711a992cded02a3885a9b2a1a1e1d20de0a3391c13af8a957802af54095f9ccce92ccf4511ba6b51c1aefcf85ab80c0119ff95092e61dda9b9f2870aebdf5006e954c72e3a113b365784523d65f098df832 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=4 content-length 36093
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 840 B	308ms 306ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 8d6c724a.3d8caaa8 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2312160208102F6508E454863755434D-597723824EEA461A-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 125,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=99, origin; dur=31, inner; dur=29 content-length 0 pragma no-cache server nginx x-tt-logid 202312160208102F6508E454863755434D x-cache-remote TCP_MISS from a23-48-100-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 31,23.48.100.39 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051665c1dd9c81a51c22513ca9c857f11fbc0fa172d37b518e20690dbf953a96af5a9b9dc58d34caa2a3b48ab037fadded799740c36c6a360ffb49d1418668255d3f296ebc6aa3696f973c47f1c40495c1b access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 838 B	291ms 290ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 8d6c41f4.3d8caaa9 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020810848EEE03A97C5454F6EE-2DD9B115BDCA6854-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 110,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=101, origin; dur=13, inner; dur=7 content-length 0 pragma no-cache server nginx x-tt-logid 20231216020810848EEE03A97C5454F6EE x-cache-remote TCP_MISS from a23-48-100-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 13,23.48.100.39 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051665c1dd9c81a51c22513ca9c857f11fb0f523c672793a20a0709630a6e520bbed5379cd5bbee4774a62586bee6b4e8e711b7942c965836567e07a60cd88fcf2a6d42eb162a99e057c99a2f378116c0a5 access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 839 B	299ms 298ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 986210ab.3d8caaaa date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-23121602081051B62A2FCB70F158C700-4E98F7957EF1B641-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 118,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=98, origin; dur=24, inner; dur=16 content-length 0 pragma no-cache server nginx x-tt-logid 2023121602081051B62A2FCB70F158C700 x-cache-remote TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 24,23.48.100.43 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051ecbf342052f68e7c8aa58d8237966809bc4bafe55d7c37df0d223b9b1469241d8d4e23e0743ad203a9e9d07650614e965394c67710eb66035e1732abe9d3770975ef8e95b4e28d3a04f4d69645e06617 access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 838 B	307ms 306ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 9861b410.3d8caab2 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-23121602081070B024F587401B704349-40FB16D87D389C14-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 128,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=97, origin; dur=34, inner; dur=31 content-length 0 pragma no-cache server nginx x-tt-logid 2023121602081070B024F587401B704349 x-cache-remote TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 34,23.48.100.43 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051ecbf342052f68e7c8aa58d8237966809d824dfca5871976835062db2e88c5acf3d27ae52e5059241c9a40b4907702e155bab30ab8a41106b605f99a88e7755ff710c3cae24a15e421c773519a64e4058 access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 837 B	436ms 436ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 7c93385a.3d8caab3 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020810498414E758A10020951C-33672DD79BAB1FD9-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 106,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=250, origin; dur=12, inner; dur=8 content-length 0 pragma no-cache server nginx x-tt-logid 20231216020810498414E758A10020951C x-cache-remote TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 12,23.48.100.41 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a0515b9649a6def697e0f9a7e124374649a995c3b5a5b90bbbc0cf2cb46fcfcd87451450cc282cd024c017d20c46acc8c6504aafc85911389e0b2caa7328c406b2d63ee2c9a4d2475f3d4cc37fcf63ca72d0 access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 840 B	436ms 436ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 98622e00.3d8cab20 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020810439DFBD848191E4FB356-4A38E791A7C321C3-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 105,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=101, origin; dur=10, inner; dur=8 content-length 0 pragma no-cache server nginx x-tt-logid 20231216020810439DFBD848191E4FB356 x-cache-remote TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 11,23.48.100.43 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051ecbf342052f68e7c8aa58d8237966809d824dfca5871976835062db2e88c5acffc8d402aed98528fc6f44a3fd983999b837f490cc1f4f5da125918e50b51e180e893b3a502eed9e1e73768e4775d63bb access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 845 B	587ms 587ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 5a217bb.3d8cab21 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020810CC9619BFFDF910828513-0AD50CFA5C2DC619-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 258,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=138, origin; dur=125, inner; dur=118 content-length 0 pragma no-cache server nginx x-tt-logid 20231216020810CC9619BFFDF910828513 x-cache-remote TCP_MISS from a23-218-223-23.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 125,23.218.223.23 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a05112a5883055072f812f48e0ee318b0e0bb7ac64135f8f397a7b841a27349b0f50b30cc8c9b6a3b9b7be4610d0657a6bd6e1bf8348869d0a483c8c45bc9d2b83291fa8b080daa41302800ad4d47c93ad3b access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 840 B	499ms 498ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 7c931bd4.3d8cab22 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020810B46B6B2FB002E53B32B3-322BDAEB90441981-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 140,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=131, origin; dur=45, inner; dur=42 content-length 0 pragma no-cache server nginx x-tt-logid 20231216020810B46B6B2FB002E53B32B3 x-cache-remote TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 45,23.48.100.41 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a0515b9649a6def697e0f9a7e124374649a9805edc2a49a7681563bd04ec487b3669e6ffb0884926e280ac1c5544babb12defd0696b01108c15c0cb05af0465eeb2dc0f031f3e116a15a422feb5b298bc632 access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	monitor analytics.tiktok.com/api/v2/	0 839 B	356ms 356ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/monitor Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 98623036.3d8cab57 date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-231216020810E5534128FB81C830D001-17117D0A6AEFA894-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 171,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=98, origin; dur=77, inner; dur=73 content-length 0 pragma no-cache server nginx x-tt-logid 20231216020810E5534128FB81C830D001 x-cache-remote TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 77,23.48.100.43 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fcee4f70857ba70555e828a7df9b862a051ecbf342052f68e7c8aa58d8237966809c27b0f0e158c8f37fb741a6408b8c6750836a39c7e602727e283b1c521cc4795fe98f7633eedc800da3782e4292598bbac60ae3d415746cbfe0ed5b6cc3ad09e access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 843 B	339ms 339ms	Ping text/plain	95.100.146.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.16 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-16.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 8ea785c.3d8cab5a date Sat, 16 Dec 2023 02:08:10 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2312160208103ED41FFB04BA78C2E04A-08D3F3EBB84B2440-00 x-cache TCP_MISS from a95-100-146-12.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) x-parent-response-time 152,95.100.146.12 server-timing cdn-cache; desc=MISS, edge; dur=104, origin; dur=55, inner; dur=52 content-length 0 pragma no-cache server nginx x-tt-logid 202312160208103ED41FFB04BA78C2E04A x-cache-remote TCP_MISS from a184-28-17-152.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 58,184.28.17.152 x-tt-trace-host 01f580a6ea3f75d81b2a712e8d888f4fce1bcb1ea9e13d8d658e30a330c82aaab3355a794a0466c4861f26917a49a0b7dc7c1e1d8b4c4ad7f986a3bf32c4e20177a9413312e4cd614356b8190d38391b77e5abbcca25ae755d7d9cc6fd5898d82a3a41282042bcbf0c6d4c0d5deb2d2f83 access-control-allow-headers Authorization,* expires Sat, 16 Dec 2023 02:08:10 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	385ms 385ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A09%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:11 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H/1.1	200 OK	885de7c6ff906cf43afebc9f4520de0dbce1f312deb27df9c428a487128005ae.png qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame 31DC	19 KB 19 KB	315ms 111ms	Image image/png	54.231.131.58 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://qualified-production.s3.us-east-1.amazonaws.com/uploads/885de7c6ff906cf43afebc9f4520de0dbce1f312deb27df9c428a487128005ae.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.131.58 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-east-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash a51c0354551a6a25d1b75d93b69fcbcc0bac4be5f23c7745f5365091ebd89958 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 02:08:12 GMT Last-Modified Tue, 06 Jun 2023 00:20:09 GMT Server AmazonS3 x-amz-request-id HXN2HGETW2GT0TBC ETag "f31a42a5c46907f46ad4ceb294d1d35c" x-amz-server-side-encryption AES256 Content-Type image/png Cache-Control Cache-Control: public, max-age=31536000 Accept-Ranges bytes Content-Length 19302 x-amz-id-2 DUZeJflbJpuTSm1upzyuN1sE85zvThwWC2mOcEZpVQykdmMBSVyZaRekjpPFhIOcD3CMclsnCYI=
GET H/1.1	200 OK	690f28bf97ac29574bbd188ea769e7dbdea4790adbfd554e816f48bcff9bb4d6.png qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame 31DC	19 KB 19 KB	106ms 106ms	Image image/png	54.231.131.58 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://qualified-production.s3.us-east-1.amazonaws.com/uploads/690f28bf97ac29574bbd188ea769e7dbdea4790adbfd554e816f48bcff9bb4d6.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.131.58 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-east-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash e7ac1b289be0b3f0e9f3049ede831d1d936e7ebe8efc5f85b1a4f3512b5ca6f5 Request headers accept-language de-DE,de;q=0.9 Referer https://app.qualified.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Sat, 16 Dec 2023 02:08:12 GMT Last-Modified Tue, 06 Jun 2023 00:19:36 GMT Server AmazonS3 x-amz-request-id HXN3F3E5Q667MSM6 ETag "d74d0a235ad32b99021811f68412b31c" x-amz-server-side-encryption AES256 Content-Type image/png Cache-Control Cache-Control: public, max-age=31536000 Accept-Ranges bytes Content-Length 19313 x-amz-id-2 1eH53P9MMbK3ADb2kc9daKEFeRJvw6INmEPDmGXtv7nBz1VkQ7FKACQP1W5R7xVAxGJ5OxWPT/E=
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	382ms 382ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A10%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:12 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	382ms 382ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A11%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:13 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	381ms 381ms	Image image/gif	2.17.147.185 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.185 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-185.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://duo.com/decipher/fbi-guidance-evolves-on-ransomware-payments User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 02:08:14 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET		img.gif b.6sc.co/v1/beacon/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

b.6sc.co

URL

https://b.6sc.co/v1/beacon/img.gif?token=877f8628c5c481832a1ecc46c52a3bbbeb587394&svisitor=null&visitor=c6f6b9b5-37fd-4a33-871a-9aa33674febb&session=60381cc4-1253-4457-8004-3da9db98ddda&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2016%20Dec%202023%2002%3A08%3A13%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225005%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20FBI%20has%20always%20advised%20victims%20not%20to%20pay%20ransomware%20groups%2C%20but%20its%20thinking%20has%20evolved%20as%20attacks%20have%20proliferated%20and%20worsened.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22FBI%20Guidance%20Evolves%20on%20Ransomware%20Payments%20%7C%20Decipher%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fduo.com%2Fdecipher%2Ffbi-guidance-evolves-on-ransomware-payments&pageViewId=35b0fba0-c9b4-4218-8e87-38e5a92b2d49&v=1.1.10