spycloud.com Open in urlscan Pro
2606:4700::6812:1a6c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc=
Effective URL:
https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_camp...
Submission: On August 07 via api (August 7th 2023, 1:27:04 pm UTC) from DE — Scanned from DE

Summary HTTP 170 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 170 HTTP transactions. The main IP is 2606:4700::6812:1a6c, located in United States and belongs to CLOUDFLARENET, US. The main domain is spycloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2023. Valid for: a year.

This is the only time spycloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	2606:4700::68... 2606:4700::6812:1a6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
10	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
69	13.227.219.60 13.227.219.60	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:5400:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
2	67.202.25.152 67.202.25.152	14618 (AMAZON-AES) (AMAZON-AES)
1	34.232.107.162 34.232.107.162	14618 (AMAZON-AES) (AMAZON-AES)
8	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
170	12

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

email.spycloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2606:4700::6812:1a6c (United States)

ASN13335 (CLOUDFLARENET, US)

spycloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 13.227.219.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-60.ams54.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5400:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.25.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-67-202-25-152.compute-1.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.107.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-107-162.compute-1.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	spycloud.com email.spycloud.com spycloud.com	2 MB
69	driftt.com js.driftt.com — Cisco Umbrella Rank: 6055	849 KB
14	wistia.com fast.wistia.com — Cisco Umbrella Rank: 5091 embed-ssl.wistia.com — Cisco Umbrella Rank: 9380 pipedream.wistia.com — Cisco Umbrella Rank: 7506 distillery.wistia.com — Cisco Umbrella Rank: 7725	370 KB
8	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6908 metrics.api.drift.com — Cisco Umbrella Rank: 6735 event.api.drift.com — Cisco Umbrella Rank: 7509 targeting.api.drift.com — Cisco Umbrella Rank: 7002	11 KB
5	gstatic.com fonts.gstatic.com	108 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1271	49 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
170	7

	Domain	Requested by
71	spycloud.com	email.spycloud.com spycloud.com
69	js.driftt.com	spycloud.com js.driftt.com
10	fast.wistia.com	spycloud.com fast.wistia.com
5	fonts.gstatic.com	fonts.googleapis.com
2	targeting.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	bootstrap.api.drift.com	js.driftt.com
2	pipedream.wistia.com	fast.wistia.com
1	distillery.wistia.com	fast.wistia.com
1	embed-ssl.wistia.com	spycloud.com
1	www.googleoptimize.com	spycloud.com
1	fonts.googleapis.com	spycloud.com
1	email.spycloud.com
170	14

This site contains links to these domains. Also see Links.

Domain
www.helpnetsecurity.com
www.techradar.com
www.cpomagazine.com
www.linkedin.com
www.youtube.com
partners.spycloud.com
www.g2.com
www.cookieyes.com

Subject Issuer	Validity	Valid
email.spycloud.com Cloudflare Inc ECC CA-3	`2023-06-27` - `2024-06-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
Frame ID: A63B61DE07993DBBDB2398855963E654
Requests: 95 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
Frame ID: 77BFD5AC7B7D87EA788B9AFD52AD20C6
Requests: 38 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
Frame ID: D8FF3B6740650E9FFD069B0EEB694513
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Post-Infection Remediation

Page URL History Show full URLs

https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx... Page URL
https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_conte... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

170
Requests

100 %
HTTPS

55 %
IPv6

7
Domains

14
Subdomains

12
IPs

3
Countries

3197 kB
Transfer

8774 kB
Size

7
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helpnetsecurity.com/2023/01/16/circleci-breach/
Title: 1

Search URL Search Domain Scan URL

URL: https://www.techradar.com/news/ea-hack-reportedly-used-stolen-cookies-and-slack-to-hack-gaming-giant
Title: 2

Search URL Search Domain Scan URL

URL: https://www.cpomagazine.com/cyber-security/russian-hackers-steal-50-million-passwords-from-111-countries-using-infostealer-malware/
Title: 3

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/spycloud/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@SpyCloudInc

Search URL Search Domain Scan URL

URL: https://partners.spycloud.com/
Title: Partner portal

Search URL Search Domain Scan URL

URL: https://www.g2.com/products/spycloud/reviews
Title: Read our reviews on G2

Search URL Search Domain Scan URL

URL: https://www.cookieyes.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc= Page URL
https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

170 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc=
email.spycloud.com/ 649 B
1 KB 735ms
362ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-4HhXwEzPsLGRqp5bfj9iW9xCukFxuUd7Yrbds06H5iU=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f2fdab23a433626-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-4HhXwEzPsLGRqp5bfj9iW9xCukFxuUd7Yrbds06H5iU=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Mon, 07 Aug 2023 13:26:57 GMT
referrer-policy: strict-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 918bf44097e9fe7e

GET
H2 200 Primary Request / Show response
spycloud.com/lp/post-infection-remediation/ 168 KB
37 KB 308ms
242ms Document
text/html 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY

Requested by

Host: email.spycloud.com
URL: https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

b6e8b528941e54165691cc824118bf2ce610de969e84f4fefa8482f6a409a92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://email.spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=0, s-maxage=86400
cf-cache-status: DYNAMIC
cf-ray: 7f2fdab4f8211c15-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 07 Aug 2023 13:26:58 GMT
last-modified: Wed, 02 Aug 2023 22:03:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-id: AhHQuH-9-2fB1PZYW60LlZsQBFqoRhc0IDvDBGOVO31uGmiF0r--Tw==
x-amz-cf-pop: FRA56-P5
x-amz-version-id: tapES7FmJ7lSglNIlTL9Q86R6uoHpxa.
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-powered-by: Strattic

GET
H2 200 style.min.css
spycloud.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 35ms
34ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: spycloud.com
URL: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: opHULrPBkDXKB5vn3O3c3JPacmj8N0sz
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216955
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:33 GMT
server: cloudflare
etag: W/"47cdb0e81ea341ad27a1a0b0ba6b02d8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab67aa41c15-FRA
x-amz-cf-id: vQWBcAWA55I3PK67l6TlrpJPX49uSTlFEIrfhQ1ayqRK9ExYdvxz6w==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 style-index.css
spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/blocks/src/assets/css/ 2 KB
784 B 38ms
37ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/blocks/src/assets/css/style-index.css?ver=1.3.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

31cdea230631f4102652fbf11892ce200606c1b8ca50ed3de0e2da8323fa5c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-version-id: 5zs1Xcm6bi65segjqlCXA1FOOoHbzK1Q
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 216955
cf-polished: origSize=2026
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"11e850a97d8386ea3b9b03e72572243c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab67aa51c15-FRA
x-amz-cf-id: 3obxGVVAuwxE2Uz5MoRV6Euwl8mVeMk7ZheFmGQomxVUIADpE0eVqw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 classic-themes.min.css
spycloud.com/wp-includes/css/ 291 B
451 B 39ms
38ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: cNejeyfE_ULxvw5ZJ0RmbEBZubZ7qDjw
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 216955
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:37 GMT
server: cloudflare
etag: W/"1a0804b1a9d09705657f91fe7cad4c5a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab67aa71c15-FRA
x-amz-cf-id: q_br-CTlTS-Yw6b7QeAFx84wAS_9biWcoGC7xSYFq-imDDDgo2OPMA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 wp-emoji-release.min.js Show response
spycloud.com/wp-includes/js/ 18 KB
5 KB 40ms
39ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 9YgcQHBUSLGrc1lAW3cEp7OPWm7h0Eug
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 209853
x-cache: Miss from cloudfront
last-modified: Tue, 11 Jul 2023 02:41:26 GMT
server: cloudflare
etag: W/"4cc444663c1e69cb8ac7b909e7192bca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab6bafd1c15-FRA
x-amz-cf-id: zZusre0xZNzLKpDYfVqFK3ygqFVSYzma3TQNwb6Ljd_aJ9q26nI6PQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 styles.css
spycloud.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 36ms
34ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-version-id: Tzpmk0xVEkFE.6eJKo5tQKQ.hz5NJJCr
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 216955
cf-polished: origSize=2859
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:32 GMT
server: cloudflare
etag: W/"0e4a098f3f6e3faede64db8b9da80ba2"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab6fb591c15-FRA
x-amz-cf-id: yBNgR0YkpMt3b24xYz0RBHcxw6ocZKTf8LUfYnNhLI9xvf-8g1PYtA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.css
spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/css/ 29 KB
5 KB 37ms
35ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/css/frontend.css?ver=1.3.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8d756ef243bb751fe32fea60925ffe888cdb07c17c8597f4de8dddd4dd63467d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 d32587599a4a4956aa151bdd0a7e225e.cloudfront.net (CloudFront)
x-amz-version-id: ojs2Z474HXDXDOoV5hQr.ZOeCkQmnOil
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MXP63-P1
age: 216954
cf-polished: origSize=32170
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:37 GMT
server: cloudflare
etag: W/"744f25ab6a96e26ee89ca77bfa06a7d1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab6fb5a1c15-FRA
x-amz-cf-id: Bi6-EN09UlAS0Gn0q_BTrLEKeHDKN_F5k3BinOZogMLsC8FoagsdOw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 cookie-law-info-public.css
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 3 KB
1 KB 37ms
36ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-public.css?ver=2.3.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

3e74df990fc2870bec563c9c8f7e343dcda30fd8e4689aeeab5e82b060d714d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 f6d81b3012ddbb7788e324c7c08594a6.cloudfront.net (CloudFront)
x-amz-version-id: Ctz5iuNS2Gx1kkNPyOMmouSmpykPOb8E
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: CDG53-C1
age: 4189
cf-polished: origSize=3967
x-powered-by: Strattic
content-encoding: gzip
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"93eaf136daecb1bc47a2bd32ca924cee"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab6fb5c1c15-FRA
x-amz-cf-id: TEaRoHTsjINx59YCv9BXDWCsLtmTlS6QMN-dR6Yr9stA2N8x2Sh2bg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 cookie-law-info-gdpr.css
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/ 17 KB
4 KB 38ms
37ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/css/cookie-law-info-gdpr.css?ver=2.3.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

412259ded0ef44f6bebe50cac049b4cb413663ffc8f218a2a81a91d926a2ed54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-version-id: mrJeZcBEUBMb5sQCqSLrmWlQ0AMjSVrH
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 209855
cf-polished: origSize=22048
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"79c28f86f91e5a9b0fc17281b973f63d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab6fb5d1c15-FRA
x-amz-cf-id: fzVx5XxsVbtWTtH-liFNVbApiO5O47LN9hgw5sKmRnonLXGR-X_8FQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 search-filter.min.css
spycloud.com/wp-content/plugins/search-filter-pro/public/assets/css/ 37 KB
7 KB 41ms
31ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/search-filter-pro/public/assets/css/search-filter.min.css?ver=2.5.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

bbdee6a5cee7911ffed204b01e8798ff1ab500d754e0db2ae6be306c3567a37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: Y9EZaUGMJNujrTGj2JsS7lpjIPHV_5U_
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 209855
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"24cdd4f8c69ea55cdcd2abffe80e9e02"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab70b7f1c15-FRA
x-amz-cf-id: llaIALzxUal5Gx0sWDaR7Pi-fpTdXsbxpVG2rGHa2onkyi_OUMlLHw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 style.min.css
spycloud.com/wp-content/themes/hello-elementor/ 6 KB
2 KB 54ms
32ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/themes/hello-elementor/style.min.css?ver=2.8.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

011426f6c5b5be4d1d609555cb477dc3f139a464526650c11e09dece069936ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: WKuB0DIbsJiSYbOu78NawUyIVVctJTe5
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 579fe4b7dcab7e674f31d8cf81d00006.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:31 GMT
server: cloudflare
etag: W/"37817a568fc14b49609305b05f3b2ab0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72b9f1c15-FRA
x-amz-cf-id: E4MUmJUvGRrNZBUyJ2MQSYryvkF53LC6c7E6cNdXLriOy7TAbWQBGQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 theme.min.css
spycloud.com/wp-content/themes/hello-elementor/ 13 KB
3 KB 55ms
34ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.8.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

52ce1224042a44eda3a9093c9bc60357e17ea9cb8d40f65841333adbeee2a2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: nVdMICC5RGoj4zZbf1FwfO4lETj_5k26
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"aed4e8f143c594526270794e2445652c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72ba01c15-FRA
x-amz-cf-id: tzcQ0S86qWms8JhjCbTo9esjEpIhScArQHxzy2tQRL42aXFe2W8PLQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 elementor-icons.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 62ms
40ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: ElNevZBo83PfNLGnD0Zxq2SoiufWv9Re
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"ea327e2f7ad5d617a50a3a23b1f48146"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72ba21c15-FRA
x-amz-cf-id: OcZK8fBHG4NUAz0Tt5lZ_nob_vEM5J4VcXBwlapy2IdoQmVh5l8l7w==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend-legacy.min.css
spycloud.com/wp-content/plugins/elementor/assets/css/ 10 KB
998 B 60ms
39ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

fca5eb2f7f0e369ce02c777e7c947f792a56d9cd843b274e5a535da2dc7211c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: roStwpa6s2ynxuWifN5lOdDKOywU26t1
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"3edead1fae0cfa6b7158076745c0b8c1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72ba31c15-FRA
x-amz-cf-id: 7hgTLGjBiJagBCujPSCuDJwGVXYDtBJPf7w9SEFOKa0q4rcdzsFRwA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.min.css
spycloud.com/wp-content/plugins/elementor/assets/css/ 153 KB
19 KB 57ms
36ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

2a39504ff0e8230cff9511b4027a386c4b2a54601d27524c751e7dc6f0a6e6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 6Y5xYD1JioEKiIe1GiGBILla_b_oi9SN
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:32 GMT
server: cloudflare
etag: W/"72dbc483f54fddd6513a25f4706e90db"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72ba51c15-FRA
x-amz-cf-id: NIvCW8Hm4rcBTa3Pc5BfBDXcXYvlX6q-eTsrKE7IHaIycM1I634FRA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 swiper.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 56ms
35ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: vBLrGxAOYuwHSkWZ5jVk5Fo_jpq2zJUS
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"bcad7781b3e74db2565b8424c45232cd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72ba81c15-FRA
x-amz-cf-id: 3sUH4hnqdMEa1kzHZrqhCrfh7FB2Y6ONQD72D9VkfsI_H9rqf8RHUg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 post-33233.css
spycloud.com/wp-content/uploads/elementor/css/ 7 KB
2 KB 81ms
60ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/uploads/elementor/css/post-33233.css?ver=1690740643

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6ecf45b26fefc92384d96bfe9b613dcfd86192f67928561ecf8b9249b7649789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-version-id: kxRHuPUsQJWDvlLqUOQSnQdP0Rm0vvEy
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 209855
cf-polished: origSize=7897
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 20:57:22 GMT
server: cloudflare
etag: W/"71aa47c0bc7cc13a129fd2dd42575694"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72ba91c15-FRA
x-amz-cf-id: haHJhNAD8n0TLneP4SHQd_FtgDvPDW1YfKCg-MUpXr5iqvP6lRBr6A==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 style.min.css
spycloud.com/wp-content/plugins/stratum-pro/assets/css/ 139 KB
12 KB 81ms
60ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/stratum-pro/assets/css/style.min.css?ver=1.3.13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ac9267f6dcdbdd099bc4a6bc9ce5a17985485f6636fb8553445ebc6addadbbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: uB71ETz4zmiBM.X1tI3bb4LV95DUxFBH
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:29 GMT
server: cloudflare
etag: W/"c40916248a44711b1d0b7b47203330ec"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72baa1c15-FRA
x-amz-cf-id: 88CYpTOrApTDrelKmF5h7EGbU2QudV8i_0aqQmvvkdKoH8MTu9d7Uw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.min.css
spycloud.com/wp-content/plugins/elementor-pro/assets/css/ 437 KB
41 KB 61ms
41ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

3963b8591050c4af2f0edf8a96662113f01900444868e6936c5d192bc44dfe6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: VXMFAB62KtMkpAmTMzjF0mE48NbUJWqz
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 6f91ea5a7eabbfeeecefb830943f669c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"10d1e52a10723848dcecc0248614a3ad"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bab1c15-FRA
x-amz-cf-id: lO3hBZDBOClCpFn9mcmMTPahGDRpSaSfks96J-ISk-ZAQFgdbkwlvg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 uael-frontend.min.css
spycloud.com/wp-content/plugins/ultimate-elementor/assets/min-css/ 616 KB
68 KB 83ms
64ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.36.17

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d36e12824aab23795d2f804f169ec2189defee2b1b8478088177408cc50a8c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: lYVsXuL0jWWPXJy0qdH4oPvF6awL77yp
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:32 GMT
server: cloudflare
etag: W/"71b1ff0fc38ae9f24b9d7f68db1f0a9a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bb61c15-FRA
x-amz-cf-id: l9XjSq8tHUio-7GH_DrQ4Cwc-vFLUcXNrIjRD-i7tff4rtwljri9Tw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 global.css
spycloud.com/wp-content/uploads/elementor/css/ 131 KB
9 KB 81ms
62ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/uploads/elementor/css/global.css?ver=1690740644

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

48898fa425802689074b53ed242083239ff7b885c76f636cfdac91be1e030a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-version-id: zu2yTyF4mQooJ5ngmA.ukKW3Jwlp3gmA
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 209855
cf-polished: status=cannot_optimize
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 20:57:30 GMT
server: cloudflare
etag: W/"5476dc6210842730a5f714770c308e7e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bb81c15-FRA
x-amz-cf-id: _ROYTsb8tg8f1w1WybzbasE8jG4qZjavjQ2fUa_a4v3VvLrPyqtqQQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 post-38189.css
spycloud.com/wp-content/uploads/elementor/css/ 69 KB
5 KB 481ms
462ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a4f6077532e970d8d0f3a4183a05542099cba4d3e810c9a4a28a3c2ba5461818

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: BOR5HuqB4IHq.LjR4dfDNMB0XSt9eozQ
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
x-cache: Miss from cloudfront
last-modified: Fri, 04 Aug 2023 20:57:18 GMT
server: cloudflare
etag: W/"83071a9d28da8e1fa5691fc2f814fe0b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bb91c15-FRA
x-amz-cf-id: csg35b5bnefAK_F7zo4cX7gdEoC7whN48fQHi2nb9RSzbYZElqixnQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 post-45402.css
spycloud.com/wp-content/uploads/elementor/css/ 3 KB
804 B 83ms
64ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/uploads/elementor/css/post-45402.css?ver=1690828575

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

dc898f84a445ea26e9384ee002387ddc9d36f48c1a4d4904221f0d30508fd439

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-version-id: 12kAANKg0PnIwl9LqhNXGXrWJut7.QX5
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
cf-polished: origSize=3473
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 20:57:13 GMT
server: cloudflare
etag: W/"af7e130d57eca433072b2f74209433aa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bbb1c15-FRA
x-amz-cf-id: GgcqrLnDxxt1LjhzXXcxToAgOJINTr0EX7FQmmBBD7RKDW6yLNvN7Q==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 post-58360.css
spycloud.com/wp-content/uploads/elementor/css/ 45 KB
3 KB 82ms
63ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/uploads/elementor/css/post-58360.css?ver=1690740651

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8eefd1e402dfa38783137170c197dc4df52d9a66f975f3f7051f5faf53d7759a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-amz-version-id: lNnY6M3K4xvrts7A_zENeba1FbS3hlR1
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 209855
cf-polished: origSize=47321
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 20:57:29 GMT
server: cloudflare
etag: W/"e19bf5550263eeb776ef8acefd457811"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bbc1c15-FRA
x-amz-cf-id: K3xKvEn5VMNRHRCqoWEcwSmnKjrtAlMauqZ8NI0PFrtt477ylnm5XA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 style_login_widget.min.css
spycloud.com/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/css/ 2 KB
1 KB 78ms
59ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/miniorange-login-with-eve-online-google-facebook/css/style_login_widget.min.css?ver=6.24.8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

241b75cd9c48834a0d84cbc9d02b0cbb03e3c009825531322798858bf63b8dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: ifFOVvmi7c65keOTm37RvN.qOIn4vIbo
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:33 GMT
server: cloudflare
etag: W/"75c7d3d8595daddcb11f561291834125"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bbd1c15-FRA
x-amz-cf-id: nDQd-52eztX6c_3iWZqYQ4GTWywr7BadBo_W4gbqiseyo73HWEQQzg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 style.css
spycloud.com/wp-content/plugins/newsletter/ 4 KB
1 KB 78ms
59ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/newsletter/style.css?ver=7.8.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

fedfc9cb55ef860d81685746a7bac6474be8bd713f094ebf5d2b2fcead43f052

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 d0e1f57f270c2e4a3b8f618170971cd8.cloudfront.net (CloudFront)
x-amz-version-id: 6hHTI1yhdu63hgIC5Bj4uXkDSdjKxXzL
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: MXP63-P1
age: 216954
cf-polished: origSize=5753
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:29 GMT
server: cloudflare
etag: W/"054847d517a789dd97a902a84b4452cd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bbe1c15-FRA
x-amz-cf-id: Gs2n-nezkeddEU3Ikz7bJ3lvWFkn_6xIPO9GT3WLLt72Z9CUfC1hsA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 style.css
spycloud.com/wp-content/themes/hello-theme-child-master/ 2 KB
814 B 77ms
58ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a66328604ee0687b769ca1b98991df4556e0c2d659d5c07a94bbbe40727ab159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-version-id: 1Dz5VEo03lFNGpo5e6vdu8FdBY0rAIQp
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
age: 216954
cf-polished: origSize=2612
x-powered-by: Strattic
content-encoding: gzip
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"034a9dfa254037bc2eaee8b64e28d612"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc01c15-FRA
x-amz-cf-id: AZh51hh9GtAiom_rlB2ltrRWp_9LVHCRPi2TRQCsCU-enatgYkbPGg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 54 KB
2 KB 97ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b00a84b1a1cc74d4b2674174415d9bf87fa0906bfd50728fb36e610256a14d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 13:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:14:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 13:26:58 GMT

GET
H2 200 jquery.min.js Show response
spycloud.com/wp-includes/js/jquery/ 88 KB
31 KB 79ms
61ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: GWhMjMUDMtFOwRer18yMqgp7iCKNTR_U
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 579fe4b7dcab7e674f31d8cf81d00006.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:37 GMT
server: cloudflare
etag: W/"0e850a69bc7fd0acc2e92ce6eee87959"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc11c15-FRA
x-amz-cf-id: FHoVPzUXInY9fhGh3414B9vtEUN7YT911O4oeDkkxAXM_bQ7TmWpQA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 jquery-migrate.min.js Show response
spycloud.com/wp-includes/js/jquery/ 13 KB
5 KB 81ms
63ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: v1be2th_.f0SDYNo5bFcmbxbaanYqgsY
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"5cfa2b481de6e87c2190a0e3538515d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc21c15-FRA
x-amz-cf-id: lSkGq8m2iXDxrtodRHSh06PCJ-bNF57FIlflU5vVe2FBzuKo6a-0Vw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.js Show response
spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/ 18 KB
3 KB 79ms
62ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/frontend.js?ver=1.3.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

9633c7e547c62f344152eec25e9b59e54c422cb60060eeeeda03055f4e539b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: FeSarZXiqdxzOk8yHKzbjg6RhXeuhFu_
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:31 GMT
server: cloudflare
etag: W/"c3df0c173416d5eab58b7467a0f46e6b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc31c15-FRA
x-amz-cf-id: 1DLbw0iibegBdNoTheD70LT4vNtsUdHalTzjwtlaGeirQT9Ui0WB9g==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 js.cookie.min.js Show response
spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/ 2 KB
1 KB 81ms
64ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/js.cookie.min.js?ver=1.3.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: bK9XJ5mpaOzbgth.BZSQCPXZawAKfEiQ
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216954
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:28 GMT
server: cloudflare
etag: W/"6cd48c176636ab8c478eb0d9434d6f7e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc51c15-FRA
x-amz-cf-id: Bks0-IpUAbSW0FTjeFuN_TYzF1ffjMzjizRWfBJfIkszzvDlCGBllw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 cookie-law-info-public.js Show response
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/ 50 KB
12 KB 78ms
61ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/js/cookie-law-info-public.js?ver=2.3.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

856e2a7283dcaec4d5c33123fd70df27a70514821125000c9a2322ed08975a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: TMlUojzXYQOgIVGgwkdjqtgGz9GZ7sRp
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 209855
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:37 GMT
server: cloudflare
etag: W/"107ac7d86e4795a92afa29534d7aa23a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc61c15-FRA
x-amz-cf-id: AwAWyO8TvNkHUaH9uec2f3Z9k9jT6a4hYLHqrtWTtvpPmVrE6ZGKAA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 search-filter-build.min.js Show response
spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/ 65 KB
19 KB 81ms
65ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js?ver=2.5.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

8611d56d67b7b90bd10267ecc7a63f8d9c9380803dbba9bd35fc60b00312e738

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 9NSXj7033cEpuS2XIEa6yN0xWQ0Qhq61
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 209855
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"9755fa3e2ce739dc30d5660d77c854d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bc81c15-FRA
x-amz-cf-id: QraPvBvjaY5dE5LMmS1ysvDxKf2fiPzJUGSGEoTo-VgZ6JrTiKyXvw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 chosen.jquery.min.js Show response
spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/ 28 KB
7 KB 79ms
63ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.5.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 9ooyDhOZkrkqDKYluWxYvyipNFU4j4Z9
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 209855
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:34 GMT
server: cloudflare
etag: W/"3e9f1dcb9cc75169765265133fb815a7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab72bca1c15-FRA
x-amz-cf-id: tyo8w6_7sYPalL1eRBt1JgidMHBHSIXXyquUz-Hr2kAhx7ocX6LXNw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 126 KB
49 KB 132ms
38ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5W7FPFH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7b2555fa55d5a9c3bc410740b2075a2782cbfad97d3034645d09a61f8698031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 13:26:58 GMT

GET
H2 200 SpyCloud-Logo-White.svg
spycloud.com/wp-content/uploads/2023/01/ 2 KB
2 KB 37ms
36ms Image
image/svg+xml 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/SpyCloud-Logo-White.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6ff4191ac1e5fd2aa051649f757283f1307d652f9ac46b4154c2fa35e89519c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: K0Jamqqs7fbbYfp4psw8BsPfbzYTCDEm
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 579fe4b7dcab7e674f31d8cf81d00006.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216952
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=hPR5QHfbhyMmFdLdaoztRWsNblA6ZRzQ4wAxxvh2iKI-1691414818-0-Afh7nHeTuasw33Rw1H715aCuYQOWpXo3Ecie-aZhuzBvZIIzvZmXXGeRATZ9g8M2eEury4KV2mSXd35BZrkSWpi0SdCtPD9WfDGOfJY4hbvtb8ZzjQwC3ePtRgS9M9NZTdVuOPxa5K-CpkTQZ4JtaZJrPCdEnnCUkpyNfrDAdp3BdVT6nfp82AndOWPM1AnDCg; report-to cf-csp-endpoint
x-cache: Miss from cloudfront
last-modified: Fri, 04 Aug 2023 20:58:03 GMT
server: cloudflare
etag: W/"c021c94e8398001fae3d967d31381c3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=hPR5QHfbhyMmFdLdaoztRWsNblA6ZRzQ4wAxxvh2iKI-1691414818-0-Afh7nHeTuasw33Rw1H715aCuYQOWpXo3Ecie-aZhuzBvZIIzvZmXXGeRATZ9g8M2eEury4KV2mSXd35BZrkSWpi0SdCtPD9WfDGOfJY4hbvtb8ZzjQwC3ePtRgS9M9NZTdVuOPxa5K-CpkTQZ4JtaZJrPCdEnnCUkpyNfrDAdp3BdVT6nfp82AndOWPM1AnDCg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7f2fdab80cfb1c15-FRA
x-amz-cf-id: VhGHodOfITE6H6wzgzeJjXR43SK9VrkEgnAWHjI00FIpMr8pEsEEVg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 cbmnvu3xa2.jsonp Show response
fast.wistia.com/embed/medias/ 9 KB
3 KB 133ms
64ms Script
application/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/cbmnvu3xa2.jsonp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b3fbfd8630a2b972a16c881993abb737d2ed543c17cfec17fa2dc7d73c5650b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 d835a04e842d9117fd810e7c8479dad4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 15169
x-cache: Miss from cloudfront, MISS, HIT
x-envoy-upstream-service-time: 92
content-length: 2903
x-request-id: 4ace7957-cbc5-4bec-9613-4a4620ccb1a9
x-served-by: cache-iad-kcgs7200171-IAD, cache-fra-eddf8230113-FRA
x-runtime: 0.089956
x-browser-version: 115
server: envoy
x-timer: S1691414819.983621,VS0,VE2
etag: W/"b3fbfd8630a2b972a16c881993abb737"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: LFSQ-5aPz9ZQODJe5zadu2AHSPdUfbb_I3rlm8INoggfZjOc0GWfiw==
x-cache-hits: 0, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 714 KB
122 KB 91ms
22ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6396ea91b7df3a21b699adb88f2fb4d00c934f8e0deab656ec53dff47167e0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 320
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 124750
x-served-by: cache-iad-kcgs7200158-IAD, cache-fra-eddf8230113-FRA
x-browser-version: 115
last-modified: Mon, 07 Aug 2023 13:20:51 GMT
server: AmazonS3
x-timer: S1691414819.983611,VS0,VE0
etag: "41ef5ef70d3d52ebacb4fb214cea382d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd3c5c9e4633ca655385d76a7868cce24fe67db
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 25

GET
H2 200 swatch
fast.wistia.com/embed/medias/cbmnvu3xa2/ 4 KB
5 KB 133ms
65ms Image
image/jpeg 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/cbmnvu3xa2/swatch

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b75ac7176837fc50f83172ee62c378899303cc5405be52ddd27be0711a7316c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
access-control-request-method: *
via: 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront), 1.1 6be13380bf1ffb443d50fc21eba30b30.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, IAD55-P2
age: 429278
edge-cache-tag: 88b6dfddbb6f1ec877ebb4f70d6f37f0
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 231
content-disposition: inline
content-length: 4101
x-served-by: cache-iad-kcgs7200137-IAD, cache-fra-eddf8230113-FRA
x-browser-version: 115
last-modified: Tue, 13 Dec 2022 16:12:01 UTC
server: envoy
x-timer: S1691414819.983652,VS0,VE2
etag: 4tC9MMmpyqbwFfHk9PqCoYgeZ4M=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Q7JhN_lWrfEhAKOyriCY3s82k5ATGtmiLmqKUvLoChiHRGQ_5Zwa5w==
x-cache-hits: 9, 1

GET
H2 200 post-infection-remediation_spycloud-1024x993.png
spycloud.com/wp-content/uploads/2023/01/ 173 KB
173 KB 666ms
661ms Image
image/png 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/post-infection-remediation_spycloud-1024x993.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c3fc9609e7d56077b1ffc19b30a1a6cefd11986f01d1833a466d8dfcd1aa997c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
x-amz-version-id: oajVeV5V5XTZbDj4Udn02908mgXhgjxR
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 176877
last-modified: Fri, 21 Jul 2023 22:22:53 GMT
server: cloudflare
etag: "82d6343cea14b3fb5c4fed15a079140d"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba38ef1c15-FRA
x-amz-cf-id: j3_Qs9itfMwXBc1LkBkbWpTGPw95aZHACfzfq2BMZebKoxVroJXh5g==
expires: Tue, 06 Aug 2024 13:26:59 GMT

GET
H2 200 resource-PIR-guide-800x500-1.png
spycloud.com/wp-content/uploads/2023/01/ 165 KB
166 KB 53ms
48ms Image
image/webp 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/resource-PIR-guide-800x500-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

e58892952da3f905e3630f50a64a2bfe6c03b9b2a3df6c4b5539bfe08ea56d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 47140f009c2bd3561cd6dde4003253e2.cloudfront.net (CloudFront)
x-amz-version-id: b2Kbg.VYPd_okgUgM7UBHsUU_DqUDFO3
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: CDG53-C1
age: 2726
cf-polished: origFmt=png, origSize=268525
x-powered-by: Strattic
x-cache: Hit from cloudfront
content-disposition: inline; filename="resource-PIR-guide-800x500-1.webp"
content-length: 169150
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 20:58:06 GMT
server: cloudflare
etag: "2f7dffbde331839a8c842ad4bb1804b8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba48fc1c15-FRA
x-amz-cf-id: FVVWmJDrJi6eHoMlFYX8b--8v44j_tSZZG-nfHOaesQLqKS6J0c1Rw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 resource-ransomware-defense-report.png
spycloud.com/wp-content/uploads/2021/10/ 68 KB
68 KB 874ms
870ms Image
image/png 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2021/10/resource-ransomware-defense-report.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

77552f6bb9019a0420afcffa171cc49150bd9d786c6f1b14fe64957c050798c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
x-amz-version-id: ME2abIWKcQ3Bz2LvU4OcrQxuX51fUrhg
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 69458
last-modified: Fri, 04 Aug 2023 20:58:15 GMT
server: cloudflare
etag: "1bb8fe0ec4cf3b11542bcb8acaac4f49"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba48fe1c15-FRA
x-amz-cf-id: c-sYo0i7GOLbRQRQA-OzaXvllyjJCCLp0eHGHIUrH1NNK2Gcvriwag==
expires: Tue, 06 Aug 2024 13:26:59 GMT

GET
H2 200 resource-malware-ebook-800x500-1.png
spycloud.com/wp-content/uploads/2023/01/ 358 KB
359 KB 380ms
375ms Image
image/png 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/resource-malware-ebook-800x500-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

0bcbe042444dba084bb3403708b5f225b3184f5cbacf6911461f5738c8f1843d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
x-amz-version-id: 1ZmDZ6yIUc_JD1Z92.A0vJzgawfoV4SZ
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 367076
last-modified: Fri, 04 Aug 2023 20:58:27 GMT
server: cloudflare
etag: "cd5b9077441c79cb3037ff62d17ff975"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba48ff1c15-FRA
x-amz-cf-id: fMKuwAlg7Z5kldYDIcLUynV77ukRrRq2TcbzR2YcgNNT7ssw0drOKA==
expires: Tue, 06 Aug 2024 13:26:59 GMT

GET
H2 200 logo-cookieyes.svg
spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/images/ 3 KB
1 KB 52ms
48ms Image
image/svg+xml 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/plugins/webtoffee-gdpr-cookie-consent/public/images/logo-cookieyes.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c7270c2cc29edc1935a8caf8a5891a808080963cd6815abd06cca6d67ec3610d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 7F8rU_QT7XCwgCpXuhStVMBEY4zvwHh.
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 90b1dc17dc69490d49275971c6988188.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 209853
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"b4de73024e74a3b5cf49fbff87b3c1e0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba49011c15-FRA
x-amz-cf-id: otVHjw53FW1M7w4Zuaf8GYaj7jIxR8_QFou3dU07LaeZHij_9jlZbg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 animations.min.css
spycloud.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 38ms
38ms Stylesheet
text/css 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: PSiu0jeIstVT5LZ1l9oRBI31vanUu8Hn
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 6f91ea5a7eabbfeeecefb830943f669c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 4189
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:29 GMT
server: cloudflare
etag: W/"4601ba55044413706c2022cb6c1c3d05"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7f2fdab84d781c15-FRA
x-amz-cf-id: U-pCamBaiTB_m1XDgl-G-3lBgDUobDQ06d25bYHaq3iGyOIPvxVA0Q==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 editor-panel.min.js Show response
spycloud.com/wp-content/plugins/stratum-pro/assets/js/ 12 KB
5 KB 39ms
38ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/stratum-pro/assets/js/editor-panel.min.js?ver=1.3.13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

be0b56929195755bb3fe67aa4eb3a545ace43e008fd488e12914136e27f52463

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: DNRYFMX0mNB0.nGDWk8YEkhx2x6dh0SX
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216953
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:34 GMT
server: cloudflare
etag: W/"9302e110eeafadf50a55706765469e06"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab88e341c15-FRA
x-amz-cf-id: vtHDeQBwO-08m3mZx1hGy2fUezjWUoWtmEh1qCufsphhA9YTvqHgqg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 analytics.js Show response
spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/ 1 KB
747 B 32ms
31ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/hashbar-wp-notification-bar/assets/js/analytics.js?ver=1.3.9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c8683b8aa233904efcaceff3ac30e7e6e41a699736dcf541f72d8c8cd31eddf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: hyNpJx6W_lvW75YU9tO2z2GqRNowZIbF
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"55f481bbcc52bf261cf2b5669ccf033e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab8ce8e1c15-FRA
x-amz-cf-id: jn0LWz2yMopJ38OFH015-3wmANrmfoCJQfOdHip1we8EFLqxTWBbYw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 core.min.js Show response
spycloud.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 32ms
32ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: .vGtdBFxR39Fa50VkMyE3NxpwMZ_KDw2
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 99cbca0951645f2779e512baf9721780.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:32 GMT
server: cloudflare
etag: W/"c4e68a0f3463c0bd3c39eab38815e881"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdab92f261c15-FRA
x-amz-cf-id: LhuaF57_u3vfl1w_SresX1lAJ7BeEkXp4x8szLIMfKFv33UziGbJYg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 datepicker.min.js Show response
spycloud.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 43ms
43ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: dmhVwgr9Rta1QkN5UH6lRlUgB1RCiWXg
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 99cbca0951645f2779e512baf9721780.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 209854
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"5c15bd4af856f6d6b583064ca537a0c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba087e1c15-FRA
x-amz-cf-id: 3eBGIYBZamQE5sSCtIrpHNXEg1CEW6vi-afYdO06W82wAkZZHw2CZA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 new-tab.js Show response
spycloud.com/wp-content/plugins/page-links-to/dist/ 24 KB
9 KB 38ms
32ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 8vZKVm1tKNhnmrBaPrZS1ZKeXNehlJ5v
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:31 GMT
server: cloudflare
etag: W/"a1ade95e21102c15d71ee475ac3818f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38cf1c15-FRA
x-amz-cf-id: HMFAuBnJLZwKgsBCWgkkMl8IRxNa8qHk9g7RxnFs4e4dDvPckbaAMw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 webpack-pro.runtime.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 51ms
43ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: QGzpQyyjn.K6vC3vQ7wqFRHHyTXN9g4Z
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"402ff6c68de34874710c04c21a2a13b7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38d51c15-FRA
x-amz-cf-id: JW-QrSDZWA617_Os0BqwoL5844411VYPIYJvps69QDP6ibvKtQuuFg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 webpack.runtime.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 49ms
40ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: pgQsP9XYjPpahGiaAz9PMsJVFmtH6AsT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 5dc1bff22b40f5004224ef547b1a9a7c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:34 GMT
server: cloudflare
etag: W/"adc45a6cc95b4e68467868aa9a2779ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38d61c15-FRA
x-amz-cf-id: jWDxXbEhKD-s7X-QbNjj_TnNQHN6Re1Jw1B7875xSx7CtarUczty8Q==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend-modules.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 52 KB
16 KB 42ms
34ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: f_WcvZRpyRMCXH7L8ESIhA2XQl.n94VA
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"06311f8f725bbc18e55fc9851ad4fcdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38d71c15-FRA
x-amz-cf-id: ihPYmxp3Ywdyqzd43srONVzyIgPV4c9EME464mpuT9MoOpikjJFlyQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
spycloud.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 44ms
37ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: OGpvnMjB5ZYGgCLIXJ7hhUSvDPucIUpk
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"dda652db133fddb9b80a05c6d1b5c540"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38d81c15-FRA
x-amz-cf-id: VHyXzuhwNr_c2Tf0kPRNnCQdQCdXbZax3IQPQQPV37w9PK0ZzShzzg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 regenerator-runtime.min.js Show response
spycloud.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 48ms
41ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: oOESABdM5SD29.hSrXLp1CHDhGEPheQm
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 6f91ea5a7eabbfeeecefb830943f669c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"9a4f28a615173df36cb84be2b345816e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38d91c15-FRA
x-amz-cf-id: tTaiS4QgXwyp_uF6cVDHmzc9IBt39SsQGPanCKeh4dhEtu5-fotbvA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 wp-polyfill.min.js Show response
spycloud.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 54ms
47ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: w_nRnvwd2qjoPYezvth2TnFm2p_ibIr5
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:28 GMT
server: cloudflare
etag: W/"e495a4709e3eae31c67f8263f25d2d39"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38da1c15-FRA
x-amz-cf-id: QqOPx7yJP_vyVOToT03IQmfBLa3SWpIS_RqNLBfUHRJs1wIoZ8NAgA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 hooks.min.js Show response
spycloud.com/wp-includes/js/dist/ 5 KB
2 KB 54ms
47ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: hYqxuwgm60gQcgYRKpQpvPYy2L_O93Rv
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:31 GMT
server: cloudflare
etag: W/"b33ab4d5dcf02436276a717e9d1b7c18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38db1c15-FRA
x-amz-cf-id: QrQTPSOlLMCtHDG35y_70hBcll_WrKNWORU0-4Fj-_5MlfCfJgQFTg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 i18n.min.js Show response
spycloud.com/wp-includes/js/dist/ 10 KB
4 KB 51ms
44ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: sKFh38fK.rPgLlkUZpivgPQ.lBDtvkB5
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 baa920f719f42b644a28367057e23f2a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:28 GMT
server: cloudflare
etag: W/"8cd696505481e74ffee89b4995f37379"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38dc1c15-FRA
x-amz-cf-id: a5rs2Azn9enu6Dm-Ef8BYSGvk_5uIeSDElO8XwLQrcyOltzAzUao9w==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 44ms
37ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 8AxCZljnYXlVj_IIlN5PNUdZVmE5RjWu
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:37 GMT
server: cloudflare
etag: W/"6ff2abe57b013a0a305b4d22e46db67f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38dd1c15-FRA
x-amz-cf-id: s0rGAU774GHdJVr-ND5oiX4vDa1pfQO3sePHNlO4MkAeZW1BkImYoA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 waypoints.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 50ms
43ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: JzspVMsyht6j0poszlUG5eEBfbgKw9iv
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:32 GMT
server: cloudflare
etag: W/"3819c3569da71daec283a75483735f7e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38de1c15-FRA
x-amz-cf-id: cWIVzdYz4zzDDfrRNTjueu_AiWJP3K454y_XSvjYkTzkCRt7TzPmRQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 swiper.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
35 KB 46ms
39ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: 8zaelUocmgxygS0KspEEuC19kGE4maXd
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:28 GMT
server: cloudflare
etag: W/"15bb2b8491fc7e84137d65f610e1685a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38e11c15-FRA
x-amz-cf-id: AlelF7f77CX0Hfg7b9fEWEo7vKLhhFRpOjx_2W9RCf2Ye_WOiCuVpw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 share-link.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 53ms
46ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: sHrauJSCSj_Rd6zBDu5YHjbb_AlsfRY3
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:33 GMT
server: cloudflare
etag: W/"020e87460ce58802842e34a3aac97d83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38e21c15-FRA
x-amz-cf-id: OLPSGJ2NqH3-AtJxG4BMFd8gb4iD3nDq-BauY24S5UD03SQzc17Dzg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 dialog.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 51ms
44ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: WdwZ5DY1tuk7lmaTVUO97LPwD5LnJyib
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:32 GMT
server: cloudflare
etag: W/"21f3b77d2002ceb93aa7d53df93d8819"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38e31c15-FRA
x-amz-cf-id: ZN1WoSTHcXcQNb4dK4cTGkXkVR_PQXfrKl-AdOp_kJqD-twY08tpCw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 51ms
45ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: v90uRNE2f39e16bZ6jyFIsxV.wCYjPMk
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216951
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:30 GMT
server: cloudflare
etag: W/"d1a4ffdaebec74ca023f78d3bd4b042e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38e51c15-FRA
x-amz-cf-id: yFInS6nI7sF1ChWN-JHOXgI01PH86tXYf1iNZNiUOD90F4YBCBqdmw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 preloaded-elements-handlers.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/js/ 164 KB
39 KB 68ms
62ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

2fdaf549542c19d303a61dd53d8558a115ff3a1296d974b3392f9e47cb64fd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: HUw9ZmiyaU9JVA7Pq15pTCkAnu27dD4W
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 240ebea27618238384903016b8e84168.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216950
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:34 GMT
server: cloudflare
etag: W/"2cb8cefb74487b61433058547dd18499"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38e61c15-FRA
x-amz-cf-id: doB4EGK0vqdzzOhoJxHYxWLQZHO8EYQ6Hwe3VBK6k-t155HgkNr9xw==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 preloaded-modules.min.js Show response
spycloud.com/wp-content/plugins/elementor/assets/js/ 41 KB
13 KB 48ms
42ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

af0b0dbfec18aecd0518daf2ae4b6d60b0b148de91978fd182e2831ce659b5a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: R.fJuXJo_wjrR27z8GELBoGh1gUglNOC
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 d0e1f57f270c2e4a3b8f618170971cd8.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216950
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:29 GMT
server: cloudflare
etag: W/"424890977c6897910af143b55f72f181"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38e91c15-FRA
x-amz-cf-id: NYJMjsCmfxJwjW2VFwiuPZq5IGHvoSS-qS3mT4BzJOUhZFjYlwBXBg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 jquery.sticky.min.js Show response
spycloud.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 49ms
44ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.14.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: LOhZDMjrTinsMzQbjGHQAeiefoF5.dyu
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 25c0ae8b5b888081618bca2ea4f27faa.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
x-powered-by: Strattic
age: 216950
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:35 GMT
server: cloudflare
etag: W/"3e31a0ddb1f910fc672d22e6435b95ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38eb1c15-FRA
x-amz-cf-id: u4_Bav3hLuUOcB8r5SSiG2JPMdFezv0I5c-wMNhOJfBLbOtpMnZSNg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 imagesloaded.min.js Show response
spycloud.com/wp-includes/js/ 5 KB
2 KB 52ms
46ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: hITaaB6.d0oeBRglVnHoBV_R4FkNpIQX
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216952
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"3a56752b736635bf69cb069b8818cbfd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38ec1c15-FRA
x-amz-cf-id: tUJG747WRXaBlpsSMBdY0wHX4lJrjgrswNWCXlEzLM8CP5sTGwAGjA==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 frontend.min.js Show response
spycloud.com/wp-content/plugins/stratum-pro/assets/js/ 54 KB
17 KB 57ms
51ms Script
application/javascript 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spycloud.com/wp-content/plugins/stratum-pro/assets/js/frontend.min.js?ver=1.3.13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

08f002722ce870a7070dfa5b13ee7ec2576e75890f5a3f446f6b15ff1045f6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
x-amz-version-id: HrdomWdIPpjaPv4q1eNnWnGJAH2Q7iAf
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-content-type-options: nosniff
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
age: 216950
x-cache: Miss from cloudfront
last-modified: Thu, 03 Aug 2023 00:53:36 GMT
server: cloudflare
etag: W/"d212e9e032f3ea7572708c5c1903b9b7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7f2fdaba38ed1c15-FRA
x-amz-cf-id: 1YAfSgT6ZqtIDAt7wz0iA1vhEtPO1TaylzziNGKvVyvm7TIddJ9CJQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 i8ss4t6wz65v.js Show response
js.driftt.com/include/1691415000000/ 213 KB
60 KB 285ms
162ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1691415000000/i8ss4t6wz65v.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

521b858a4fcc33d56f0248f7aa72997c4acf17e0843bbb00e144f8ae41a40f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Keekb6kZnpYaUsja4pqi_bkfDDfkvdzU
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Mon, 07 Aug 2023 13:26:59 GMT
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Fri, 28 Jul 2023 18:57:24 GMT
server: istio-envoy
etag: W/"eeb61db8ecbbdf93bc87a27f6322a98b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yM5rD8ldjFBnVx3orV6CGGj2j8t2oFVHbpNCY3rfk2O1i77lPQXrAA==

GET
H2 200 bg-img-compass-1920x868-1.jpg
spycloud.com/wp-content/uploads/2023/01/ 118 KB
119 KB 518ms
518ms Image
image/jpeg 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/bg-img-compass-1920x868-1.jpg

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

181201657cdc33652af99da41cfe18412dead35a3f27ff1c7b8f7cc7fd97fa47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
x-amz-version-id: 5qXXZpLcz4zoy.Xq6BQXT8nBtvgxQ0qA
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 121154
last-modified: Fri, 04 Aug 2023 20:57:23 GMT
server: cloudflare
etag: "b38fde7a00ff6063ec77bb7e38c29bf7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba691a1c15-FRA
x-amz-cf-id: uYRMqcxeRnt6RYRAm728j_66QPooZQk3qc2Ns8-e3A9DLVvrStsZgw==
expires: Tue, 06 Aug 2024 13:26:59 GMT

GET
H2 200 blog-img-password-auth-practices.png
spycloud.com/wp-content/uploads/2022/11/ 177 KB
177 KB 47ms
36ms Image
image/webp 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2022/11/blog-img-password-auth-practices.png

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

51005579c45b0b61844be2e2a9789cae82134d7239a10209ff69f0ccd2ba7cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 6fa25eadb94abd73b5efc56a89b2d828.cloudfront.net (CloudFront)
x-amz-version-id: XZOGqhvUZGYAU03tGe5OgB3.0K7jALf.
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: CDG53-C1
age: 137367
cf-polished: origFmt=png, origSize=290433
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-disposition: inline; filename="blog-img-password-auth-practices.webp"
content-length: 180756
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 20:57:28 GMT
server: cloudflare
etag: "1062ba1483698a42298b31463cdea026"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba89561c15-FRA
x-amz-cf-id: FzhBwVN4hz0ObdRqxD1oX-DeJhAM7qvTxNGOuxeDWLuytZgQVjnSnQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 img-password-access-800x500-1.jpg
spycloud.com/wp-content/uploads/2022/08/ 25 KB
26 KB 51ms
40ms Image
image/webp 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2022/08/img-password-access-800x500-1.jpg

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

bb8e7a460a3214a7c5de015942997661e6627064608ab3a28af4ffeeb97d5ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-version-id: RUrTkBzfMdxM0rQac4RHcxwq8Y2Y8Rgd
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
cf-polished: qual=85, origFmt=jpeg, origSize=49306
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-disposition: inline; filename="img-password-access-800x500-1.webp"
content-length: 25870
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 20:57:44 GMT
server: cloudflare
etag: "b6a60732f43a1456d47458886dfcaee8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba89571c15-FRA
x-amz-cf-id: h7fU4fxlpFXeCIFksXEzEJVD_pQDz-39ti7QJUepUlraRPGQXIz7Pg==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 image-computer-code-800x500-1.jpg
spycloud.com/wp-content/uploads/2022/12/ 49 KB
50 KB 62ms
51ms Image
image/webp 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2022/12/image-computer-code-800x500-1.jpg

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

c6bf75c77f32cc49bd821765ad5069bdaabdac09261a873f0675111f1566bc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-version-id: Y3Mp4BBKBjlQbCBDJy5v4uFMD8P8jkiV
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
cf-polished: qual=85, origFmt=jpeg, origSize=78184
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-disposition: inline; filename="image-computer-code-800x500-1.webp"
content-length: 50490
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 20:57:25 GMT
server: cloudflare
etag: "3551f077107241aa5a4dc075f2b7ffcd"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba89591c15-FRA
x-amz-cf-id: JtUo4-knIV1ffCKnIy6SLYLq7NRjzAQdUVnCpY7qOuie47b6ZDXUeQ==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 blog-img-ghost-accounts-800x500-1.jpg
spycloud.com/wp-content/uploads/2022/10/ 109 KB
110 KB 460ms
449ms Image
image/jpeg 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2022/10/blog-img-ghost-accounts-800x500-1.jpg

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

017b5b521f87967db33c84de7acf7ac8356bbc15df022c2ab97407bb7b9ed779

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
x-amz-version-id: usQP5Hdmu5R8.txNhRjmTxDrMXC101HW
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
x-powered-by: Strattic
x-cache: Miss from cloudfront
content-length: 111778
last-modified: Fri, 04 Aug 2023 20:57:20 GMT
server: cloudflare
etag: "a29dda997163ca212730f83fdcaf633e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba895a1c15-FRA
x-amz-cf-id: omGugwS8FuPfc68vtoy2OVeLJxASy193pp6dR1PBAmxPSRfQZB-gcA==
expires: Tue, 06 Aug 2024 13:26:59 GMT

GET
H2 200 gartner-bg-bw.jpg
spycloud.com/wp-content/uploads/2023/01/ 19 KB
19 KB 67ms
56ms Image
image/webp 2606:4700::6812:1a6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spycloud.com/wp-content/uploads/2023/01/gartner-bg-bw.jpg

Requested by

Host: spycloud.com
URL: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Strattic

Resource Hash

bab74fb2e475331e59b10c37fb32aedbfdee3994bf75d003aab74f3982a67a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/wp-content/uploads/elementor/css/post-38189.css?ver=1690855719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-version-id: QEzBR4qmrAKhAku892egyygejKG1ooKY
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P5
cf-polished: qual=85, origFmt=jpeg, origSize=52147
x-powered-by: Strattic
x-cache: Hit from cloudfront
content-disposition: inline; filename="gartner-bg-bw.webp"
content-length: 19520
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Aug 2023 20:57:23 GMT
server: cloudflare
etag: "22d1944d69faf5d43f072139e38b98e2"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7f2fdaba895c1c15-FRA
x-amz-cf-id: b9MAEi4f7eXonuyuUzJUaDOYafJ45FccFB6lQqZKfXyun65DQkZHng==
expires: Tue, 06 Aug 2024 13:26:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 97ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.2.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 292807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 04:06:52 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 130ms
57ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 19:29:21 GMT
x-content-type-options: nosniff
age: 237458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 19:29:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 99ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 172180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 124ms
51ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 211910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 02:35:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 70ms
44ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 252244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 15:22:55 GMT

GET
H2 200 captions.js Show response
fast.wistia.com/assets/external/ 161 KB
33 KB 21ms
20ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/captions.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

90b8e8f8fa0826107195aa91ef63285976ed00f37f37de2b358d7d227d32f20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 321
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 33590
x-served-by: cache-iad-kjyo7100096-IAD, cache-fra-eddf8230113-FRA
x-browser-version: 115
last-modified: Mon, 07 Aug 2023 13:20:51 GMT
server: AmazonS3
x-timer: S1691414819.261061,VS0,VE0
etag: "f2fbd820b4dc753fd775e6b59ca50afc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd3c5c9e4633ca655385d76a7868cce24fe67db
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 7

GET
H2 200 cbmnvu3xa2.json Show response
fast.wistia.com/embed/captions/ 4 KB
2 KB 256ms
214ms Fetch
application/json 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/captions/cbmnvu3xa2.json

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

aaae375d64e04150d160f8b52ba3d50cfbae41284c82403810a9292653c0615e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 972475a90ca36cd44d9a9e3be6e1990e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD55-P2
age: 0
x-cache: Miss from cloudfront, MISS, MISS
x-envoy-upstream-service-time: 99
content-length: 1774
x-request-id: 16fca305-5f62-42bc-a408-4458b739e54e
x-served-by: cache-iad-kjyo7100157-IAD, cache-fra-eddf8230029-FRA
x-runtime: 0.097465
x-browser-version: 115
server: envoy
x-timer: S1691414819.446717,VS0,VE193
etag: W/"aaae375d64e04150d160f8b52ba3d50c"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KbI6AE_NEzssU_HwTy_pctMtYazJAMThKNxYWQqoWUMVJcvu770qrA==
x-cache-hits: 0, 0

GET
H2 200 interFontFace.js Show response
fast.wistia.com/assets/external/ 45 KB
18 KB 44ms
21ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/interFontFace.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://spycloud.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 321
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18267
x-served-by: cache-iad-kiad7000027-IAD, cache-fra-eddf8230029-FRA
x-browser-version: 115
last-modified: Mon, 07 Aug 2023 13:20:51 GMT
server: AmazonS3
x-timer: S1691414819.446766,VS0,VE1
etag: "9273139b4f23d8c9635da27dfe1931ba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd3c5c9e4633ca655385d76a7868cce24fe67db
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32, 4

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 88b6dfddbb6f1ec877ebb4f70d6f37f0.webp
embed-ssl.wistia.com/deliveries/ 46 KB
46 KB 110ms
29ms Image
image/webp 2600:9000:21f3:5400:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/88b6dfddbb6f1ec877ebb4f70d6f37f0.webp?image_crop_resized=1920x1080
Requested by: Host: spycloud.com
URL: https://spycloud.com/lp/post-infection-remediation/?utm_medium=email&utm_source=marketo&utm_content=body-em6&utm_campaign=nur-ransomware-2023&cid=7016Q000001MSldQAG&mkt_tok=NzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 270abc421a72e95018ee1736ad7d010bba7e9ba2f38cfd168e0a003943082200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 09:14:12 GMT
access-control-request-method: *
via: 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: FRA2-C2
age: 15167
edge-cache-tag: 88b6dfddbb6f1ec877ebb4f70d6f37f0
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 362
content-disposition: inline
surrogate-key: 88b6dfddbb6f1ec877ebb4f70d6f37f0 thumbnail-delivery
last-modified: Tue, 13 Dec 2022 16:12:01 UTC
server: envoy
etag: OtfIam10cMKXuajqLHk11UMkwQw=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: tFXN_GOSe1tqDmex6PY7oqECeaDfIDH62B85GpfabNYaaAIDoYaibg==

GET
H2 200 core Show response
js.driftt.com/ Frame 77BF 2 KB
1 KB 127ms
126ms Document
text/html 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1691415000000/i8ss4t6wz65v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

70560ba9138d04a53b3d50ad24c6ba38a16a2cacb591ddaf7aabb312f0330a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 07 Aug 2023 13:26:59 GMT
etag: W/"07075ae30994d62a00de2f301bdfb11a"
last-modified: Fri, 28 Jul 2023 18:57:16 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-id: LBL52BQlNtWhFImHZxVTtLYt-cWeTeKpSO0qBU9Y79p0p2cjLheI7Q==
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: PE8zep.NHo.o1SZeIPA0xq.0zsXy2Uat
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H2 200 chat Show response
js.driftt.com/core/ Frame D8FF 2 KB
1 KB 318ms
317ms Document
text/html 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1691415000000/i8ss4t6wz65v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

70560ba9138d04a53b3d50ad24c6ba38a16a2cacb591ddaf7aabb312f0330a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://spycloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 07 Aug 2023 13:27:00 GMT
etag: W/"07075ae30994d62a00de2f301bdfb11a"
last-modified: Fri, 28 Jul 2023 18:57:16 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-id: vKrxFMOiqzFv1PmhxnOj7ur_3Y88D31ZaCfHwaCxXHflrnbAIAQWjA==
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: PE8zep.NHo.o1SZeIPA0xq.0zsXy2Uat
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 12

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 79 KB
21 KB 20ms
20ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

28446c8e467f56e3f6d4636b5e640961f22a439f1c13ff09c4fd467dbfc1000f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://spycloud.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 322
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 20973
x-served-by: cache-iad-kcgs7200086-IAD, cache-fra-eddf8230029-FRA
x-browser-version: 115
last-modified: Mon, 07 Aug 2023 13:20:51 GMT
server: AmazonS3
x-timer: S1691414820.809438,VS0,VE0
etag: "f2cfc3a0eacd692295d2f9b5d67606b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd3c5c9e4633ca655385d76a7868cce24fe67db
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 11

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 473 KB
115 KB 20ms
20ms Script
text/javascript 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78a2e78bf3441bfd490b418ec0b0f80d365845274afe282733f26036011b2504

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://spycloud.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 322
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117673
x-served-by: cache-iad-kiad7000098-IAD, cache-fra-eddf8230029-FRA
x-browser-version: 115
last-modified: Mon, 07 Aug 2023 13:20:51 GMT
server: AmazonS3
x-timer: S1691414820.837282,VS0,VE0
etag: "a0786e3d4755b66c2b1f20d21c37fc20"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 2bd3c5c9e4633ca655385d76a7868cce24fe67db
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30, 7

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
136 B 432ms
129ms Fetch
text/plain 67.202.25.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.25.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-25-152.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://spycloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 07 Aug 2023 13:27:00 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 cbmnvu3xa2.m3u8 Show response
fast.wistia.com/embed/medias/ 1 KB
2 KB 24ms
24ms XHR
application/x-mpegurl 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/cbmnvu3xa2.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ccfc29586bbea850d9ab8571d461ded82073fe51080fd971426db1a213f67731

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spycloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
via: 1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 19403
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 1354
x-request-id: 9af524fc-b613-43df-8f16-82bf3d369840
x-served-by: cache-iad-kiad7000087-IAD, cache-fra-eddf8230029-FRA
x-runtime: 0.031437
referrer-policy: strict-origin-when-cross-origin
x-browser-version: 115
server: envoy
x-timer: S1691414820.938121,VS0,VE2
etag: W/"ccfc29586bbea850d9ab8571d461ded8"
x-download-options: noopen
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: j3wC_Qu52VegJxaBw0t6Ilqa6l30AnJHH5PRGO5Kw1TlYUnxbE9oeQ==
x-cache-hits: 179, 1

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 20ms
20ms Image
image/gif 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://spycloud.com/
Origin: https://spycloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:26:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1661
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230029-FRA
x-browser-version: 115
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1691414820.945842,VS0,VE1
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8271863, 94

GET
H2 200 runtime~main.d3870f72.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 6 KB
3 KB 27ms
27ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d74324ac5719aa202221018cd0181776040570d0d6b94112fef8e841ef3d6c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: nYREScR.bpGpZR41m1r79Ea9oNUo0dkc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844184
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"ee97d74de0a92e3518199e701c19ee0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: T0mBjnn2ysgOXGJEa27I451MQQ5EUM8z9UpgJVbFx74M7jQfuFPXYw==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 35 KB
13 KB 30ms
30ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 01:55:57 GMT
x-amz-version-id: 5TXDZsW5KWm2BmB4QCZ0F0RTv1A0v1vA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3065462
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 30 Jun 2023 16:16:11 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8xgguk9XPXsSjydgL_Xh3KYPw7OJ9v1gX4A1zJwSAHFN8965pP3V0g==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 7 KB
3 KB 35ms
34ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:46 GMT
x-amz-version-id: _6ChWa7QfxwgvKvHcksc0_7OHMp8jBKX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4140313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Tue, 20 Jun 2023 14:23:11 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rsrDgOiDCYNBtOTBCjf91lrxjM0o62axgzFwcjBHlhvBLBiTjMdKow==

POST
H2 204 x
distillery.wistia.com/ 0
0 862ms
599ms Fetch 34.232.107.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.232.107.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-107-162.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://spycloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 07 Aug 2023 13:27:00 GMT
cache-control: max-age=0, private, must-revalidate

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 23 KB
8 KB 29ms
27ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: 5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yeEtEjINL8FMUiquhEAc9rvp1Z6XcVGdzIBhHXBOHqs-S8GoEreImw==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 36 KB
10 KB 32ms
30ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id: qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2815006
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: DXgZiUEnTHTSmedSvBWys3saqrE7yrEYOj-JmfkB0szvuh8ACpsKyw==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 32 KB
11 KB 33ms
32ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: zK.I5gIdSwLDVz8paigwY_NlFGMXuMgL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4140313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Tue, 20 Jun 2023 14:23:09 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Bj4598NVtMsx9UbEiHYkhdv054HfBf0Y6CUUxeGWUwvkPP_TbQNCKw==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 17 KB
6 KB 35ms
34ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id: NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 5467906
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _EZ0E63KRMGD2kNMY13y1QbeJaYW2FeA2sq_Dn9TuST7xqmkMg1taw==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 25 KB
8 KB 36ms
35ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id: aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2714516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: C80bsmaboeUfg438ZKTr9XMeQGMtaXACeUZLwLdn8Cv9WaaiDVMCAQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 74 KB
23 KB 39ms
38ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 10:32:44 GMT
x-amz-version-id: wGGyoSV8Lqxz3Hm8vmxbwIrKUsBfWGIL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2343256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Mon, 10 Jul 2023 16:08:19 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CjzCbpZk8e7jZt2iXXEYHrZydTApEVOa2OBdZUp2diyHkeb6hmeB1w==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 66 KB
20 KB 45ms
44ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id: pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 6416292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 24 May 2023 17:36:06 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jGfK0ORhbgqRS8zoaLEbAMMyHb2nIHy2MzE6Gghh8gZXV4mFF60SlQ==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 91 KB
28 KB 49ms
48ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id: SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2683320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 30aJ3KspPWEJjG4UjxR0NjLmBImDcGf1qcNYzriJtjFhsy7J36MYhA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 23 KB
7 KB 59ms
58ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id: IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 5970247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 26 May 2023 19:24:42 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tWp5tQTODIT-vUFLuF6Lti66LnlI35dF4dCfWtLGtramTSSiK09kpg==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 62 KB
20 KB 58ms
56ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id: 4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3497109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 26 Jun 2023 20:12:19 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VH95Or2z-cBbMAXEM4nmVKjIVg1ijCu-mAqzTo6Sylf8xPcYg9J2hA==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 105 KB
34 KB 61ms
58ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 100
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nt0d0ogA49CxyaoQ8aLigcCrLHN_uzlX6ScKPO_wg3TuO9rKcrGaIw==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 12 KB
4 KB 64ms
61ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gaQfc6pG5RLqHW0hh_UKZROeLJfiPf7y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GbyGswDZuRbW4XiX-x0zs7gFdT5s5tbyLOp3GfXzLq67w097SdqOkA==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 13 KB
6 KB 65ms
62ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6qMGkWN5T8cunRfVg_hS_8Tt_KCokf7kPz4-IzIWItGko4QePgvdfg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 17 KB
7 KB 66ms
63ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:27:20 GMT
x-amz-version-id: E7uVAl1FLfBDE265RBi.rA_w78O03F5t
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2919580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: dLZ8HDp5eE9Sxkm1hO9qjQCuFo0q3lk6XiUbuZnvSm-tpmJBsOxQYA==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame 77BF 31 KB
4 KB 67ms
65ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 16 Jun 2023 14:07:10 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oi5RuaAL-GBMb2-PuTvO9K8nt0zQRhs83YPijjKnE0weVgnQH0m-qA==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 81 KB
25 KB 69ms
67ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:10 GMT
x-amz-version-id: sKS3NtYZ5xBkpnwyRKt297s4ZL0aCKra
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1790150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 17 Jul 2023 15:59:42 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zwa3SCI8f00Ch-gCC-xe3pNKzdgxok9o2v4TEawpVhHRZG743qxiKQ==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 77BF 24 B
697 B 68ms
66ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:27:17 GMT
x-amz-version-id: wC0VVnvjh0b_x52D_sqkaWEh2hDGH6qB
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 2919583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
content-length: 24
last-modified: Fri, 30 Jun 2023 16:16:06 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fUGLWKmlLV5qJDTGZCg-hjhT75BcowZ6BdfyETOvfNiaWRUqX83CFw==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 91 KB
23 KB 73ms
72ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: L9w30zukoAvKQ4z32O_WJYfnADf-uYB2XaApocCq870pbXvfWTdiIA==

GET
H2 200 24.1fcb23fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 50 KB
14 KB 78ms
77ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1fcb23fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6e60af994c94f52d951f4ba72ce1ad110d02331dc2ab55b61110cd3be60c83f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: mhEzNs3jM3iyiDrVTPsVGu6p3AXJxHOl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"dfa4b7771ab513175144a5ffeb70e72d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PY7P5u_YskAMnbRgfAxg0nfuxF41i-BV4cyAZp_Kp5IgraNH060OjA==

GET
H2 200 17.a71bb070.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 40 KB
13 KB 79ms
78ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.a71bb070.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6fa317686874e2babbb154c505e6d34dea75adf4cc6621773e1b40970a89419b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: W_RhZ8nhV9MfFiIuzCtGrNuJHr5uhnLe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"8f716b28dee3e1937ef5c37d59f4213c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SJFiMMPRk5scuSw1YaovC8hmj8124G6TH8eB0ojET7rT1A8ciBpdvQ==

GET
H2 200 runtime~main.d3870f72.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 6 KB
3 KB 27ms
27ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d74324ac5719aa202221018cd0181776040570d0d6b94112fef8e841ef3d6c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: nYREScR.bpGpZR41m1r79Ea9oNUo0dkc
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:12 GMT
server: istio-envoy
etag: W/"ee97d74de0a92e3518199e701c19ee0f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HJKP2EkX15c5UUzNOXR7V3n27BWNJsKQMcJahVp5sKD2jnC7mpjbFw==

GET
H2 200 9.4a3e9801.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 35 KB
13 KB 27ms
27ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 01:55:57 GMT
x-amz-version-id: 5TXDZsW5KWm2BmB4QCZ0F0RTv1A0v1vA
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3065463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 30 Jun 2023 16:16:11 GMT
server: istio-envoy
etag: W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: AF0td1furfHrnq0sDFg1kDZNTbDMO3NLUIIdQ4p1geOzxALX0-cW6A==

GET
H2 200 main~493df0b3.d2a43907.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 7 KB
3 KB 27ms
27ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:46 GMT
x-amz-version-id: _6ChWa7QfxwgvKvHcksc0_7OHMp8jBKX
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4140314
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Tue, 20 Jun 2023 14:23:11 GMT
server: istio-envoy
etag: W/"e094b276ad2035c3a46871991c258c2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5OwQWtmrzjzp-Ny7s3szo6mRY6i1hLSoc_-ruvHYKr28s9KxhvdDwA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 9 KB
3 KB 29ms
28ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 01:23:13 GMT
x-amz-version-id: d8XrCXyW6RDxNJSZp3WgY6XBM0lZo7kg
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2808227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ex2tdgcr-gPKStDQPMwvLYG531kMnr3hb7pDxTEpQGGcKLc0TCHLtQ==

GET
H2 200 27.01c2bea5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 35 KB
10 KB 30ms
29ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:02:59 GMT
x-amz-version-id: nle0j8birQ7TqZcCTCj2_Aiuc4PU4FBJ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4188241
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 37
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"04a233a42dcf8c50a83bfecea8ba552d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: o-zK46xXh-QwKd5nvBtAaVlGG_7wjdVkj35nOKswtRxpUqYTmMLKgA==

GET
H2 200 28.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 77BF 8 KB
2 KB 29ms
28ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:30:40 GMT
x-amz-version-id: o5Mqj_3FT3WjX9660DbCXWXmwKjwNZDi
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1036580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Wed, 26 Jul 2023 13:12:09 GMT
server: istio-envoy
etag: W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: knNKQGUN5aDVJvVy0E_998Th6gOSU3aC279WggPObB_Ua9Q--vWg0A==

GET
H2 200 28.bdd92ff2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 14 KB
6 KB 30ms
30ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: FN2mK9FP.1iG0EPXu5GaP7vFrDcTGt2G
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4140313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 20 Jun 2023 14:23:09 GMT
server: istio-envoy
etag: W/"260fbabe310bd2cae5c44538f3d833ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m8Rvq55B0SYxV_wSzEwVG4UihW3PLDB7EiwUrhBahRuMMrvTJTvz4Q==

GET
H2 200 25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 77BF 365 B
1 KB 31ms
30ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: ZuuQmAv287PLv09x8YJDQ63ijAfFLcLS
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 4140313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
content-length: 365
last-modified: Tue, 20 Jun 2023 14:23:06 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WozusCcK2c1KqYFOr44AS97vP7Qa5l3ppllHQxfi_qseA_rIIQmSjA==

GET
H2 200 25.a9a52994.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 91 KB
25 KB 31ms
31ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.a9a52994.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:11 GMT
x-amz-version-id: gwpLuUCx14LwmyLJHh.v9ArijcPAHA0d
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1790149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 67
last-modified: Mon, 17 Jul 2023 15:59:41 GMT
server: istio-envoy
etag: W/"34109a0bf2906f78b21b4a9f5fa4ab8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1knjUHbsbOETZia9BhaRFFAtxUYR_lG4TX6wdSl2eynmrLcJ2BQVbw==

GET
H2 200 51.558be3c5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 23 KB
8 KB 27ms
26ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: 5TonZ2q4BzUrPKpbgBIsyV0ypFLgVCeU
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 78
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"fa281fcbe4b2e35558d60fae3e316367"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qkeH8WuWIFfrbT7BF4CElGf3QIKVS2I1YM3ABeajLGfo_wGtLj7Avw==

GET
H2 200 35.d0f1ccda.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 36 KB
10 KB 32ms
29ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 23:30:14 GMT
x-amz-version-id: qXDwNGmcU.i_gy6zABPrFxJLJu0M1pqs
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2815006
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"46fa5a7bc37a22544a908e4ad950309c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D04MXaDnMkWFeiy_rHa9oigYoh6rFx7I20Mpwi53bDC8bfkj_Du_eA==

GET
H2 200 22.6b9a301a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 32 KB
11 KB 34ms
32ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 15:21:47 GMT
x-amz-version-id: zK.I5gIdSwLDVz8paigwY_NlFGMXuMgL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4140313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Tue, 20 Jun 2023 14:23:09 GMT
server: istio-envoy
etag: W/"d8739a9fe9a3a42936f5cd86c8727494"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KvRUUD6GfPAHpGyMK3utANOBwqu1NmfCQSTfCxm96BmLHCGqwVMTpw==

GET
H2 200 19.6f85b843.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 17 KB
6 KB 36ms
34ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 06:35:14 GMT
x-amz-version-id: NhB69SBKJZmuUtXDH0xsEetKhzurSV2H
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 5467906
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 31 May 2023 20:40:09 GMT
server: istio-envoy
etag: W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: E91sHauz4dK8LL1bBnZBJxRU7-xxFQ3Lb64rySMNWRulCsL--DDnLg==

GET
H2 200 41.b4fc4de2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 25 KB
8 KB 37ms
34ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:25:03 GMT
x-amz-version-id: aw1f3uGwXuU6S2OomkpX1DCMYaDfscU9
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2714516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"a2ace4f65aa7b34dedb884f6cfe9df8d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZkjNIdmNQ9SD5PcmehbHhtQawkF6IW8w3g7nMWxyN6R83Jo5-Lwzsg==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 74 KB
23 KB 38ms
35ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 10:32:44 GMT
x-amz-version-id: wGGyoSV8Lqxz3Hm8vmxbwIrKUsBfWGIL
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2343256
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Mon, 10 Jul 2023 16:08:19 GMT
server: istio-envoy
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lNt3J1khDaZpXfdV7fYmbKJM-JgoKgiRHiYO1ZyKGHOQri00qSRr8Q==

GET
H2 200 26.04e7f30b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 66 KB
20 KB 38ms
36ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 25 May 2023 07:08:48 GMT
x-amz-version-id: pbTO4uU1iA_kBPCkMqV8rm3AioPcDtRp
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 6416292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 24 May 2023 17:36:06 GMT
server: istio-envoy
etag: W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ojv4TfNPIc57_723_IJgfE0I1D4s6quvLNlBn-InbIOSF-XSA-xP5Q==

GET
H2 200 14.e24a6190.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 91 KB
28 KB 40ms
37ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 12:05:00 GMT
x-amz-version-id: SrUur3gTkOE1yjoDcy53ibL6t3rDB5tT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2683320
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"16d7ae86e21434a32157d3226ac9bb77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BhG8JBaj-aHtb3wlUHya-e7_serWBUYNprxs-njlahqPqn5t8JyGuA==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 23 KB
7 KB 40ms
38ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:02:53 GMT
x-amz-version-id: IgOK_MQbEszp7MebOhF6oyS1BThWXb5o
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 5970247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 26 May 2023 19:24:42 GMT
server: istio-envoy
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: albB0ZzXCZu2LGJQCYDLob-IKXVBXMfghy0VwfEuf_paI8xyweGlzA==

GET
H2 200 18.9c1bd1fb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 62 KB
20 KB 41ms
39ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:01:51 GMT
x-amz-version-id: 4sXKEKnf1MP6Oxg8R9s.0Ul7nOjxTe89
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3497109
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Mon, 26 Jun 2023 20:12:19 GMT
server: istio-envoy
etag: W/"02f09379c544befa413d22eb57ed41de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sDViTHNc-oTEhVL0alL3Tf32phCFT09kJ-8c6egifTu_Czvp6KLmFg==

GET
H2 200 49.f7274268.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 105 KB
34 KB 43ms
41ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/49.f7274268.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gBpCCsntSn2IWEffEf2F8DC2OtX8qv0J
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 100
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"e268d36b98f0119a2bb1a15f69fd4ffe"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pesPM9cKLXhDnuHpDfWcqlvBDCLx5COLu41HMJbMqVFi0hNpKN_v2w==

GET
H2 200 40.31ef8dbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 12 KB
4 KB 45ms
43ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: gaQfc6pG5RLqHW0hh_UKZROeLJfiPf7y
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"b0793fa46e8c0ae1846b7be8a833da35"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9IuRkTvEALttjp0hGsYHOpWIV0_dicAKAEyiD9aKEZT-nmUHbHaDCg==

GET
H2 200 29.31d09948.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 13 KB
6 KB 47ms
45ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.31d09948.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: ncEfPgGiy8bvtpJNwnTX.NMziBwYghK4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 34
last-modified: Fri, 16 Jun 2023 20:26:55 GMT
server: istio-envoy
etag: W/"455157cb49065fb85fed54901ddaeb0e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mh-yHYl400nRzL9MDXNlqISzLwVgacichjjy1wkRvUh-AGn0ZvYTgg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 17 KB
7 KB 48ms
46ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:27:20 GMT
x-amz-version-id: E7uVAl1FLfBDE265RBi.rA_w78O03F5t
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2919580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 14
last-modified: Fri, 30 Jun 2023 16:16:09 GMT
server: istio-envoy
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z2kgP3BMLa6evplh_3hS8qwwsZU-1e1Geq0DJp2glCHUWfqpxJJKvw==

GET
H2 200 8.b5c2854f.chunk.css
js.driftt.com/core/assets/css/ Frame D8FF 31 KB
4 KB 48ms
47ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:48:00 GMT
x-amz-version-id: a7.YLqd37JZcdeCbrfXC3CfVjfFxsQd4
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4185540
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 16 Jun 2023 14:07:10 GMT
server: istio-envoy
etag: W/"9ef689f5d4cb5dab3b0e463418857c2f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WuiXtU-xIGjpJRODDS0D28WvKdLIeyiPy_hkSAtqZC6tRYkKT95X6g==

GET
H2 200 8.94b86ac7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 81 KB
25 KB 49ms
48ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.94b86ac7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:11:10 GMT
x-amz-version-id: sKS3NtYZ5xBkpnwyRKt297s4ZL0aCKra
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1790150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 21
last-modified: Mon, 17 Jul 2023 15:59:42 GMT
server: istio-envoy
etag: W/"c01af04dcc374efd61d695b2f1e6a2c5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pfC9m7VjFrConXoOAckGelYvHPt_5udzdgn1ul9WBkeWI4U0CDnl1Q==

GET
H2 200 16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame D8FF 24 B
694 B 49ms
48ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 18:27:17 GMT
x-amz-version-id: wC0VVnvjh0b_x52D_sqkaWEh2hDGH6qB
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 2919583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 13
content-length: 24
last-modified: Fri, 30 Jun 2023 16:16:06 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cv8At1g4APLlP8FFVGJGh4UABd0bKMZn5hP16yf7mz2icq9VsuzBhw==

GET
H2 200 16.8bd9e5a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 91 KB
23 KB 50ms
50ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: rzljacJzqN37r9cYvWsZXzr5I9pj.xER
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"ef144ff505a111b4fe4731aaba1cffed"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tKwYSPs2YG6fqpLIwExymRTzR4GxM7Of38S8nYI5paOIr9kZTjF37w==

GET
H2 200 24.1fcb23fd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 50 KB
14 KB 51ms
51ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.1fcb23fd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6e60af994c94f52d951f4ba72ce1ad110d02331dc2ab55b61110cd3be60c83f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: mhEzNs3jM3iyiDrVTPsVGu6p3AXJxHOl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 16
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"dfa4b7771ab513175144a5ffeb70e72d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 2r_ZzabflFNz5jLb3WkoAfpCgBuwsV3xgLXddfC2aQeXu4hDHe_iSQ==

GET
H2 200 17.a71bb070.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 40 KB
13 KB 52ms
51ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.a71bb070.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6fa317686874e2babbb154c505e6d34dea75adf4cc6621773e1b40970a89419b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:57:15 GMT
x-amz-version-id: W_RhZ8nhV9MfFiIuzCtGrNuJHr5uhnLe
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 844185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 15
last-modified: Fri, 28 Jul 2023 18:55:10 GMT
server: istio-envoy
etag: W/"8f716b28dee3e1937ef5c37d59f4213c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b55tbKAOSGHDYAQapN934PEnfKXTfMEwS60jivtZdAEiP5M1Y14fFA==

GET
H2 200 37.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame D8FF 3 KB
1 KB 28ms
27ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 00:43:49 GMT
x-amz-version-id: 6S9dem0QqRNKdsXJa9pt.hiZoFHo8G8.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2810591
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
last-modified: Fri, 30 Jun 2023 16:16:07 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lCVNm4rRIT9E4xsWZJVoHzg4Pz2hi2cnNtiYwx2CPgq_HWK4KEQIzA==

GET
H2 200 37.298cbb69.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 3 KB
2 KB 28ms
28ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 04:59:35 GMT
x-amz-version-id: Fv09MwZ9_aib0TbI3DWT7N_8oqF8DxL_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4177645
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"86b289eeb2bf9d30034f30d9794e8041"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: n8eLgBGFFSURP7JIM5Z-RmVNhwvFxEx-xKaVkFMV1LEsPj5yefBzwA==

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 9 KB
3 KB 31ms
30ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 01:23:13 GMT
x-amz-version-id: d8XrCXyW6RDxNJSZp3WgY6XBM0lZo7kg
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2808227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Fri, 30 Jun 2023 16:16:08 GMT
server: istio-envoy
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1V02qHbL_ry2ZzLzhIJ2m7-JwNWmsvvUShqn23WiXnS1ex-5l8SMhA==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame D8FF 7 KB
2 KB 29ms
28ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 26 May 2023 01:55:58 GMT
x-amz-version-id: mj1uBZn49IegQv8DQD1iQuBHBtNoawj8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 6348662
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 136
last-modified: Wed, 24 May 2023 17:36:04 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J3onZFG0q9btN2hdGhoEwN7AvOvP-camsxjdG06Ga3qJxP1fLq84-A==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 54 KB
15 KB 32ms
31ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 02:27:09 GMT
x-amz-version-id: 2R1fSgEXfJs.Uu1IzVizcYh5ewaN333A
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 4186791
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Fri, 16 Jun 2023 14:07:13 GMT
server: istio-envoy
etag: W/"1ac37bf2b93050f29058b66a9ad43e10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zRHxhW3nCYI-N810R7iy0VF3ihu9Hbg1R06mC4DtG_UjROEdyReOPA==

GET
H2 200 1.12ba17b6.chunk.css
js.driftt.com/core/assets/css/ Frame D8FF 44 KB
7 KB 30ms
29ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 19:01:02 GMT
x-amz-version-id: 19YOPtagzF0I0emgnq_seBKB.3mPQekh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1535158
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
last-modified: Thu, 20 Jul 2023 18:22:08 GMT
server: istio-envoy
etag: W/"3b8ba82e1bac13ee29e9764a55620d99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GAn2MEdbuEwL-DpD-8JGd7vBXZaA4bL0inzTIyZbh1PCLHer47RPrg==

GET
H2 200 1.be8346b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 54 KB
17 KB 32ms
31ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.be8346b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id: PLfb_l_4aFe.aYN3FEG.I5zIcM2Rb4sy
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3349211
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Thu, 29 Jun 2023 18:36:38 GMT
server: istio-envoy
etag: W/"c2bd45f4e9f02db923342d39137bf141"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J618bwQLmGVlHEeBCQ1GScoeObreytOsGb3jdvG46IZ3LXe2CaF02w==

GET
H2 200 4.9d776499.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 23 KB
10 KB 33ms
32ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.9d776499.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:55:58 GMT
x-amz-version-id: uGJ36CDXFf5jc7zFgfXUohqg1i8mPHWM
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1103462
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
last-modified: Tue, 25 Jul 2023 18:08:15 GMT
server: istio-envoy
etag: W/"cc02ad980b6b04f3bba61e68883356d4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rwzkwkCsWmLVmKuXlpTKE_SRhPlYtJlK8ppAtXtulLS7R7OpTiU9Ug==

GET
H2 200 34.0504aac4.chunk.css
js.driftt.com/core/assets/css/ Frame D8FF 16 KB
3 KB 32ms
32ms Stylesheet
text/css 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id: Y0eUMP8TZIUm_xphXPO8Cb7kobR8Sp8P
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3349211
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 22
last-modified: Thu, 29 Jun 2023 18:36:37 GMT
server: istio-envoy
etag: W/"95b017fb41a8751bd7175f8a73f035f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 33OpFyhNFzsa0WdXeiFIqYAK0MmgRQn-xAfyUSxGeXegpVtg62qEMQ==

GET
H2 200 34.26535e57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 12 KB
5 KB 33ms
33ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.26535e57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 19:06:49 GMT
x-amz-version-id: pP4ZKQ0wl7_jYctuYheBxCj9PF_v.ESa
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3349211
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 18
last-modified: Thu, 29 Jun 2023 18:36:39 GMT
server: istio-envoy
etag: W/"d1f726d8d49e4c3e218775f6ce78039f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lKlyaTStoK0RFWnkMIZ5SQFNcLQ42eFNeiA42veWNzLU8f21rzVaDg==

POST
H2 200 v2 Show response
bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 77BF 147 B
588 B 390ms
119ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

ef9c4561755cb3772aa5513320dfabf869986e2100347422d626d0cb4da65708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Aug 2023 13:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: adf436e98b5c712b
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
135 B 127ms
127ms Fetch
text/plain 67.202.25.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.25.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-67-202-25-152.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://spycloud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 07 Aug 2023 13:27:00 GMT
content-length: 2
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8

POST
H2 200 v3 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 77BF 25 B
89 B 161ms
128ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Aug 2023 13:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: dad947095bb9c7d3
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 77BF 77 KB
8 KB 301ms
300ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

2c909019c6feebb27307864f77733d96a48603a2fb63c3e97991cc5e104cceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Aug 2023 13:27:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: b2b9286e0b23178b
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 186
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

POST
H2 200 track Show response
event.api.drift.com/ Frame 77BF 892 B
954 B 117ms
117ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

36f86546dc4ae2478ed679e88916d6616d5b19d398d94b2c5e629042e6050c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTA2NDMwOTI0NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExODcyNjYiLCJleHAiOjE3MjMwMzcyMjAsImlhdCI6MTY5MTQxNDgyMH0.Dq4GYyzOHQC69EER0qy6QUU1mc748LPL47gafbpbupvx5Q3gXxkTPdBzHNP0dawVa7uNe5Snf37107AY5FAUYw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Aug 2023 13:27:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: fa4b817db36d3ef4
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 892

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 146ms
116ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 07 Aug 2023 13:27:01 GMT
requestid: drifta0784d9488895d3c5874b00da3b
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

POST
H2 200 evaluate_with_log Show response
targeting.api.drift.com/targeting/ Frame 77BF 1 KB
585 B 117ms
116ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

5026c7c9f147bb8ad6790aa7750b48ed43ab89ad681938abd6eaf0ac054739a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTA2NDMwOTI0NyIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExODcyNjYiLCJleHAiOjE3MjMwMzcyMjAsImlhdCI6MTY5MTQxNDgyMH0.Dq4GYyzOHQC69EER0qy6QUU1mc748LPL47gafbpbupvx5Q3gXxkTPdBzHNP0dawVa7uNe5Snf37107AY5FAUYw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 07 Aug 2023 13:27:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 583a65e782ce7992
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 523

OPTIONS
H2 200 evaluate_with_log
targeting.api.drift.com/targeting/ Frame 0
0 127ms
116ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate_with_log

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Mon, 07 Aug 2023 13:27:01 GMT
requestid: drift9e6871448ac9b0f846158978513
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 77BF 19 KB
7 KB 28ms
28ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=i8ss4t6wz65v&eId=i8ss4t6wz65v&region=US&forceShow=false&skipCampaigns=false&sessionId=e5372216-9cfc-4cb2-b5a3-ebf3e83de9f2&sessionStarted=1691414819.784&campaignRefreshToken=5777c714-f0ec-4ee5-8fe7-b0b42978334e&hideController=false&pageLoadStartTime=1691414818568&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fspycloud.com%2Flp%2Fpost-infection-remediation%2F%3Futm_medium%3Demail%26utm_source%3Dmarketo%26utm_content%3Dbody-em6%26utm_campaign%3Dnur-ransomware-2023%26cid%3D7016Q000001MSldQAG%26mkt_tok%3DNzEzLVdJUC03MzcAAAGNah8C56SSrcitrhUVGNLfscvyoOI6MnWZE9gGx_Ym4mwS_BjWNW-vOMLCJs-EuBemzbKtJP8xY7T7unfO7CoCQEHawqAIIRu4HUmcNGY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:16:11 GMT
x-amz-version-id: gdLzK0_qjU8jtmmLbxCIMiiKO3ne3if8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3543050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Mon, 26 Jun 2023 20:12:20 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x5rWDy6tAXjUi87uTSjJu5YjPCTNWiU-akGuH8ir9Wad1JFSRSqSPQ==

GET
H2 200 57.28dde8ce.chunk.js Show response
js.driftt.com/core/assets/js/ Frame D8FF 19 KB
7 KB 28ms
28ms Script
application/javascript 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.d3870f72.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1691414818568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:16:11 GMT
x-amz-version-id: gdLzK0_qjU8jtmmLbxCIMiiKO3ne3if8
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3543050
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
last-modified: Mon, 26 Jun 2023 20:12:20 GMT
server: istio-envoy
etag: W/"3c4cd13822c0069a68e9f9c8240f5ba9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3ts0WkAAw-T3WV7lW8BiXSmdgPUKgh8sFsKgpJ5KwAPGZcXc-GXEVA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame 77BF 38 KB
39 KB 27ms
27ms Font
font/woff2 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2874523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fW9tjvtmUP_A4_d0ox_R05CxnO5-8OfmU0LRQS3P2Ezo0b4oAiFQnw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
js.driftt.com/deploy/assets/static/fonts/ Frame D8FF 38 KB
39 KB 37ms
37ms Font
font/woff2 13.227.219.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-60.ams54.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/assets/css/8.b5c2854f.chunk.css
Origin: https://js.driftt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 06:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ec5c4a66c1200ddcc562c6e98f77a48c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2874523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
content-length: 39372
last-modified: Fri, 03 Mar 2023 16:21:38 GMT
server: istio-envoy
etag: "40b6965b5cd26213faf61e5ab6765bb9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/font-woff2,font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mtIEG88SArmFBWcE67JoC7gczzgtfLg90WW_Nmni3fgljtVcpKW5BA==

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event3/ Frame 77BF 25 B
112 B 130ms
129ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event3/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Aug 2023 13:27:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 6a1417658c419b1a
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.email.spycloud.com/	1970-01-20 13:50:16	Name: __cf_bm Value: chtbRgEg6zz5M9SvCo0COoROsHDwEsT2ll2eYb4jcTA-1691414817-0-AQJOijIgA02XgdOJ67DcS117j1d053laoAMP1RbK/PVC4i1Ss2clxC6xXAZ9vCSeshY6qxT62ErLm9FDDTvwQpU=
spycloud.com/	1970-01-20 22:35:50	Name: cookielawinfo-checkbox-necessary Value: yes
spycloud.com/	1970-01-20 22:35:50	Name: cookielawinfo-checkbox-marketing Value: yes
spycloud.com/	1970-01-20 22:35:50	Name: cookielawinfo-checkbox-non-necessary Value: no
spycloud.com/	1970-01-20 13:50:16	Name: drift_campaign_refresh Value: 5777c714-f0ec-4ee5-8fe7-b0b42978334e
spycloud.com/	1970-01-20 23:26:14	Name: drift_aid Value: 7df2ab10-1c2a-4da2-b43c-c3975ed1794e
spycloud.com/	1970-01-20 23:26:14	Name: driftt_aid Value: 7df2ab10-1c2a-4da2-b43c-c3975ed1794e

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://email.spycloud.com/NzEzLVdJUC03MzcAAAGNah8C5_iu7MgtJJQs7Ww1xyQqZmJb1HS_nzfJkzb9L-BK9prXw_O2WJfx_wSR1onq5v17TIc= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-4HhXwEzPsLGRqp5bfj9iW9xCukFxuUd7Yrbds06H5iU=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstrap.api.drift.com
distillery.wistia.com
email.spycloud.com
embed-ssl.wistia.com
event.api.drift.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
js.driftt.com
metrics.api.drift.com
pipedream.wistia.com
spycloud.com
targeting.api.drift.com
www.googleoptimize.com
104.17.71.206
13.227.219.60
2600:9000:21f3:5400:1e:c86:4140:93a1
2606:4700::6812:1a6c
2a00:1450:4001:802::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:829::200a
2a04:4e42:400::644
34.232.107.162
54.147.21.139
67.202.25.152
011426f6c5b5be4d1d609555cb477dc3f139a464526650c11e09dece069936ab
017b5b521f87967db33c84de7acf7ac8356bbc15df022c2ab97407bb7b9ed779
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
08f002722ce870a7070dfa5b13ee7ec2576e75890f5a3f446f6b15ff1045f6bf
0bcbe042444dba084bb3403708b5f225b3184f5cbacf6911461f5738c8f1843d
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
14c31b1fc92b43518a568d37d84d9f67783605ba8a894a17e2eef5d7de283f9c
178c7e0dd0c602d457b8d91dd18b916c3f4220794fccb6067cac187f0c753795
181201657cdc33652af99da41cfe18412dead35a3f27ff1c7b8f7cc7fd97fa47
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
241b75cd9c48834a0d84cbc9d02b0cbb03e3c009825531322798858bf63b8dbb
270abc421a72e95018ee1736ad7d010bba7e9ba2f38cfd168e0a003943082200
28446c8e467f56e3f6d4636b5e640961f22a439f1c13ff09c4fd467dbfc1000f
2a39504ff0e8230cff9511b4027a386c4b2a54601d27524c751e7dc6f0a6e6f9
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e
2c909019c6feebb27307864f77733d96a48603a2fb63c3e97991cc5e104cceb5
2fdaf549542c19d303a61dd53d8558a115ff3a1296d974b3392f9e47cb64fd5f
31cdea230631f4102652fbf11892ce200606c1b8ca50ed3de0e2da8323fa5c0f
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
36f86546dc4ae2478ed679e88916d6616d5b19d398d94b2c5e629042e6050c14
3963b8591050c4af2f0edf8a96662113f01900444868e6936c5d192bc44dfe6d
3e74df990fc2870bec563c9c8f7e343dcda30fd8e4689aeeab5e82b060d714d6
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
412259ded0ef44f6bebe50cac049b4cb413663ffc8f218a2a81a91d926a2ed54
46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de
481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f
48898fa425802689074b53ed242083239ff7b885c76f636cfdac91be1e030a1f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5026c7c9f147bb8ad6790aa7750b48ed43ab89ad681938abd6eaf0ac054739a9
51005579c45b0b61844be2e2a9789cae82134d7239a10209ff69f0ccd2ba7cfa
51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039
521b858a4fcc33d56f0248f7aa72997c4acf17e0843bbb00e144f8ae41a40f82
52ce1224042a44eda3a9093c9bc60357e17ea9cb8d40f65841333adbeee2a2ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e6ecec8d78c9d3f391fac9bde08b4f66048ab4ce9d97d3774b3d223f18b43a1
622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec
6396ea91b7df3a21b699adb88f2fb4d00c934f8e0deab656ec53dff47167e0a4
6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6e60af994c94f52d951f4ba72ce1ad110d02331dc2ab55b61110cd3be60c83f3
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a
6ecf45b26fefc92384d96bfe9b613dcfd86192f67928561ecf8b9249b7649789
6fa317686874e2babbb154c505e6d34dea75adf4cc6621773e1b40970a89419b
6ff4191ac1e5fd2aa051649f757283f1307d652f9ac46b4154c2fa35e89519c0
70560ba9138d04a53b3d50ad24c6ba38a16a2cacb591ddaf7aabb312f0330a9f
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc
77552f6bb9019a0420afcffa171cc49150bd9d786c6f1b14fe64957c050798c8
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
78a2e78bf3441bfd490b418ec0b0f80d365845274afe282733f26036011b2504
856e2a7283dcaec4d5c33123fd70df27a70514821125000c9a2322ed08975a32
8611d56d67b7b90bd10267ecc7a63f8d9c9380803dbba9bd35fc60b00312e738
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a
8d756ef243bb751fe32fea60925ffe888cdb07c17c8597f4de8dddd4dd63467d
8eefd1e402dfa38783137170c197dc4df52d9a66f975f3f7051f5faf53d7759a
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
90b8e8f8fa0826107195aa91ef63285976ed00f37f37de2b358d7d227d32f20a
9633c7e547c62f344152eec25e9b59e54c422cb60060eeeeda03055f4e539b60
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a1e8ff6e3433451a637658e81616852233d86684186eab93629b79c94d15b28f
a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79
a4f6077532e970d8d0f3a4183a05542099cba4d3e810c9a4a28a3c2ba5461818
a66328604ee0687b769ca1b98991df4556e0c2d659d5c07a94bbbe40727ab159
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aaae375d64e04150d160f8b52ba3d50cfbae41284c82403810a9292653c0615e
ac9267f6dcdbdd099bc4a6bc9ce5a17985485f6636fb8553445ebc6addadbbc2
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af0b0dbfec18aecd0518daf2ae4b6d60b0b148de91978fd182e2831ce659b5a2
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b00a84b1a1cc74d4b2674174415d9bf87fa0906bfd50728fb36e610256a14d3c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a
b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b3fbfd8630a2b972a16c881993abb737d2ed543c17cfec17fa2dc7d73c5650b7
b6e8b528941e54165691cc824118bf2ce610de969e84f4fefa8482f6a409a92a
b75ac7176837fc50f83172ee62c378899303cc5405be52ddd27be0711a7316c7
b7b2555fa55d5a9c3bc410740b2075a2782cbfad97d3034645d09a61f8698031
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
bab74fb2e475331e59b10c37fb32aedbfdee3994bf75d003aab74f3982a67a8e
bb8e7a460a3214a7c5de015942997661e6627064608ab3a28af4ffeeb97d5ff0
bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b
bbdee6a5cee7911ffed204b01e8798ff1ab500d754e0db2ae6be306c3567a37b
be0b56929195755bb3fe67aa4eb3a545ace43e008fd488e12914136e27f52463
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69
c3fc9609e7d56077b1ffc19b30a1a6cefd11986f01d1833a466d8dfcd1aa997c
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2
c6bf75c77f32cc49bd821765ad5069bdaabdac09261a873f0675111f1566bc79
c7076a6235cd12720cc675334102d16bd5e46a33910f1b3ada0425b74ed020d3
c7270c2cc29edc1935a8caf8a5891a808080963cd6815abd06cca6d67ec3610d
c8683b8aa233904efcaceff3ac30e7e6e41a699736dcf541f72d8c8cd31eddf9
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
ccfc29586bbea850d9ab8571d461ded82073fe51080fd971426db1a213f67731
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3
d36e12824aab23795d2f804f169ec2189defee2b1b8478088177408cc50a8c4d
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d74324ac5719aa202221018cd0181776040570d0d6b94112fef8e841ef3d6c13
db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307
dc898f84a445ea26e9384ee002387ddc9d36f48c1a4d4904221f0d30508fd439
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e3d653cf287a3212e8c5f8d68f2af6563d062b2aaf37348d0b1c5c1798dc22a0
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
e58892952da3f905e3630f50a64a2bfe6c03b9b2a3df6c4b5539bfe08ea56d11
e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b
ef9c4561755cb3772aa5513320dfabf869986e2100347422d626d0cb4da65708
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fca5eb2f7f0e369ce02c777e7c947f792a56d9cd843b274e5a535da2dc7211c8
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fedfc9cb55ef860d81685746a7bac6474be8bd713f094ebf5d2b2fcead43f052
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

spycloud.com Open in urlscan Pro 2606:4700::6812:1a6c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

100 %HTTPS

55 %IPv6

7 Domains

14 Subdomains

12 IPs

3 Countries

3197 kBTransfer

8774 kBSize

7 Cookies

8 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

spycloud.com Open in urlscan Pro
2606:4700::6812:1a6c Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

100 %
HTTPS

55 %
IPv6

7
Domains

14
Subdomains

12
IPs

3
Countries

3197 kB
Transfer

8774 kB
Size

7
Cookies

170 HTTP transactions
1 data transactions