www.area1security.com Open in urlscan Pro
104.18.27.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKT...
Effective URL:
https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na...
Submission: On September 23 via api (September 23rd 2021, 4:15:14 pm UTC) from US — Scanned from DE

Summary HTTP 135 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 39 domains to perform 135 HTTP transactions. The main IP is 104.18.27.153, located in and belongs to CLOUDFLARENET, US. The main domain is www.area1security.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 21st 2020. Valid for: a year.

This is the only time www.area1security.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.18.26.153 104.18.26.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	104.18.27.153 104.18.27.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.16.123.175 104.16.123.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.72.14 104.17.72.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.94.65 104.16.94.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.16.186.59 2.16.186.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
1	104.111.215.74 104.111.215.74	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
5	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	54.161.241.46 54.161.241.46	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.81 13.225.78.81	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.217 151.101.192.217	54113 (FASTLY) (FASTLY)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
2	18.159.128.50 18.159.128.50	16509 (AMAZON-02) (AMAZON-02)
4	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
6	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
2 6	13.224.193.18 13.224.193.18	16509 (AMAZON-02) (AMAZON-02)
1	104.111.233.5 104.111.233.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.26.190 104.18.26.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.68.112 172.67.68.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.168.82 104.16.168.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.90.254.51 69.90.254.51	13768 (COGECO-PEER1) (COGECO-PEER1)
1	74.125.140.155 74.125.140.155	15169 (GOOGLE) (GOOGLE)
1 1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
3	40.76.84.176 40.76.84.176	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.253.133.188 34.253.133.188	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	104.18.6.120 104.18.6.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	161.71.0.165 161.71.0.165	14340 (SALESFORCE) (SALESFORCE)
1	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
1	2.18.234.132 2.18.234.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1 2	108.174.11.37 108.174.11.37	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	13.110.8.133 13.110.8.133	14340 (SALESFORCE) (SALESFORCE)
2	13.110.2.5 13.110.2.5	() ()
135	46

1 104.18.26.153 (None, )

ASN13335 (CLOUDFLARENET, US)

go.area1security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 104.18.27.153 (None, )

ASN13335 (CLOUDFLARENET, US)

www.area1security.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.123.175 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.72.14 (None, )

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.94.65 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-59.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.241.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-241-46.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab22.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-81.fra2.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.128.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-128-50.eu-central-1.compute.amazonaws.com

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.193.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-18.fra2.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.233.5 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-5.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.190 (None, )

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.68.112 (United States)

ASN13335 (CLOUDFLARENET, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.168.82 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.51 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.84.176 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

monitor.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.133.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.120 (None, )

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 161.71.0.165 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-lhr3.um3-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-132.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.37 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

646-atg-835.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.8.133 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-iad3.la1-c2-ia2.salesforceliveagent.com

d.la1-c2-ia2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.2.5 (None, )

ASN- ()

d.la1-c2-ph2.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	area1security.com go.area1security.com www.area1security.com	2 MB
12	force.com service.force.com	41 KB
7	adroll.com 2 redirects s.adroll.com d.adroll.com	19 KB
6	google-analytics.com www.google-analytics.com	77 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	91 KB
4	salesforceliveagent.com d.la1-c2-ia2.salesforceliveagent.com d.la1-c2-ph2.salesforceliveagent.com	5 KB
4	clickcease.com www.clickcease.com monitor.clickcease.com	25 KB
4	unpkg.com 2 redirects unpkg.com	43 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	bing.com bat.bing.com	10 KB
3	bizible.com cdn.bizible.com	32 KB
3	googleapis.com fonts.googleapis.com maps.googleapis.com ajax.googleapis.com	77 KB
3	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	38 KB
2	facebook.com www.facebook.com	331 B
2	marketo.net munchkin.marketo.net	6 KB
2	ml314.com ml314.com	13 KB
2	facebook.net connect.facebook.net	170 KB
2	youtube.com www.youtube.com	45 KB
2	google.com www.google.com	766 B
2	acuityplatform.com origin.acuityplatform.com e.acuityplatform.com	3 KB
2	plausible.io plausible.io	1 KB
2	marketo.com app-ab22.marketo.com	136 KB
2	vimeocdn.com extend.vimeocdn.com	12 KB
2	googletagmanager.com www.googletagmanager.com	125 KB
2	typekit.net use.typekit.net p.typekit.net	1 KB
1	mktoresp.com 646-atg-835.mktoresp.com	311 B
1	licdn.com snap.licdn.com	2 KB
1	bizibly.com cdn.bizibly.com	204 B
1	ipinfo.io ipinfo.io	512 B
1	cookiepro.com cookie-cdn.cookiepro.com
1	googleadservices.com 1 redirects www.googleadservices.com	530 B
1	doubleclick.net stats.g.doubleclick.net	465 B
1	zoominfo.com ws.zoominfo.com	1 KB
1	g2crowd.com tracking.g2crowd.com	1 KB
1	vimeo.com player.vimeo.com	7 KB
1	soundcloud.com w.soundcloud.com	4 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	bugherd.com www.bugherd.com	748 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
135	39

	Domain	Requested by
46	www.area1security.com	go.area1security.com www.area1security.com ajax.cloudflare.com cdn.bizible.com
12	service.force.com	www.googletagmanager.com service.force.com
6	s.adroll.com	2 redirects www.googletagmanager.com www.area1security.com s.adroll.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	unpkg.com	2 redirects www.area1security.com
3	monitor.clickcease.com	www.clickcease.com
3	bat.bing.com	go.area1security.com bat.bing.com
3	cdn.bizible.com	ajax.cloudflare.com cdn.bizible.com
3	fonts.gstatic.com	fonts.googleapis.com
2	d.la1-c2-ph2.salesforceliveagent.com	service.force.com
2	d.la1-c2-ia2.salesforceliveagent.com	service.force.com
2	www.facebook.com
2	munchkin.marketo.net	go.area1security.com munchkin.marketo.net
2	px.ads.linkedin.com	1 redirects
2	ml314.com	go.area1security.com ml314.com
2	connect.facebook.net	go.area1security.com connect.facebook.net
2	www.youtube.com	www.area1security.com www.youtube.com
2	www.google.com	www.area1security.com
2	www.gstatic.com	go.area1security.com www.gstatic.com
2	plausible.io	ajax.cloudflare.com plausible.io
2	cdnjs.cloudflare.com	ajax.cloudflare.com
2	app-ab22.marketo.com	ajax.cloudflare.com www.googletagmanager.com
2	extend.vimeocdn.com	ajax.cloudflare.com
2	www.googletagmanager.com	www.area1security.com www.googletagmanager.com
1	646-atg-835.mktoresp.com	munchkin.marketo.net
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	cdn.bizibly.com
1	ipinfo.io	www.googletagmanager.com
1	cookie-cdn.cookiepro.com	www.googletagmanager.com
1	d.adroll.com	s.adroll.com
1	www.googleadservices.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	e.acuityplatform.com	origin.acuityplatform.com
1	ws.zoominfo.com	go.area1security.com
1	www.clickcease.com	go.area1security.com
1	tracking.g2crowd.com	go.area1security.com
1	origin.acuityplatform.com	go.area1security.com
1	ajax.googleapis.com	ajax.cloudflare.com
1	player.vimeo.com	ajax.cloudflare.com
1	w.soundcloud.com	ajax.cloudflare.com
1	cdn.jsdelivr.net	ajax.cloudflare.com
1	www.bugherd.com	ajax.cloudflare.com
1	maps.googleapis.com	ajax.cloudflare.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.area1security.com
1	use.typekit.net	www.area1security.com
1	static.cloudflareinsights.com	www.area1security.com
1	ajax.cloudflare.com	www.area1security.com
1	go.area1security.com
135	50

This site contains links to these domains. Also see Links.

Domain
www.g2.com
onlinexperiences.com
www.facebook.com
twitter.com
www.linkedin.com
go.area1security.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
go.area1security.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-21` - `2021-11-20`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.bugherd.com R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
app-ab22.marketo.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-15` - `2022-10-17`	a year	crt.sh
plausible.io R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.acuityplatform.com DigiCert SHA2 Secure Server CA	`2021-05-17` - `2022-05-25`	a year	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.clickcease.com Go Daddy Secure Certificate Authority - G2	`2021-07-20` - `2022-06-27`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.um3.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-31` - `2022-03-30`	a year	crt.sh
ipinfo.io GTS CA 1D4	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
la1-c2-ia2.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-16` - `2022-03-15`	a year	crt.sh
la1-c2-ph2.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-16` - `2022-03-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Frame ID: A99A6E60861DAF2F8B2D1B6E3CCD1B61
Requests: 128 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Frame ID: 2C18B489DAD2FAE979DBA214AA212C97
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9AA7BD5353D219CA11C57E7D4616E8E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2021 Email Threat Report I Area 1 Security

Page URL History Show full URLs

https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75... Page URL
https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_te... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Plausible (Analytics) Expand

Overall confidence: 100%
Detected patterns

plausible\.io/js/plausible\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

135
Requests

100 %
HTTPS

0 %
IPv6

39
Domains

50
Subdomains

46
IPs

5
Countries

3304 kB
Transfer

6871 kB
Size

35
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.g2.com/products/area-1-security/reviews
Title: Customer Reviews

Search URL Search Domain Scan URL

URL: https://onlinexperiences.com/Launch/QReg/ShowUUID=118D4ED6-3B62-4CB4-AEDB-971733482D72&referrer=AREA1SECa
Title: Register Here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.area1security.com/blog/2021-email-threat-report/&t=Analyzing%202021%E2%80%99s%20Biggest%20Email%20Threats

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.area1security.com/blog/2021-email-threat-report/&via=Analyzing%202021%E2%80%99s%20Biggest%20Email%20Threats

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite?mini=true&url=https://www.area1security.com/blog/2021-email-threat-report/&via=Analyzing%202021%E2%80%99s%20Biggest%20Email%20Threats

Search URL Search Domain Scan URL

URL: https://go.area1security.com/
Title: < View Previous Page

Search URL Search Domain Scan URL

URL: https://twitter.com/area1security

Search URL Search Domain Scan URL

URL: https://www.facebook.com/A1S.Area1/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/area-1-security

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4SryCvqE_xUiHsoNN-oqyA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/area1security/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0= Page URL
https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.0.6/swiper-bundle.min.css

Request Chain 44

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@7.0.6/swiper-bundle.min.js

Request Chain 79

https://www.googleadservices.com/pagead/conversion/923313590/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD&ref=https%3A%2F%2Fgo.area1security.com%2F&ct_eid=2 HTTP 302
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD

Request Chain 80

https://s.adroll.com/j/exp/5EGGX7PHUFEY7N5HSUGQQ4/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 81

https://s.adroll.com/j/pre/5EGGX7PHUFEY7N5HSUGQQ4/2FGPV6HRYVGHROWBAYIDDD/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 112

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2808332&time=1632413712785&url=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2808332%26time%3D1632413712785%26url%3Dhttps%253A%252F%252Fwww.area1security.com%252Fblog%252F2021-email-threat-report%252F%253Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253Dna%2526utm_content%253Dna%2526utm_campaign%253D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%2526mkt_tok%253DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2808332&time=1632413712785&url=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&liSync=true

135 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0= Show response
go.area1security.com/ 646 B
1 KB 470ms
428ms Document
text/html 104.18.26.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.26.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

affcef0cff0317f06fb0feaed3e1fe6ca8360f31f0a813d1b428ab89260bb1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.area1security.com
:scheme: https
:path: /NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 23 Sep 2021 16:15:09 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
set-cookie: BIGipServerab_mailtracking_80=!yG/t7GhE87kZ6s7w/jjXoMq3bOgvMn+o0c1GTBtuXSYtOpQiQyB2HizelLb1zqyVrS6oT3pBVgxiRSM=; path=/; Httponly; Secure __cf_bm=UulX35e6e3Va3dEG5xNxw.G.KDl5TbyUS7Y5B06NVfk-1632413709-0-AcaHl/59EgGoea/t9LJOmqq+9mjxtEbqKScNebtXyk+tnx5/UjOEVr7JiMTEds/hArE/2mgzi4dxPyvndUmqKFE=; path=/; expires=Thu, 23-Sep-21 16:45:09 GMT; domain=.go.area1security.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 693511f30d7b4e2b-FRA
content-encoding: gzip

GET
H2 200 Primary Request / Show response
www.area1security.com/blog/2021-email-threat-report/ 110 KB
26 KB 920ms
865ms Document
text/html 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

821bfc2f47ab9dd3b11680ecefae0f2b3805fca21369dcb6199482bdc1b6a388

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.area1security.com
:scheme: https
:path: /blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://go.area1security.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://go.area1security.com/

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-type: text/html; charset=UTF-8
cf-ray: 693511f65dcc4abc-FRA
link: <https://www.area1security.com/wp-json/>; rel="https://api.w.org/", <https://www.area1security.com/wp-json/wp/v2/posts/18417>; rel="alternate"; type="application/json", <https://www.area1security.com/?p=18417>; rel=shortlink
strict-transport-security: max-age=0
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
permissions-policy: geolocation=*, fullscreen=*
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-pingback: https://www.area1security.com/xmlrpc.php
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
www.area1security.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 38ms
37ms Stylesheet
text/css 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 11:45:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60782752-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fc5f944abc-FRA
expires: Sun, 21 Sep 2031 16:15:10 GMT

GET
H2 200 wpda_public.css
www.area1security.com/wp-content/plugins/wp-data-access/assets/css/ 73 B
266 B 26ms
25ms Stylesheet
text/css 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/wp-data-access/assets/css/wpda_public.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be0ebfdbb730b13f089cb09b7fca162edc15387d6f98571d1ddf531711d88909

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-data-access/assets/css/wpda_public.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 114
cf-polished: origSize=90
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:10 GMT
last-modified: Thu, 16 Sep 2021 11:48:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61432f1f-5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fc5f974abc-FRA
cf-bgj: minify

GET
H2 200 algolia-autocomplete.css
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/css/ 3 KB
839 B 31ms
30ms Stylesheet
text/css 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/css/algolia-autocomplete.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9483c3edc74ee7dd684d284c0331ec95843db65efd5586bc116628b6d0a3a20d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/search-by-algolia-instant-relevant-results/css/algolia-autocomplete.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 114
cf-polished: origSize=3157
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:10 GMT
last-modified: Tue, 22 Jan 2019 16:48:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c474950-c55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fc5f984abc-FRA
cf-bgj: minify

GET
H2 200 master.css
www.area1security.com/wp-content/themes/area1/assets/build/ 830 KB
89 KB 46ms
45ms Stylesheet
text/css 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/build/master.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

549b83067ea1d0e98098b514e8936073e88c179c7a132b65cd424e17cde5a167

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/build/master.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 114
cf-polished: origSize=973348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:10 GMT
last-modified: Wed, 02 Sep 2020 20:53:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f50065c-eda24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fc5f994abc-FRA
cf-bgj: minify

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.0.6/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@7.0.6/swiper-bundle.min.css

15 KB
5 KB

25ms
25ms

Stylesheet
text/css

104.16.123.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.0.6/swiper-bundle.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4921aad5ae965e27b65848b1506a1673420ef448f5e629eee0d19b602b5a660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 631272
fly-request-id: 01FFPX0177EAD02XV93DGX58SD
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccc-DK43eQuLSWDlzsEj1EvTSyz0r38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 693511fcbd5f42d5-FRA

Redirect headers

date: Thu, 23 Sep 2021 16:15:10 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FG9PX4KKM71HKT499KYPA3YN
server: cloudflare
age: 124
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.0.6/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 693511fc8cb342d5-FRA
access-control-allow-origin: *

GET
H3 200 brand-logo-mobile.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 8 KB
3 KB 32ms
31ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/brand-logo-mobile.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa5983770ef585fff52a541b8b250855db19a5dfb65ddb011a4039525930621

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/brand-logo-mobile.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:53:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500664-2014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd386dc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H3 200 close-mobile-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 966 B
1 KB 41ms
41ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/close-mobile-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

400482d0fbb38e9fe4fd5d3e3bb2325ea89704d9b7305789c6e87dabeda8db44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/close-mobile-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:53:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500664-3c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd387ac2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H3 200 search-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 1 KB
1 KB 29ms
28ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/search-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b6aa731e7279ae65d5cd4866dd04763987ba6374ec8f5624449e65e844fac6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/search-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:54:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500669-422"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd68abc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H3 200 meganav-icon.svg
www.area1security.com/wp-content/uploads/2020/03/ 3 KB
2 KB 48ms
45ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/03/meganav-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26b2c7a50c147bac4620bd26208458eca76874bf810dc14cece0422df07b35a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/03/meganav-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 05 Mar 2020 00:32:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e6048bb-dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78b0c2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H3 200 SocialBanner_Blog_New-_Threat_Origins.jpg
www.area1security.com/wp-content/uploads/2021/03/ 93 KB
94 KB 65ms
60ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/03/SocialBanner_Blog_New-_Threat_Origins.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79a29c21089bcc3e07886e20076d1b33adabb75c126c8c60abe68e11b6fa73b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/SocialBanner_Blog_New-_Threat_Origins.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "603d971e-b2951"
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
cf-polished: qual=85, origFmt=jpeg, origSize=731473
content-disposition: inline; filename="SocialBanner_Blog_New-_Threat_Origins.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 95674
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Tue, 02 Mar 2021 01:38:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:10 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 693511fd78b7c2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H3 200 Prevent-Supply-Chain-Email-Attacks.png
www.area1security.com/wp-content/uploads/2021/01/ 192 KB
193 KB 48ms
42ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/01/Prevent-Supply-Chain-Email-Attacks.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb5ef29fb54f147873b07060266a8e6641c27c912e85cbbc9a2cb03b6d6885c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/01/Prevent-Supply-Chain-Email-Attacks.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "60133a6b-4acdb"
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
cf-polished: origFmt=png, origSize=306395
content-disposition: inline; filename="Prevent-Supply-Chain-Email-Attacks.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 196350
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 28 Jan 2021 22:27:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:10 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 693511fd78b8c2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H3 200 contact-us-icon.svg
www.area1security.com/wp-content/uploads/2020/03/ 4 KB
2 KB 44ms
41ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/03/contact-us-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c9c1546f2686db9616c2d5af00ec2736ef6ca73db719eb6d063af6f0dde048

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/03/contact-us-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 05 Mar 2020 00:32:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e60488e-104c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78bac2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H3 200 facebook-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 2 KB
1 KB 432ms
428ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/facebook-social-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb80de1f7a8a324a3fe4c0db17f7fbeba3af9753c35ed819544a78837e4e804

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/facebook-social-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:53:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500664-62c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78bbc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 twitter-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 2 KB
2 KB 437ms
433ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/twitter-social-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f0f999f55406270467fd935c746d8f0e2865acb2df6567a673cabfd244cfb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/twitter-social-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:54:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500669-9ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78bcc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 linkedin-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 2 KB
1 KB 436ms
432ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/linkedin-social-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ac5ac9022f66779b2df77751582d8543ecc442511969239797442a372ef989

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/linkedin-social-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:54:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500668-79b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78bdc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 email-social-icon.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 1 KB
1 KB 405ms
402ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/email-social-icon.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2107e5c8ed1195bd4435c730cfbe30733f0c39387ea34c48948fd16eb4fa2d2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/email-social-icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:53:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500664-499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78bfc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 email-decode.min.js Show response
www.area1security.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
947 B 18ms
18ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Sep 2021 09:29:40 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61446004-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800 public
strict-transport-security: max-age=0
cf-ray: 693511fcd809c2e0-FRA
expires: Sat, 25 Sep 2021 16:15:10 GMT

GET
H3 200 footer-logo.svg
www.area1security.com/wp-content/uploads/2019/11/ 8 KB
3 KB 43ms
40ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2019/11/footer-logo.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5d370924e2c28e8f2d6d607c5975c42fafe866baf92c798e6f4c087f439147

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/footer-logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Mon, 18 Nov 2019 22:53:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5dd320d2-1ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78c0c2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H3 200 PartnerFooter-Updated2.svg
www.area1security.com/wp-content/uploads/2020/03/ 69 KB
26 KB 47ms
43ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/03/PartnerFooter-Updated2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d9700e1dc0a0c72a7815a64a7c0a737e92b492d65e7f16533f5fed1a09e1b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/03/PartnerFooter-Updated2.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Tue, 03 Mar 2020 23:54:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e5eee38-115d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fd78c1c2e0-FRA
expires: Thu, 23 Sep 2021 16:35:10 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 305ms
11ms Script
application/javascript 104.17.72.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.72.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Tue, 21 Sep 2021 15:51:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6149ff86-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3u8gDk0Yj6gSXUDZbMMy6KfHF8QExrCFkj5CBFKHr0qsx2v9PaJoykB7o%2Bsgj3m8HG5AFlFH0%2B7QwGKTx8z7ZHt92N7jsQNi3lgAho5Ixh3zPjOuaCBsPpT1gBe8nECw83k8GE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 693511ff4a400609-FRA
expires: Sat, 25 Sep 2021 16:15:11 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 127ms
65ms Script
text/javascript 104.16.94.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 693511fddceb4ed9-FRA

GET
H2 200 ryb4zmr.css
use.typekit.net/ 3 KB
951 B 59ms
22ms Stylesheet
text/css 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ryb4zmr.css

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/wp-content/themes/area1/assets/build/master.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-59.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

132c4051a58f9fdd922dcfb770ce092775ed984bfa57cfd812779466dad9a6de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 23 Sep 2021 16:15:10 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 720

GET
H2 200 css
fonts.googleapis.com/ 2 KB
913 B 46ms
22ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/wp-content/themes/area1/assets/build/master.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:15:10 GMT
server: ESF
date: Thu, 23 Sep 2021 16:15:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Sep 2021 16:15:10 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 28ms
7ms Stylesheet
text/css 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ryb4zmr&ht=tk&f=14580.14581.14582.14583&a=82894795&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ryb4zmr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
76 KB 322ms
27ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d95d118f40261322ba745b4d268218faa9488bc80f209e15a1facc5c598d5881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77681
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 15:58:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Sep 2021 16:15:11 GMT

GET
H3 200 nav-search.svg
www.area1security.com/wp-content/themes/area1/assets/img/ 571 B
980 B 74ms
60ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/img/nav-search.svg

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/wp-content/themes/area1/assets/build/master.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

377bf285812a1c784b42626aa90f76db9b9100f16513490e87a7c7e8c5c9ce78

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/img/nav-search.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:54:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500668-23b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fdb923c2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 Juliette-Headshot.jpg
www.area1security.com/wp-content/uploads/2019/11/ 232 KB
233 KB 606ms
600ms Image
image/jpeg 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2019/11/Juliette-Headshot.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

524651cee6da99f6a81a7944caeb1573464eaceee2d54133cd855fba28817ac3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/11/Juliette-Headshot.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 237678
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Mon, 18 Nov 2019 17:40:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dd2d7ab-3a06e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
accept-ranges: bytes
cf-ray: 693511fdc924c2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 Kevin-Wilson-Headshot.jpeg
www.area1security.com/wp-content/uploads/2020/04/ 6 KB
7 KB 407ms
391ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/04/Kevin-Wilson-Headshot.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a026aad00d896e080177654f76a2dea090679dbdaa2a05e6ad413dc8047fb8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/04/Kevin-Wilson-Headshot.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "5e8d3fb0-3351"
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
cf-polished: qual=85, origFmt=jpeg, origSize=13137
content-disposition: inline; filename="Kevin-Wilson-Headshot.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6278
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 08 Apr 2020 03:06:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:11 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 693511fdc926c2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H3 200 SocialBanner_Blog_FaceMask_2500x1000_1-1.svg
www.area1security.com/wp-content/uploads/2020/08/ 93 KB
23 KB 604ms
587ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/08/SocialBanner_Blog_FaceMask_2500x1000_1-1.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3db5523fb8a7d48b136cc5aaefc6783a8522eda0ebefdcf53b6dc6a72a19d27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/08/SocialBanner_Blog_FaceMask_2500x1000_1-1.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Tue, 25 Aug 2020 21:02:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f457c54-173e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511fdd93dc2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 MarketingBanner_Blog_Security_Means_Taking_Action_2500x1000.png
www.area1security.com/wp-content/uploads/2017/07/ 393 KB
393 KB 595ms
577ms Image
image/png 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2017/07/MarketingBanner_Blog_Security_Means_Taking_Action_2500x1000.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b64c00ebd40624e9afe674eb6ce37805d5d77cf20f30abdc2f768fb2ae842d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2017/07/MarketingBanner_Blog_Security_Means_Taking_Action_2500x1000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 402162
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 17 Jan 2019 20:59:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5c40eca8-622f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
accept-ranges: bytes
cf-ray: 693511fdd941c2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 SocialBanner_Blog_PACspoof_2500x1000_1.jpg
www.area1security.com/wp-content/uploads/2020/10/ 281 KB
282 KB 595ms
578ms Image
image/jpeg 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/10/SocialBanner_Blog_PACspoof_2500x1000_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f29ca6f44358ea1c9e67756c00dda91adf2785589c02bc35651621c50dc9acf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/10/SocialBanner_Blog_PACspoof_2500x1000_1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 288192
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Mon, 05 Oct 2020 20:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f7b8177-465c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
accept-ranges: bytes
cf-ray: 693511fdd944c2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 259ms
10ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.area1security.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 216123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:13:08 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 266ms
17ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.area1security.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 347139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 15:49:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 271ms
22ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.area1security.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 380125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 06:39:46 GMT

GET
H3 200 theme-icons.woff2
www.area1security.com/wp-content/themes/area1/assets/fonts/ 4 KB
5 KB 60ms
45ms Font
application/octet-stream 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/fonts/theme-icons.woff2

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/wp-content/themes/area1/assets/build/master.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8811650afae7a53ca6e2bf2ac088b8cdec200b6eb62284cc145f8695fb6a09

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/fonts/theme-icons.woff2
pragma: no-cache
origin: https://www.area1security.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.area1security.com/
Origin: https://www.area1security.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4520
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:53:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f500662-11a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
accept-ranges: bytes
cf-ray: 693511fdd948c2e0-FRA
expires: Thu, 23 Sep 2021 16:35:11 GMT

GET
H3 200 etr1b-copy.png
www.area1security.com/wp-content/uploads/2021/08/ 274 KB
274 KB 26ms
26ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/08/etr1b-copy.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6970493c7ac78eed1fa06e9272de17d1ae32f994e3e53bcbeaaf18029042ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/etr1b-copy.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "61291dc2-5f1a1"
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origFmt=png, origSize=389537
content-disposition: inline; filename="etr1b-copy.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 280116
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Fri, 27 Aug 2021 17:15:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:11 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 693511fe199bc2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H3 200 1.png
www.area1security.com/wp-content/uploads/2021/08/ 164 KB
164 KB 578ms
577ms Image
image/png 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/08/1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b24207aff7e9280902ca7361fb41663dc848bb1beba31bab29d504e5dd5e19eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 167447
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Fri, 27 Aug 2021 00:03:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61282bc7-28e17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
accept-ranges: bytes
cf-ray: 693511fe199dc2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 2.png
www.area1security.com/wp-content/uploads/2021/08/ 82 KB
83 KB 411ms
411ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/08/2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47db0309c90651455e82c890083e68c0b2c1c423de07e0d41ac21cefac149da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "61282bcb-1dde2"
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: master-only
cf-polished: origFmt=png, origSize=122338
content-disposition: inline; filename="2.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83872
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Fri, 27 Aug 2021 00:03:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:11 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 693511fe199fc2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H3 200 3.png
www.area1security.com/wp-content/uploads/2021/08/ 46 KB
46 KB 562ms
562ms Image
image/png 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/08/3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ccdf38a85a3377cf2dd8da121ec4988a2e4bf3d6a9c7b3e25d0d6fecdb1f85a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46821
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Fri, 27 Aug 2021 00:03:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61282bce-b6e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
accept-ranges: bytes
cf-ray: 693511fe19a0c2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 scripts.min.js Show response
www.area1security.com/wp-content/themes/area1/assets/build/ 882 KB
217 KB 49ms
47ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/build/scripts.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37395d94fe5c1a9b6fbd12955388eefb1fd0c15cc95619f8c8157fb132c30277

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/build/scripts.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 02 Sep 2020 20:53:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f500661-dc6b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff6b81c2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 142 KB
46 KB 33ms
29ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC3BnZKCuaAaz825HOTZkCjU9fD7mq_afU

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

mafe /

Resource Hash

5b3a49c749818c433428b262cd78ed523c9828e8d233e406041bf241071a7cfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=15
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47420
x-xss-protection: 0
expires: Thu, 23 Sep 2021 16:45:11 GMT

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 43 B
748 B 351ms
113ms Script
text/javascript 54.161.241.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=neidmqorvyga4b32tw22og

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-241-46.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 16:15:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Connection: close
X-Xss-Protection: 1; mode=block
X-Request-Id: 70cdb823-ed06-4254-8337-ede379955d65
X-Runtime: 0.009956
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"04d8f1ae2165b4dc3a1f8a58fba2741d"
X-Download-Options: noopen
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 104892217.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 51ms
10ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/104892217.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
age: 4893794
x-cache: HIT
x-cache-hits: 1218435
content-length: 5692
x-served-by: cache-hhn4083-HHN
x-vimeo-dc: ge
last-modified: Wed, 28 Jul 2021 21:51:42 GMT
server: Apache
x-timer: S1632413711.312454,VS0,VE0
etag: "43e3-5c835fde4b780"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2031 00:51:56 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@7.0.6/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@7.0.6/swiper-bundle.min.js

132 KB
38 KB

41ms
30ms

Script
application/javascript

104.16.123.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.0.6/swiper-bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8709f5e3c8f9bc458a7cc969d0cb75c8c29b84945c0d850b28286de6c963b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 631250
fly-request-id: 01FFPX0QNFFRHBS6HGKT41TXK6
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"20f5d-RQ0CA0wr9L3Y+mr2zDgoDk5hkCg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 693512004dcc42d5-FRA

Redirect headers

date: Thu, 23 Sep 2021 16:15:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FG9PXJAVZPZYNDCGMZQXX667
server: cloudflare
age: 111
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.0.6/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 693511ff6c0742d5-FRA
access-control-allow-origin: *

GET
H3 200 custom.js Show response
www.area1security.com/wp-content/themes/area1/assets/js/application/pages/ 3 KB
2 KB 30ms
29ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/themes/area1/assets/js/application/pages/custom.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c39de8d003d74962c2ab7b13b22a10537838552f27f541e911c9b28e9df802a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/area1/assets/js/application/pages/custom.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=7623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Wed, 02 Sep 2020 20:54:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f50066d-1dc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff6b83c2e0-FRA
cf-bgj: minify

GET
H2 200 bodyScrollLock.min.js Show response
cdn.jsdelivr.net/npm/body-scroll-lock@2.6.4/lib/ 3 KB
1 KB 28ms
7ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/body-scroll-lock@2.6.4/lib/bodyScrollLock.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1212485
x-jsd-version: 2.6.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1092
etag: W/"b16-+ZeUwjFQYs11QXRwbyaN7RGUvVA"
x-served-by: cache-fra19125-FRA, cache-hhn4030-HHN
x-jsd-version-type: version
date: Thu, 23 Sep 2021 16:15:11 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 forms2.min.js Show response
app-ab22.marketo.com/js/forms2/js/ 205 KB
68 KB 186ms
91ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab22.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Aug 2021 17:41:08 GMT
server: cloudflare
age: 1199
etag: "cc1b94-33210-5c93801bbf500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6935120009244de8-FRA
vary: Accept-Encoding
expires: Thu, 23 Sep 2021 20:15:11 GMT

GET
H2 200 countUp.js Show response
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/ 8 KB
3 KB 36ms
16ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733a018cb334354fff1d8ae52623d5669bd4df4da01ceb0912a352361ba14247

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 666211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2161
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-1eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KModUi5tIFvafqqQrr7yOu34OPWLCB4S%2F518b1Q%2BsWMX%2Fxa7BqOKjzB9NwtpU6qrhNkR55E0Bq7%2B54T15sOvzl6Mvwpf%2FMoStGlq39Du5nqJXnXtlFyyTjvz7FXQSk4diZmAoeH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693511ff8ce14eaf-FRA
expires: Tue, 13 Sep 2022 16:15:11 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/latest/ 105 KB
31 KB 43ms
23ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/TweenMax.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 914119
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31378
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a5b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMLPoBGxIJQgFTCadkh0SySxgs0f%2B9oO2mIma%2BSi81aprV2sZ1HuWSbw2u84JhmwiMBrT%2FRDFLtN7rRNAUuxEC1vL54NXh%2FqzXu7Cwlx3DDqArWp1M3vJ9PkVE6Ag9iYnQcadVit"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 693511ff8ce24eaf-FRA
expires: Tue, 13 Sep 2022 16:15:11 GMT

GET
H3 200 autocomplete-noconflict.js Show response
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/ 53 B
703 B 31ms
29ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete-noconflict.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eabaa9bb3449c434af9a74f77afb68872049c4d67b2326589c112b2db9b02a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete-noconflict.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Tue, 22 Jan 2019 16:48:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c474950-38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff7b87c2e0-FRA
cf-bgj: minify

GET
H3 200 autocomplete.min.js Show response
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete.js/ 55 KB
18 KB 29ms
27ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete.js/autocomplete.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e4021b59c1368de0d79e4c4c4b055765bc0bea375872a2b0e8ef33f66d5c485

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/search-by-algolia-instant-relevant-results/js/autocomplete.js/autocomplete.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Tue, 22 Jan 2019 16:48:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c474950-dbc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff7b8bc2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 algoliasearch.jquery.min.js Show response
www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/algoliasearch/ 65 KB
19 KB 24ms
22ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/search-by-algolia-instant-relevant-results/js/algoliasearch/algoliasearch.jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2a7b51378f1eae8def636a976934def4a2fec23a7db806d6c644bce4e600fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/search-by-algolia-instant-relevant-results/js/algoliasearch/algoliasearch.jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Tue, 22 Jan 2019 16:48:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c474950-10339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff7b8cc2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 wp-util.min.js Show response
www.area1security.com/wp-includes/js/ 1 KB
1 KB 27ms
26ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-includes/js/wp-util.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-util.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Mon, 08 Feb 2021 14:21:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"602148dd-435"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff7b8ec2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 underscore.min.js Show response
www.area1security.com/wp-includes/js/ 16 KB
6 KB 73ms
72ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-includes/js/underscore.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/underscore.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 11:45:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60782752-3ead"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff7b90c2e0-FRA
expires: Sun, 21 Sep 2031 16:15:11 GMT

GET
H3 200 analytics-talk-content-tracking.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 2 KB
1 KB 79ms
74ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8baa01b3b16cfe77ad745bd12cc99d1a226a9855b17cb4c2b9c6edf754be53f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/analytics-talk-content-tracking.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=3862
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Thu, 20 May 2021 11:46:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60a64bff-f16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff8ba4c2e0-FRA
cf-bgj: minify

GET
H3 200 gtm4wp-soundcloud.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 3 KB
1 KB 80ms
74ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-soundcloud.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12652b8c867190445bd4367c4946aa61b2179103946e9faafb1cb7175587b1aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-soundcloud.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=4508
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Thu, 20 May 2021 11:46:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60a64bff-119c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff8ba5c2e0-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
w.soundcloud.com/player/ 5 KB
4 KB 105ms
17ms Script
application/javascript 13.225.78.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/api.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-81.fra2.r.cloudfront.net

Software

am/2 /

Resource Hash

fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:13:50 GMT
via: sssr, 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
vary: Accept-Encoding
age: 81
x-edge-origin-shield-skipped: 0
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
x-cache: Hit from cloudfront
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 14:27:47 GMT
server: am/2
etag: W/"15a4-17bef01a2b8"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: jJv6yKWtTyoKzmdifP784HkxgcZ9ez47kAM12IhdjoBi-cvL4WmeMg==

GET
H3 200 gtm4wp-vimeo.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 5 KB
1 KB 37ms
34ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-vimeo.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddaa3b5cfab52c3ce36ae76272ebbbd9f2468ee2d34b7908bd852911b7012ba2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-vimeo.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=7253
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Thu, 20 May 2021 11:46:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60a64bff-1c55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff8ba6c2e0-FRA
cf-bgj: minify

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 19 KB
7 KB 84ms
6ms Script
application/javascript 151.101.192.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b7b4485524c7103fd09aa1dc80127e5d4e541a5f81a1c78b074efc73b8b23904

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Varnish-Cache: 1
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 127
X-Cache: HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection: keep-alive
X-VServer: infra-playproxy-b-14
Content-Length: 5964
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn4081-HHN
X-Player-Backend: p
Expires: Thu, 23 Sep 2021 16:42:44 GMT
Server: nginx
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer: S1632413711.354753,VS0,VE0
Date: Thu, 23 Sep 2021 16:15:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Via: 1.1 varnish, 1.1 varnish
Vary: Accept-Encoding
X-Vimeo-DC: ge
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache-Hits: 293

GET
H3 200 gtm4wp-youtube.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 6 KB
2 KB 26ms
23ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

744c9878177e67a6f1e2e63dd8cac38561164bd4337efa970de2ca32473dcb3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=7296
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Thu, 20 May 2021 11:46:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60a64bff-1c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff8ba7c2e0-FRA
cf-bgj: minify

GET
H3 200 gtm4wp-form-move-tracker.js Show response
www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
951 B 76ms
73ms Script
application/javascript 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origSize=1536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
expires: Sun, 21 Sep 2031 16:15:11 GMT
last-modified: Thu, 20 May 2021 11:46:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60a64bff-600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 693511ff8baac2e0-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 43ms
12ms Script
text/javascript 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 12:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 21 Sep 2022 12:25:19 GMT

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
846 B 142ms
57ms Script
application/javascript 18.159.128.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/js/plausible.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.159.128.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-128-50.eu-central-1.compute.amazonaws.com
Software: Netlify /
Resource Hash: 4d480011841648386a4310dff9baaaadb64a38e3ef64080b0301dc3a6111396f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG9Q0Z064RNMM41ABNX21A8Y
date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
server: Netlify
age: 0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 639

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 71ms
15ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 23:43:50 GMT
server: ECS (frb/67F3)
age: 66340
etag: "68dc22b354abd71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32240

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 49ms
26ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XM4D98EE7X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d28b76c842f5e5374aab5c93c9bb4e15db9a3cc8b0500c59831fd66b8161b239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50150
x-xss-protection: 0
expires: Thu, 23 Sep 2021 16:15:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 66ms
20ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4991
date: Thu, 23 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 23 Sep 2021 16:52:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 44 KB
15 KB 127ms
13ms Script
text/javascript 13.224.193.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: jmFs7KywGuBDQQS_2esYMgDw6mfwd1hF
Content-Encoding: gzip
Etag: W/"2441168df9ddcfa64f2b072ba490993a"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 30 Aug 2021 22:12:49 GMT
Server: AmazonS3
Date: Thu, 23 Sep 2021 15:32:59 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: jEH5Qg_zi7gqWMrPHdFwC4U7Kf5uzLPe6-CVivTjHNrMnWJP1rLvaA==

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 40ms
9ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:18:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Sep 2021 16:18:37 GMT

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ 2 KB
2 KB 68ms
15ms Script
application/javascript 104.111.233.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-5.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: e61452dfc7618c61fdb2891ef6c18e147ec6de6d0796657d145cefc3c8d2357c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 16:15:11 GMT
Last-Modified: Thu, 05 Nov 2020 21:09:51 GMT
Server: nginx/1.14.0
ETag: "5fa46a1f-83f"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2111

GET
H2 200 3269.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 196ms
159ms Script
text/javascript 104.18.26.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3269.js?p=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&e=

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.26.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: f4dedbaa-dd38-417c-be82-6e2e17dab2db
x-runtime: 0.005803
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 693512010fd51f4d-FRA

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 68 KB
25 KB 82ms
32ms Script
application/javascript 172.67.68.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.112 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9335a3578fbb78eba8922527950b8773e21ebc2d28e6f72ce9d223094bfdbdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 966723
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 14 Mar 2021 09:24:44 GMT
server: cloudflare
x-frame-options: sameorigin
etag: W/"10eb4-5bd7bb41f7cc3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6ZSZfS08F%2F9t80WPoD4gwlvHplKdmrP0nm7K2E9PkGhEGueNit1Le3oMirQjVGvYjxa%2FC%2BRBrxeT%2FKB2ORWbVXB%2FxRSlF3hOGe65e%2BqthmfgT1r64EEATbXQtTpNvPxk7Ywu4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
cache-control: max-age=2678400
access-control-allow-credentials: true
cf-ray: 693512012c214125-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires: Tue, 12 Oct 2021 11:43:05 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 130ms
80ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:10 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref: Ref A: CEBA93B3F6BC4DA68ABB09DDCF4AA070 Ref B: PRG01EDGE0812 Ref C: 2021-09-23T16:15:11Z
etag: "80386a5f63aad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9827

GET
H2 200 CWPtwNXxIvjfFHL6exgQ Show response
ws.zoominfo.com/pixel/ 1 KB
1 KB 204ms
168ms Script
text/javascript 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/CWPtwNXxIvjfFHL6exgQ

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ed1b1bae5ef8cf7a5b21a6741c7a0e6406b6fdc3d89f0d05982652bdf2dbf684

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-datadome: protected
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6935120109385ba4-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google
server: cloudflare

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 70ms
18ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 22:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-telephony"
expires: Thu, 22 Sep 2022 22:07:37 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
14ms Ping
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XM4D98EE7X&gtm=2oe9m0&_p=402755635&sr=1600x1200&ul=en-us&cid=620896031.1632413712&_s=1&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&dr=https%3A%2F%2Fgo.area1security.com%2F&dt=2021%20Email%20Threat%20Report%20I%20Area%201%20Security&sid=1632413711&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XM4D98EE7X&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 16:15:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 24ms
22ms XHR
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=402755635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&dr=https%3A%2F%2Fgo.area1security.com%2F&ul=en-us&de=UTF-8&dt=2021%20Email%20Threat%20Report%20I%20Area%201%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=2069721645&gjid=1754964172&cid=620896031.1632413712&tid=UA-50588008-1&_gid=2069740459.1632413712&_r=1&gtm=2wg9m0TZNPQBB&z=1139563256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 16:15:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pj Show response
e.acuityplatform.com/ 0
187 B 317ms
111ms Script
text/plain 69.90.254.51
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=2500522576298312265&pu=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.90.254.51 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
465 B 44ms
14ms XHR
text/plain 74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-50588008-1&cid=620896031.1632413712&jid=2069721645&gjid=1754964172&_gid=2069740459.1632413712&_u=YADAAEAAAAAAAC~&z=633956460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Sep 2021 16:15:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.com/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/923313590/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD&ref=https%3A%2F%2Fgo.area1security.com%2F&ct_eid=2
https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD

80 B
244 B

20ms
19ms

XHR
application/json

142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Thu, 23 Sep 2021 16:15:12 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.com/pagead/attribution/wcm?cc=ZZ&dn=6504919371&cl=00ozCIOi-IQBELbLorgD
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.area1security.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/5EGGX7PHUFEY7N5HSUGQQ4/index.js
https://s.adroll.com/j/exp/index.js

28 B
782 B

9ms
8ms

Script
application/javascript

13.224.193.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Wed, 22 Sep 2021 19:29:31 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vmeIfM-k5A-rxsxbz3SMQGusuYqjjxHYSj9XAuxE-x2wYhycx1xcOQ==

Redirect headers

Date: Thu, 23 Sep 2021 07:43:20 GMT
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Origin: *
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 3WYjUoUFGdnhqCYs_968K8BzoB1hzyC3Z75IOeq1Agj6VPT72s1cXQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/5EGGX7PHUFEY7N5HSUGQQ4/2FGPV6HRYVGHROWBAYIDDD/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
753 B

12ms
9ms

Script
application/javascript

13.224.193.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.area1security.com
URL: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Wed, 22 Sep 2021 19:29:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: EuSgmeP8hNNaJBtukUS5P952b92eTkrC1dWPFpsFqVOnAo_PH56bfw==

Redirect headers

Date: Thu, 23 Sep 2021 07:43:20 GMT
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Access-Control-Allow-Origin: *
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: lLB5e5NEyjEzBBMePKsk7rBg03Tosr4aaKBBxXEvl1ECAeLAv_Fe5g==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/5EGGX7PHUFEY7N5HSUGQQ4/2FGPV6HRYVGHROWBAYIDDD/ 0
807 B 27ms
8ms Script
text/javascript 13.224.193.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/5EGGX7PHUFEY7N5HSUGQQ4/2FGPV6HRYVGHROWBAYIDDD/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id: A5FWzBf0g4Bvi0zdoQoAkGoho6FQroHH
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Edge-Origin-Shield-Skipped: 0
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 22 Sep 2021 08:05:53 GMT
Server: AmazonS3
Date: Thu, 23 Sep 2021 16:12:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uHD6OTDR5LtFaaVZ46WNJSTu8Xy1g_NmOvtgKkmZVfniFdHSap36gQ==

GET
H2 204 56382413.js Show response
bat.bing.com/p/action/ 0
151 B 171ms
171ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56382413.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Sep 2021 16:15:11 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: C39130E3EE6B4B9A9354E09F73FA5D17 Ref B: PRG01EDGE0812 Ref C: 2021-09-23T16:15:12Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 58ms
33ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-50588008-1&cid=620896031.1632413712&jid=2069721645&_u=YADAAEAAAAAAAC~&z=1932873596

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 16:15:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 statsV2 Show response
monitor.clickcease.com/monitor/api/ 42 B
180 B 367ms
122ms XHR
application/json 40.76.84.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/monitor/api/statsV2?type=object
Requested by: Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.84.176 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 16:15:12 GMT
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vm: 10.1.0.20
content-length: 42
expires: -1

GET
H2 200 5EGGX7PHUFEY7N5HSUGQQ4 Show response
d.adroll.com/consent/check/ 396 B
489 B 126ms
32ms Script
application/javascript 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5EGGX7PHUFEY7N5HSUGQQ4?arrfrr=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&_s=d29910eb4bddf2d416311d3614212ace&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 8d271651ab738decccbf7a51cb841950491145afe5d76684f38a13b523071601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
server: nginx/1.20.0
content-length: 396
content-type: application/javascript

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 46ms
23ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.area1security.com
URL: https://www.area1security.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-youtube.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

dc7334c9c89e9a6f685772653be300ab88b0b9ca44527a8e9402e72b30ee3111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Thu, 23 Sep 2021 16:15:12 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/202721c6/www-widgetapi.vflset/ 135 KB
44 KB 22ms
7ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 15:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 23 Sep 2022 15:17:59 GMT

GET
H2 200 104892217.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 9ms
8ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/104892217.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: gzip
age: 4893796
x-cache: HIT
x-cache-hits: 1218436
content-length: 5692
x-served-by: cache-hhn4083-HHN
x-vimeo-dc: ge
last-modified: Wed, 28 Jul 2021 21:51:42 GMT
server: Apache
x-timer: S1632413712.410098,VS0,VE0
etag: "43e3-5c835fde4b780"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Jul 2031 00:51:56 GMT

GET
H2 204 0
bat.bing.com/action/ 0
150 B 52ms
52ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56382413&Ver=2&mid=7414d234-abb4-4f86-bd8d-0fa794153317&sid=6e0cbed01c8911ecb51285a123674d60&vid=6e0ce4701c8911ec9f1b61fafbb5262a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=2021%20Email%20Threat%20Report%20I%20Area%201%20Security&p=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&r=https%3A%2F%2Fgo.area1security.com%2F&lt=2518&evt=pageLoad&msclkid=N&sv=1&rn=803910
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 23 Sep 2021 16:15:11 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C6E61541C081438AA98F6208FD155679 Ref B: PRG01EDGE0812 Ref C: 2021-09-23T16:15:12Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 event Show response
plausible.io/api/ 0
212 B 76ms
55ms XHR
text/plain 18.159.128.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.159.128.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-128-50.eu-central-1.compute.amazonaws.com
Software: Netlify /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

x-nf-request-id: 01FG9Q101RD3NMV9MM30K7Y678
date: Thu, 23 Sep 2021 16:15:12 GMT
server: Netlify
age: 0
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-request-id: Fqd_n2CV8hbz-9QEvZgB

GET
H2 404 otSDKStub.js
cookie-cdn.cookiepro.com/consent/ab8c0109-5636-4aee-9543-2c9736584132/ 0
0 83ms
31ms Script
application/xml 104.18.6.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/ab8c0109-5636-4aee-9543-2c9736584132/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.6.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 134
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: f963c900-701e-0018-5c95-b0e72a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 69351206fe395c2c-FRA

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 155ms
19ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

0d124fecbfd554e55a642450f43f4b86eea9a42685c1fc38e8b23f9c4367a1c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:22:37 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 15 Sep 2021 19:21:46 GMT
Age: 3155
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 8342
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:22:37 GMT

GET
H2 200 / Show response
ipinfo.io/ 332 B
512 B 176ms
152ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?token=136616de95c87f&callback=callback

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

5760abbfa67359c3650438595115971824afc9a3733225186bb6dfd6a7259e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 22
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
327 B 14ms
13ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fgo.area1security.com%2F&_biz_h=-1906410348&_biz_u=e07557a1d9f54e41a5aea7a1c785ac0d&_biz_s=51cf1a&_biz_l=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&_biz_t=1632413712285&_biz_i=2021%20Email%20Threat%20Report%20I%20Area%201%20Security&_biz_n=0&rnd=825014&cdn_o=a&_biz_z=1632413712428
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 16:15:12 GMT
last-modified: Sun, 19 Sep 2021 11:21:51 GMT
server: ECS (frb/6760)
age: 363201
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 14ms
13ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=e07557a1d9f54e41a5aea7a1c785ac0d&_biz_s=51cf1a&_biz_l=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&_biz_t=1632413712431&_biz_i=2021%20Email%20Threat%20Report%20I%20Area%201%20Security&rnd=716773&cdn_o=a&_biz_z=1632413712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 16:15:12 GMT
last-modified: Thu, 16 Sep 2021 23:57:01 GMT
server: ECS (frb/67C2)
age: 577091
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

OPTIONS
H2 204 entry2
monitor.clickcease.com/V2/recorder/ Frame 0
0 113ms
112ms Preflight 40.76.84.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.clickcease.com/V2/recorder/entry2
Protocol: H2
Server: 40.76.84.176 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.area1security.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
vm: 10.1.0.20
date: Thu, 23 Sep 2021 16:15:12 GMT

POST
H2 200 entry2 Show response
monitor.clickcease.com/V2/recorder/ 120 B
208 B 1084ms
543ms Fetch
text/plain 40.76.84.176
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://monitor.clickcease.com/V2/recorder/entry2

Requested by

Host: www.clickcease.com
URL: https://www.clickcease.com/monitor/stat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.76.84.176 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f095842c75083cf4b0c75c40bd141e370439ca47fdd9de72e654b62674b3c753

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=2592000
server: Kestrel
vm: 10.1.0.20
date: Thu, 23 Sep 2021 16:15:13 GMT
content-type: text/plain; charset=utf-8

POST
H3 200 rum Show response
www.area1security.com/cdn-cgi/ 0
170 B 12ms
9ms XHR
text/plain 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.area1security.com/cdn-cgi/rum?

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.area1security.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _gcl_au=1.1.949060950.1632413711; _ga_XM4D98EE7X=GS1.1.1632413711.1.0.1632413711.0; _ga=GA1.2.620896031.1632413712; _gid=GA1.2.2069740459.1632413712; _gat_UA-50588008-1=1; _biz_uid=e07557a1d9f54e41a5aea7a1c785ac0d; _biz_sid=51cf1a; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Fgo.area1security.com%252F%26_biz_h%3D-1906410348%26_biz_u%3De07557a1d9f54e41a5aea7a1c785ac0d%26_biz_s%3D51cf1a%26_biz_l%3Dhttps%253A%252F%252Fwww.area1security.com%252Fblog%252F2021-email-threat-report%252F%253Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253Dna%2526utm_content%253Dna%2526utm_campaign%253D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%2526mkt_tok%253DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss%26_biz_t%3D1632413712285%26_biz_i%3D2021%2520Email%2520Threat%2520Report%2520I%2520Area%25201%2520Security%26_biz_n%3D0%26rnd%3D825014%22%5D; _uetsid=6e0cbed01c8911ecb51285a123674d60; _uetvid=6e0ce4701c8911ec9f1b61fafbb5262a
content-length: 29382
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.area1security.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 693512085858c2e0-FRA
vary: Origin

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 95 KB
38 KB 21ms
21ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T32LXMP&t=gtm18&cid=620896031.1632413712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

265ee670fb9cddddcf82a670c2ff6ab45f5748d03e168d430000b2f759c76467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38499
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 15:58:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Sep 2021 16:15:12 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4992
date: Thu, 23 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 23 Sep 2021 16:52:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 33ms
12ms Script
application/x-javascript 2.18.234.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 16:15:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=9489
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 forms2.min.js Show response
app-ab22.marketo.com/js/forms2/js/ 205 KB
68 KB 20ms
19ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab22.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNPQBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Aug 2021 17:41:08 GMT
server: cloudflare
age: 1200
etag: "cc1b94-33210-5c93801bbf500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6935120888544de8-FRA
vary: Accept-Encoding
expires: Thu, 23 Sep 2021 20:15:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 32ms
6ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: LnS1iBkUlpL5VFIojSuyM25cZc+YcctATNUg/Naxoxn66fDewKNovKYUm7kHF1XFjtVAnHjsUug4X12k+G8icQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 23 Sep 2021 16:15:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=402755635&t=pageview&_s=1&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&dr=https%3A%2F%2Fgo.area1security.com%2F&ul=en-us&de=UTF-8&dt=2021%20Email%20Threat%20Report%20I%20Area%201%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=620896031.1632413712&tid=UA-50588008-1&_gid=2069740459.1632413712&gtm=2wg9m0TZNPQBB&z=2080949075

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Sep 2021 12:36:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13133
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PartnerPortal_with_Links3.svg
www.area1security.com/wp-content/uploads/2020/07/ 18 KB
7 KB 33ms
30ms Image
image/svg+xml 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/07/PartnerPortal_with_Links3.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ea3c41c31d42cb8b923c06bea1b37bf316685bbf53d020153600c247c650be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/07/PartnerPortal_with_Links3.svg
pragma: no-cache
cookie: _gcl_au=1.1.949060950.1632413711; _ga_XM4D98EE7X=GS1.1.1632413711.1.0.1632413711.0; _ga=GA1.2.620896031.1632413712; _gid=GA1.2.2069740459.1632413712; _gat_UA-50588008-1=1; _biz_uid=e07557a1d9f54e41a5aea7a1c785ac0d; _biz_sid=51cf1a; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Fgo.area1security.com%252F%26_biz_h%3D-1906410348%26_biz_u%3De07557a1d9f54e41a5aea7a1c785ac0d%26_biz_s%3D51cf1a%26_biz_l%3Dhttps%253A%252F%252Fwww.area1security.com%252Fblog%252F2021-email-threat-report%252F%253Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253Dna%2526utm_content%253Dna%2526utm_campaign%253D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%2526mkt_tok%253DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss%26_biz_t%3D1632413712285%26_biz_i%3D2021%2520Email%2520Threat%2520Report%2520I%2520Area%25201%2520Security%26_biz_n%3D0%26rnd%3D825014%22%5D; _uetsid=6e0cbed01c8911ecb51285a123674d60; _uetvid=6e0ce4701c8911ec9f1b61fafbb5262a
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Thu, 16 Jul 2020 21:14:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f10c31c-496d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=1200
permissions-policy: geolocation=*, fullscreen=*
content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
cf-ray: 69351208a8c5c2e0-FRA
expires: Thu, 23 Sep 2021 16:35:12 GMT

GET
H3 200 FeaturedResource_260x320@2.png
www.area1security.com/wp-content/uploads/2020/11/ 53 KB
54 KB 51ms
49ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2020/11/FeaturedResource_260x320@2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df965e89ef07dd7e42f8e2943f46e6d8c80a4393b29411f00314389de6639587

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/11/FeaturedResource_260x320@2.png
pragma: no-cache
cookie: _gcl_au=1.1.949060950.1632413711; _ga_XM4D98EE7X=GS1.1.1632413711.1.0.1632413711.0; _ga=GA1.2.620896031.1632413712; _gid=GA1.2.2069740459.1632413712; _gat_UA-50588008-1=1; _biz_uid=e07557a1d9f54e41a5aea7a1c785ac0d; _biz_sid=51cf1a; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Fgo.area1security.com%252F%26_biz_h%3D-1906410348%26_biz_u%3De07557a1d9f54e41a5aea7a1c785ac0d%26_biz_s%3D51cf1a%26_biz_l%3Dhttps%253A%252F%252Fwww.area1security.com%252Fblog%252F2021-email-threat-report%252F%253Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253Dna%2526utm_content%253Dna%2526utm_campaign%253D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%2526mkt_tok%253DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss%26_biz_t%3D1632413712285%26_biz_i%3D2021%2520Email%2520Threat%2520Report%2520I%2520Area%25201%2520Security%26_biz_n%3D0%26rnd%3D825014%22%5D; _uetsid=6e0cbed01c8911ecb51285a123674d60; _uetvid=6e0ce4701c8911ec9f1b61fafbb5262a
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "5fa2f8fc-25939"
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: origFmt=png, origSize=153913
content-disposition: inline; filename="FeaturedResource_260x320@2.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54292
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 04 Nov 2020 18:54:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:12 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 69351208a8c7c2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H3 200 2021_CRN-Security100_Social-Image-small-1.jpg
www.area1security.com/wp-content/uploads/2021/03/ 4 KB
5 KB 25ms
25ms Image
image/webp 104.18.27.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.area1security.com/wp-content/uploads/2021/03/2021_CRN-Security100_Social-Image-small-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4000491b7d18b66d57d9275cdb4d9fe2aa09afafd3ef8ca50abb7a036ff3341b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
Public-Key-Pins	pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/03/2021_CRN-Security100_Social-Image-small-1.jpg
pragma: no-cache
cookie: _gcl_au=1.1.949060950.1632413711; _ga=GA1.2.620896031.1632413712; _gid=GA1.2.2069740459.1632413712; _gat_UA-50588008-1=1; _biz_uid=e07557a1d9f54e41a5aea7a1c785ac0d; _biz_sid=51cf1a; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Fgo.area1security.com%252F%26_biz_h%3D-1906410348%26_biz_u%3De07557a1d9f54e41a5aea7a1c785ac0d%26_biz_s%3D51cf1a%26_biz_l%3Dhttps%253A%252F%252Fwww.area1security.com%252Fblog%252F2021-email-threat-report%252F%253Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_term%253Dna%2526utm_content%253Dna%2526utm_campaign%253D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%2526mkt_tok%253DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss%26_biz_t%3D1632413712285%26_biz_i%3D2021%2520Email%2520Threat%2520Report%2520I%2520Area%25201%2520Security%26_biz_n%3D0%26rnd%3D825014%22%5D; _uetsid=6e0cbed01c8911ecb51285a123674d60; _uetvid=6e0ce4701c8911ec9f1b61fafbb5262a; _ga_XM4D98EE7X=GS1.1.1632413711.1.0.1632413712.0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.area1security.com
referer: https://www.area1security.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://www.area1security.com; upgrade-insecure-requests; report-to webmaster@area1security.com
etag: "603fe7e8-81ab"
cf-cache-status: HIT
x-permitted-cross-domain-policies: master-only
age: 134
cf-polished: qual=85, origFmt=jpeg, origSize=33195
content-disposition: inline; filename="2021_CRN-Security100_Social-Image-small-1.webp"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4136
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy: strict-origin
last-modified: Wed, 03 Mar 2021 19:47:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Thu, 23 Sep 2021 16:15:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 21 Sep 2031 16:15:12 GMT
cache-control: public, max-age=315360000
permissions-policy: geolocation=*, fullscreen=*
accept-ranges: bytes
cf-ray: 69351208b8e1c2e0-FRA
x-content-type-options: nosniff
cf-bgj: imgq:85,h2pri

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
419 B 132ms
132ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=e07557a1d9f54e41a5aea7a1c785ac0d&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.06.25
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 294414e139f345ee2bfb693e9e4e9106780f16ba75ece4a3663d145ea4252b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
cache-control: private, must-revalidate, max-age=21600
server: ECS (frb/6711)
content-type: text/javascript; charset=utf-8
etag: 3A27D209
content-length: 116
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 164ms
61ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?238
Requested by: Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 16:15:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 07:19:36 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=54263
Connection: keep-alive
Content-Length: 12574
Expires: Fri, 24 Sep 2021 07:19:36 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 3 KB
2 KB 25ms
23ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:22:15 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 19 Apr 2021 22:40:54 GMT
Age: 3177
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1264
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:22:15 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2808332&time=1632413712785&url=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsle...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2808332%26time%3D1632413712785%26url%3Dhttps%253A%252F%252Fwww.area1security.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2808332&time=1632413712785&url=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsle...

0
57 B

234ms
234ms

Image
application/javascript

108.174.11.37
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2808332&time=1632413712785&url=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-37.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:13 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: WyJvsJ9/pxaQvk90dCsAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXMq++G6iMwZ9mLrklQOQ==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7BEC9490B1C94E3D8EDB4338967D9418 Ref B: PRG01EDGE1105 Ref C: 2021-09-23T16:15:13Z
date: Thu, 23 Sep 2021 16:15:13 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2808332&time=1632413712785&url=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 1829265194037300 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 18ms
9ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1829265194037300?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

4467ffb4ae4b4f41c5991658df000d25620dfb207815bf241734799872721ae6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146698
x-xss-protection: 0
pragma: public
x-fb-debug: AGsr9gd9zdqR3/D4TLOL6rmteuzs+9/drjcKW8qNjOhL1hsq6MMX/M0zzN6fN7HR8OqF+WFybcywKTU7c8n6Aw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 23 Sep 2021 16:15:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 73ms
11ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: go.area1security.com
URL: https://go.area1security.com/NjQ2LUFURy04MzUAAAF_smJxMCsoVYDcDrbCoGZ1C8U6KbIfCkTOpnInXaSTXCMUwISepmi7jy75Gf8pXr8MbW8uaEL4xSKTmj0=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 16:15:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 9 KB
4 KB 18ms
18ms Stylesheet
text/css 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:22:16 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Age: 3176
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4027
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:22:16 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 38ms
20ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:22:16 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 28 Apr 2021 04:42:26 GMT
Age: 3176
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5701
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:22:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 26ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1829265194037300&ev=PageView&dl=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&rl=https%3A%2F%2Fgo.area1security.com%2F&if=false&ts=1632413712900&sw=1600&sh=1200&v=2.9.46&r=stable&ec=0&o=30&fbp=fb.1.1632413712898.1436414514&it=1632413712795&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 16:15:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 23 Sep 2021 16:15:12 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 16:15:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sat, 01 Jan 2022 16:15:12 GMT

GET
H/1.1 200
OK Cookie set esw.html Show response
service.force.com/embeddedservice/5.0/ Frame 2C18 194 B
1 KB 23ms
23ms Document
text/html 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.area1security.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/

Response headers

Date: Thu, 23 Sep 2021 16:15:12 GMT
Set-Cookie: CookieConsentPolicy=0:0; domain=service.force.com; path=/; expires=Fri, 23-Sep-2022 16:15:12 GMT; Max-Age=31536000 BrowserId=bl0tThyJEeyU_M2k8kroOw; domain=.force.com; path=/; expires=Fri, 23-Sep-2022 16:15:12 GMT; Max-Age=31536000 BrowserId_sec=bl0tThyJEeyU_M2k8kroOw; domain=.force.com; path=/; expires=Fri, 23-Sep-2022 16:15:12 GMT; Max-Age=31536000; secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Fri, 24 Sep 2021 16:15:12 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

POST
H/1.1 200
OK visitWebPage
646-atg-835.mktoresp.com/webevents/ 2 B
311 B 405ms
96ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://646-atg-835.mktoresp.com/webevents/visitWebPage?_mchNc=1632413712932&_mchCn=&_mchId=646-ATG-835&_mchTk=_mch-area1security.com-1632413712931-93269&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&_mchHo=www.area1security.com&_mchPo=&_mchRu=%2Fblog%2F2021-email-threat-report%2F&_mchPc=https%3A&_mchVr=160&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fgo.area1security.com%2F&_mchQp=utm_medium%3Demail__-__utm_source%3Dnewsletter__-__utm_term%3Dna__-__utm_content%3Dna__-__utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes__-__mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/160/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.area1security.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 23 Sep 2021 16:15:13 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 05063448-2924-4ba7-a30d-f622601fe08d

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 32ms
32ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=59259&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.area1security.com%2Fblog%2F2021-email-threat-report%2F%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_term%3Dna%26utm_content%3Dna%26utm_campaign%3D2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes%26mkt_tok%3DNjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss&pv=1632413712933_d01mryn5l&bl=en-us&cb=4860227&return=&ht=&d=&dc=&si=1632413712933_d01mryn5l&cid=&s=1600x1200&rp=https%3A%2F%2Fgo.area1security.com%2F
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?238
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Sep 2021 16:15:12 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 2C18 5 KB
2 KB 18ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:46 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Age: 3206
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1804
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:46 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 2C18 2 KB
1 KB 19ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:52 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Age: 3200
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 768
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:52 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 2C18 2 KB
1 KB 19ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:53 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Age: 3199
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 779
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:53 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 2C18 22 KB
5 KB 18ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:46 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 22 Mar 2021 16:55:48 GMT
Age: 3207
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4989
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:46 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-c2-ia2.salesforceliveagent.com/chat/rest/EmbeddedService/ 163 B
557 B 743ms
91ms Script
text/javascript 13.110.8.133
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ia2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D50000000BN7G&EmbeddedServiceConfig.configName=Website&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.8.133 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.la1-c2-ia2.salesforceliveagent.com

Software

Resource Hash

35065176b158f7eae00a5e134dc30c307bbe08ff4164ac3612a1e782fbe47a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 18 KB
5 KB 19ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:52 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 15 Apr 2021 16:21:22 GMT
Age: 3201
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4477
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:52 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://service.force.com/
Origin: https://www.area1security.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 2C18 473 B
744 B 18ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.area1security.com/blog/2021-email-threat-report/?utm_medium=email&utm_source=newsletter&utm_term=na&utm_content=na&utm_campaign=2021-09-23-Newsletter-POTW-Football-phish-and-pumpkin-spice-lattes&mkt_tok=NjQ2LUFURy04MzUAAAF_smJxML0ztgNteG9h7Q14IYqwqnzd-Mld9lXlJs6cI9W0AQS8K3L3aUidqFat9PyybiCSAA1404PpKnjd2p_mARV0QWsG-zqaIZFHqT-hUss
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:52 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 3201
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 231
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:52 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la1-c2-ia2.salesforceliveagent.com/chat/rest/Visitor/ 166 B
558 B 724ms
92ms Script
text/javascript 13.110.8.133
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ia2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5731T000000L3oF]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5721T0000008Pev&org_id=00D50000000BN7G&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.8.133 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-iad3.la1-c2-ia2.salesforceliveagent.com

Software

Resource Hash

07a1621e7fe611eacabf42c48c54425488374ebc21838af5d516b06921327c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 18ms
18ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 23 Sep 2021 15:21:35 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 3218
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 2469
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Sep 2021 15:21:35 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9AA7 0
18 B 16ms
7ms Document
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 19315
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.area1security.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.area1security.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.area1security.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.area1security.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Thu, 23 Sep 2021 16:15:13 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la1-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/ 15 KB
4 KB 747ms
159ms Script
text/javascript 13.110.2.5

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D50000000BN7G&EmbeddedServiceConfig.configName=Website&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.2.5 -, , ASN (),

Reverse DNS

Software

Resource Hash

c73a82529e27021f8751b33c1a43599ce09fdddc65113bf41b8f1628a4439204

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK Availability.jsonp Show response
d.la1-c2-ph2.salesforceliveagent.com/chat/rest/Visitor/ 161 B
554 B 708ms
156ms Script
text/javascript 13.110.2.5

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c2-ph2.salesforceliveagent.com/chat/rest/Visitor/Availability.jsonp?sid=undefined&r=784&Availability.prefix=Visitor&Availability.ids=[5731T000000L3oF]&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5721T0000008Pev&org_id=00D50000000BN7G&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.2.5 -, , ASN (),

Reverse DNS

Software

Resource Hash

d6ebc5d1049d3a7541c9bcc720e6511c2e7b59cb61d32584ccc7a6041ad5d44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.area1security.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.area1security.com/	1969-12-31 23:59:59	Name: BIGipServerab_mailtracking_80 Value: !yG/t7GhE87kZ6s7w/jjXoMq3bOgvMn+o0c1GTBtuXSYtOpQiQyB2HizelLb1zqyVrS6oT3pBVgxiRSM=
.go.area1security.com/	1970-01-19 21:26:55	Name: __cf_bm Value: UulX35e6e3Va3dEG5xNxw.G.KDl5TbyUS7Y5B06NVfk-1632413709-0-AcaHl/59EgGoea/t9LJOmqq+9mjxtEbqKScNebtXyk+tnx5/UjOEVr7JiMTEds/hArE/2mgzi4dxPyvndUmqKFE=
.app-ab22.marketo.com/	1970-01-19 21:26:55	Name: __cf_bm Value: fRPHgng8DO7XbP0PZWX8Ms.5TGOZkaDoafvBIJpeEBs-1632413711-0-AdAwyvJiu7Du2yDZTr2swO77UQAfotjhWuyBwCvnrLgNmtuMGQu0KI0VLK6qS6h5SYQ0KyjKocGLpgpPKzxKKh0=
.area1security.com/	1970-01-19 23:36:29	Name: _gcl_au Value: 1.1.949060950.1632413711
.area1security.com/	1970-01-20 14:58:05	Name: _ga Value: GA1.2.620896031.1632413712
.area1security.com/	1970-01-19 21:28:20	Name: _gid Value: GA1.2.2069740459.1632413712
.bing.com/	1970-01-20 06:48:29	Name: MUID Value: 2DC5FD4881AE6F210AFCEDF380EC6E44
.area1security.com/	1970-01-19 21:26:53	Name: _gat_UA-50588008-1 Value: 1
tracking.g2crowd.com/	1970-01-19 21:47:03	Name: _session_id Value: 1322ad2ec7dbc31d735279bdfb4c02c5
.g2crowd.com/	1970-01-19 21:26:55	Name: __cf_bm Value: ..ZsG0ovleDrBt8nj8gRa84gfTLeJ2S4I5oCLD2.vds-1632413711-0-AQHLITpHFKn7sKa6TAvKDwTRnxNBfTYcZlRLImR24on3qzn91CUrR1poEn7IujJZA/lY1QBjczV4GX04ZjAT9ic=
.ws.zoominfo.com/	1970-01-20 06:12:29	Name: visitorId Value: e318e0dae5a76be8aebbb345fa1cc0f24a4103156d5e270b16418e4a4d85ec0a
.zoominfo.com/	1970-01-19 21:26:55	Name: __cf_bm Value: Hy5f3RlHzuAN5JhPiPbskvaqurfjFKVwR6YnNrW3EvU-1632413711-0-AUEmdOL5PHtZRn1emm2JBSopg7948YorZBZbL7Szi8gHNHFlYX/Q7tyI6n5g/ZuJrgN8L+mbyLTNx5rMg3mFDKE=
.acuityplatform.com/	1970-01-20 06:12:29	Name: auid Value: 609255431208
.area1security.com/	1970-01-20 06:12:29	Name: _biz_uid Value: e07557a1d9f54e41a5aea7a1c785ac0d
.area1security.com/	1970-01-19 21:26:55	Name: _biz_sid Value: 51cf1a
.area1security.com/	1970-01-20 06:12:29	Name: _biz_nA Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WBcTd7adpC0
.youtube.com/	1970-01-20 01:46:05	Name: VISITOR_INFO1_LIVE Value: _t79VWIYAus
.area1security.com/	1970-01-19 21:28:20	Name: _uetsid Value: 6e0cbed01c8911ecb51285a123674d60
.area1security.com/	1970-01-20 06:48:29	Name: _uetvid Value: 6e0ce4701c8911ec9f1b61fafbb5262a
.bizible.com/	1970-01-20 06:12:29	Name: _BUID Value: e07557a1d9f54e41a5aea7a1c785ac0d
.bizibly.com/	1970-01-20 06:12:29	Name: _BUID Value: 68e8e6dc39baaa8e1b263758487fd9f7
.area1security.com/	1970-01-20 06:12:29	Name: _biz_pendingA Value: %5B%5D
.area1security.com/	1970-01-20 14:58:05	Name: _ga_XM4D98EE7X Value: GS1.1.1632413711.1.1.1632413712.0
.area1security.com/	1970-01-19 23:36:29	Name: _fbp Value: fb.1.1632413712898.1436414514
.area1security.com/	1970-01-20 06:12:29	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.area1security.com/	1970-01-20 14:58:05	Name: _mkto_trk Value: id:646-ATG-835&token:_mch-area1security.com-1632413712931-93269
.force.com/	1970-01-20 06:12:29	Name: BrowserId_sec Value: bl0tThyJEeyU_M2k8kroOw
.linkedin.com/	1970-01-19 22:10:05	Name: UserMatchHistory Value: AQKVQtwffKyslgAAAXwTcINR27yd6kjnpGhbyNUSV6uG5ac_1cBJiFkZvbaW21oh-MUQI16dQ44ELA
.linkedin.com/	1970-01-19 22:10:05	Name: AnalyticsSyncHistory Value: AQLhPznnoEAHqQAAAXwTcINR_5mMF2a-g9F-6qqQ1G0MAbpoQeRuD9Svi3w2wxiROQUS-KvsnS8ysWgx2lGUYQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:58:47	Name: bcookie Value: "v=2&8435fe09-aae9-4327-8093-a374d56499bf"
.linkedin.com/	1970-01-19 21:28:20	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2317:u=1:x=1:i=1632413713:t=1632500113:v=2:sig=AQEw9Bi6x5lovW_C_05rf6LCe4V42xUo"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:58:47	Name: bscookie Value: "v=1&202109231615139c1f3097-e1b2-4fa8-8c50-fd57736ea257AQHom3McI6m62uNotvM2qHr1Of0xXuG6"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cookie-cdn.cookiepro.com/consent/ab8c0109-5636-4aee-9543-2c9736584132/otSDKStub.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

646-atg-835.mktoresp.com
ajax.cloudflare.com
ajax.googleapis.com
app-ab22.marketo.com
bat.bing.com
cdn.bizible.com
cdn.bizibly.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
cookie-cdn.cookiepro.com
d.adroll.com
d.la1-c2-ia2.salesforceliveagent.com
d.la1-c2-ph2.salesforceliveagent.com
e.acuityplatform.com
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
go.area1security.com
ipinfo.io
maps.googleapis.com
ml314.com
monitor.clickcease.com
munchkin.marketo.net
origin.acuityplatform.com
p.typekit.net
plausible.io
player.vimeo.com
px.ads.linkedin.com
s.adroll.com
service.force.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tracking.g2crowd.com
unpkg.com
use.typekit.net
w.soundcloud.com
ws.zoominfo.com
www.area1security.com
www.bugherd.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
104.111.215.74
104.111.233.5
104.111.234.67
104.16.123.175
104.16.168.82
104.16.18.94
104.16.94.65
104.16.95.80
104.17.72.14
104.18.26.153
104.18.26.190
104.18.27.153
104.18.6.120
108.174.11.37
13.107.42.14
13.110.2.5
13.110.8.133
13.224.193.18
13.225.78.81
142.250.181.226
142.250.185.202
142.250.185.227
142.250.186.110
142.250.186.132
142.250.186.168
142.250.186.46
151.101.114.109
151.101.129.229
151.101.192.217
152.195.15.58
161.71.0.165
172.217.16.138
172.67.68.112
18.159.128.50
185.60.216.19
185.60.216.35
192.28.144.124
2.16.186.59
2.18.234.132
204.79.197.200
34.117.59.81
34.247.104.176
34.253.133.188
40.76.84.176
54.161.241.46
69.90.254.51
74.125.140.155
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06f0f999f55406270467fd935c746d8f0e2865acb2df6567a673cabfd244cfb5
07a1621e7fe611eacabf42c48c54425488374ebc21838af5d516b06921327c62
0d124fecbfd554e55a642450f43f4b86eea9a42685c1fc38e8b23f9c4367a1c1
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12652b8c867190445bd4367c4946aa61b2179103946e9faafb1cb7175587b1aa
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
132c4051a58f9fdd922dcfb770ce092775ed984bfa57cfd812779466dad9a6de
1b05ce33469db78a252caf0e176e3cb56cd4d1d17aa3c3cda89f8088bb3eefda
1b8811650afae7a53ca6e2bf2ac088b8cdec200b6eb62284cc145f8695fb6a09
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2107e5c8ed1195bd4435c730cfbe30733f0c39387ea34c48948fd16eb4fa2d2d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c
265ee670fb9cddddcf82a670c2ff6ab45f5748d03e168d430000b2f759c76467
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
294414e139f345ee2bfb693e9e4e9106780f16ba75ece4a3663d145ea4252b80
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
35065176b158f7eae00a5e134dc30c307bbe08ff4164ac3612a1e782fbe47a83
37395d94fe5c1a9b6fbd12955388eefb1fd0c15cc95619f8c8157fb132c30277
377bf285812a1c784b42626aa90f76db9b9100f16513490e87a7c7e8c5c9ce78
3bb5ef29fb54f147873b07060266a8e6641c27c912e85cbbc9a2cb03b6d6885c
3c39de8d003d74962c2ab7b13b22a10537838552f27f541e911c9b28e9df802a
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
4000491b7d18b66d57d9275cdb4d9fe2aa09afafd3ef8ca50abb7a036ff3341b
400482d0fbb38e9fe4fd5d3e3bb2325ea89704d9b7305789c6e87dabeda8db44
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
4467ffb4ae4b4f41c5991658df000d25620dfb207815bf241734799872721ae6
46b64c00ebd40624e9afe674eb6ce37805d5d77cf20f30abdc2f768fb2ae842d
47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531
4ccdf38a85a3377cf2dd8da121ec4988a2e4bf3d6a9c7b3e25d0d6fecdb1f85a
4d480011841648386a4310dff9baaaadb64a38e3ef64080b0301dc3a6111396f
5093d66e8ef5b3312b28c9a41374329e39bca3de0b191332e63dc50e4135f980
524651cee6da99f6a81a7944caeb1573464eaceee2d54133cd855fba28817ac3
549b83067ea1d0e98098b514e8936073e88c179c7a132b65cd424e17cde5a167
55972d7caa62933667f57f1c1be3c233ebf0b1d3ab517f5e4941320d31320187
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5760abbfa67359c3650438595115971824afc9a3733225186bb6dfd6a7259e73
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
5b3a49c749818c433428b262cd78ed523c9828e8d233e406041bf241071a7cfc
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6aa5983770ef585fff52a541b8b250855db19a5dfb65ddb011a4039525930621
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589
6faed0e4b708dd466ed2caf20a877b4b99ce8f938d31caa3af6f70772ba641ac
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
733a018cb334354fff1d8ae52623d5669bd4df4da01ceb0912a352361ba14247
73c9c1546f2686db9616c2d5af00ec2736ef6ca73db719eb6d063af6f0dde048
744c9878177e67a6f1e2e63dd8cac38561164bd4337efa970de2ca32473dcb3a
74ea3c41c31d42cb8b923c06bea1b37bf316685bbf53d020153600c247c650be
75d9700e1dc0a0c72a7815a64a7c0a737e92b492d65e7f16533f5fed1a09e1b5
79a29c21089bcc3e07886e20076d1b33adabb75c126c8c60abe68e11b6fa73b6
7e4021b59c1368de0d79e4c4c4b055765bc0bea375872a2b0e8ef33f66d5c485
7e6970493c7ac78eed1fa06e9272de17d1ae32f994e3e53bcbeaaf18029042ea
7eabaa9bb3449c434af9a74f77afb68872049c4d67b2326589c112b2db9b02a3
7f29ca6f44358ea1c9e67756c00dda91adf2785589c02bc35651621c50dc9acf
821bfc2f47ab9dd3b11680ecefae0f2b3805fca21369dcb6199482bdc1b6a388
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8baa01b3b16cfe77ad745bd12cc99d1a226a9855b17cb4c2b9c6edf754be53f2
8d271651ab738decccbf7a51cb841950491145afe5d76684f38a13b523071601
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d
8f2d1c735b5f128cf145f0e570df119cab93631a0e97df88646ac14c0a21782b
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
9483c3edc74ee7dd684d284c0331ec95843db65efd5586bc116628b6d0a3a20d
98efd9f1b80ef8fb38694de1212745a8067a60f027cb87b08f4ed8920a72aa82
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a3db5523fb8a7d48b136cc5aaefc6783a8522eda0ebefdcf53b6dc6a72a19d27
a4921aad5ae965e27b65848b1506a1673420ef448f5e629eee0d19b602b5a660
a7a026aad00d896e080177654f76a2dea090679dbdaa2a05e6ad413dc8047fb8
a8709f5e3c8f9bc458a7cc969d0cb75c8c29b84945c0d850b28286de6c963b9a
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
affcef0cff0317f06fb0feaed3e1fe6ca8360f31f0a813d1b428ab89260bb1d6
b24207aff7e9280902ca7361fb41663dc848bb1beba31bab29d504e5dd5e19eb
b7b4485524c7103fd09aa1dc80127e5d4e541a5f81a1c78b074efc73b8b23904
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
be0ebfdbb730b13f089cb09b7fca162edc15387d6f98571d1ddf531711d88909
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c73a82529e27021f8751b33c1a43599ce09fdddc65113bf41b8f1628a4439204
cc5d370924e2c28e8f2d6d607c5975c42fafe866baf92c798e6f4c087f439147
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d28b76c842f5e5374aab5c93c9bb4e15db9a3cc8b0500c59831fd66b8161b239
d6ebc5d1049d3a7541c9bcc720e6511c2e7b59cb61d32584ccc7a6041ad5d44c
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
d95d118f40261322ba745b4d268218faa9488bc80f209e15a1facc5c598d5881
dc7334c9c89e9a6f685772653be300ab88b0b9ca44527a8e9402e72b30ee3111
ddaa3b5cfab52c3ce36ae76272ebbbd9f2468ee2d34b7908bd852911b7012ba2
de22a1f465480545ea9595d61c16ad21ad40e6b2509cca0e76d2601980e52988
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df965e89ef07dd7e42f8e2943f46e6d8c80a4393b29411f00314389de6639587
e0a51c3902b673d52b9b929d573feeda103fd8f4f3e71361409bf34000718b31
e26b2c7a50c147bac4620bd26208458eca76874bf810dc14cece0422df07b35a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b6aa731e7279ae65d5cd4866dd04763987ba6374ec8f5624449e65e844fac6
e61452dfc7618c61fdb2891ef6c18e147ec6de6d0796657d145cefc3c8d2357c
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ed1b1bae5ef8cf7a5b21a6741c7a0e6406b6fdc3d89f0d05982652bdf2dbf684
edb80de1f7a8a324a3fe4c0db17f7fbeba3af9753c35ed819544a78837e4e804
ee2a7b51378f1eae8def636a976934def4a2fec23a7db806d6c644bce4e600fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f095842c75083cf4b0c75c40bd141e370439ca47fdd9de72e654b62674b3c753
f47db0309c90651455e82c890083e68c0b2c1c423de07e0d41ac21cefac149da
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7ac5ac9022f66779b2df77751582d8543ecc442511969239797442a372ef989
f9335a3578fbb78eba8922527950b8773e21ebc2d28e6f72ce9d223094bfdbdc
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.area1security.com Open in urlscan Pro 104.18.27.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

100 %HTTPS

0 %IPv6

39 Domains

50 Subdomains

46 IPs

5 Countries

3304 kBTransfer

6871 kBSize

35 Cookies

11 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.area1security.com Open in urlscan Pro
104.18.27.153 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

100 %
HTTPS

0 %
IPv6

39
Domains

50
Subdomains

46
IPs

5
Countries

3304 kB
Transfer

6871 kB
Size

35
Cookies

135 HTTP transactions
1 data transactions