www.bitdefender.com.au Open in urlscan Pro
172.64.150.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Submission Tags: falconsandbox
Submission: On June 22 via api (June 22nd 2024, 4:27:19 am UTC) from US — Scanned from AU

Summary HTTP 152 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 64 IPs in 7 countries across 46 domains to perform 152 HTTP transactions. The main IP is 172.64.150.107, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is www.bitdefender.com.au. The Cisco Umbrella rank of the primary domain is 176987.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 5th 2024. Valid for: a year.

This is the only time www.bitdefender.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	172.64.150.107 172.64.150.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	104.102.244.121 104.102.244.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.64.147.169 172.64.147.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	23.55.11.47 23.55.11.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.16.137.209 104.16.137.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.38.128.171 23.38.128.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	44.212.234.98 44.212.234.98	14618 (AMAZON-AES) (AMAZON-AES)
1	104.17.128.172 104.17.128.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.78.142 104.16.78.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.175.201 104.17.175.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.140.17 104.18.140.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.153.27 172.64.153.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.19.177.52 104.19.177.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.65.244.54 18.65.244.54	16509 (AMAZON-02) (AMAZON-02)
1	104.18.142.119 104.18.142.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
4	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.66.234 142.250.66.234	15169 (GOOGLE) (GOOGLE)
1 5	172.217.24.36 172.217.24.36	15169 (GOOGLE) (GOOGLE)
1	104.18.244.108 104.18.244.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
3	142.250.66.227 142.250.66.227	15169 (GOOGLE) (GOOGLE)
1	104.68.24.142 104.68.24.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.193.29.58 34.193.29.58	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.56.170 63.140.56.170	16509 (AMAZON-02) (AMAZON-02)
1 1	54.169.185.174 54.169.185.174	16509 (AMAZON-02) (AMAZON-02)
1	63.140.38.189 63.140.38.189	14618 (AMAZON-AES) (AMAZON-AES)
2	172.64.155.63 172.64.155.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.32.5.109 23.32.5.109	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	142.250.76.102 142.250.76.102	15169 (GOOGLE) (GOOGLE)
1	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
2	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	152.195.58.59 152.195.58.59	15133 (EDGECAST) (EDGECAST)
1	108.158.32.82 108.158.32.82	16509 (AMAZON-02) (AMAZON-02)
1 4	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	151.101.28.157 151.101.28.157	54113 (FASTLY) (FASTLY)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	18.67.93.120 18.67.93.120	16509 (AMAZON-02) (AMAZON-02)
1	18.67.110.80 18.67.110.80	16509 (AMAZON-02) (AMAZON-02)
1	108.158.20.64 108.158.20.64	16509 (AMAZON-02) (AMAZON-02)
1	117.18.232.195 117.18.232.195	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	52.210.44.146 52.210.44.146	16509 (AMAZON-02) (AMAZON-02)
2	108.158.32.67 108.158.32.67	16509 (AMAZON-02) (AMAZON-02)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
2	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	18.67.93.113 18.67.93.113	16509 (AMAZON-02) (AMAZON-02)
2	13.107.246.31 13.107.246.31	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
2	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.16.118.116 104.16.118.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.46.179.82 23.46.179.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.111.52.132 34.111.52.132	() ()
152	64

18 172.64.150.107 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bitdefender.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

businessresources.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.244.121 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-244-121.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.147.169 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.55.11.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-11-47.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.137.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.128.171 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-128-171.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.212.234.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-234-98.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.128.172 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.78.142 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.175.201 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.140.17 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.27 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.177.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.244.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-54.syd3.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.142.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.24.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.244.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.68.24.142 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-24-142.deploy.static.akamaitechnologies.com

assets.adobetarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.29.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-29-58.compute-1.amazonaws.com

bitdefender.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.56.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-56-170.data.adobedc.net

sstats.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.185.174 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-185-174.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.189 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-189.data.adobedc.net

starget.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.155.63 (None, )

ASN13335 (CLOUDFLARENET, US)

cookies-data.onetrust.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.5.109 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-109.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.102 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.58.59 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-82.syd3.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-120.syd62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-80.syd62.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.20.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-64.syd62.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.44.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-44-146.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.32.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-67.syd3.r.cloudfront.net

static.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-113.syd62.r.cloudfront.net

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.179.82 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-179-82.deploy.static.akamaitechnologies.com

download.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.52.132 (None, )

ASN- ()

webchannel-content-service.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	bitdefender.com.au 1 redirects www.bitdefender.com.au — Cisco Umbrella Rank: 176987	225 KB
14	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 428	199 KB
14	bitdefender.com businessresources.bitdefender.com www.bitdefender.com — Cisco Umbrella Rank: 92548 sstats.bitdefender.com — Cisco Umbrella Rank: 179913 starget.bitdefender.com — Cisco Umbrella Rank: 651133 download.bitdefender.com — Cisco Umbrella Rank: 18102	2 MB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 adservice.google.com — Cisco Umbrella Rank: 213 analytics.google.com — Cisco Umbrella Rank: 174	1 KB
7	doubleclick.net 2 redirects ad.doubleclick.net — Cisco Umbrella Rank: 164 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	2 KB
7	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4457 api.hubspot.com — Cisco Umbrella Rank: 5690 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4515 track.hubspot.com — Cisco Umbrella Rank: 2823 forms.hubspot.com — Cisco Umbrella Rank: 6172	29 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 v.clarity.ms — Cisco Umbrella Rank: 7632 c.clarity.ms — Cisco Umbrella Rank: 1434	28 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 360 www.linkedin.com — Cisco Umbrella Rank: 545	3 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	153 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	scarabresearch.com cdn.scarabresearch.com — Cisco Umbrella Rank: 14816 static.scarabresearch.com — Cisco Umbrella Rank: 17833 webchannel-content-service.scarabresearch.com	67 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 361 c.bing.com — Cisco Umbrella Rank: 224	16 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 10208	26 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	252 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 5239 forms-na1.hsforms.com — Cisco Umbrella Rank: 8151 perf-na1.hsforms.com — Cisco Umbrella Rank: 4790	7 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	376 KB
4	company-target.com api.company-target.com — Cisco Umbrella Rank: 4484 s.company-target.com — Cisco Umbrella Rank: 1586	3 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242 bitdefender.demdex.net — Cisco Umbrella Rank: 496592	2 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4936 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488 imgsct.cookiebot.com — Cisco Umbrella Rank: 5824	35 KB
3	google.com.au www.google.com.au — Cisco Umbrella Rank: 22611	190 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	78 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2076 alb.reddit.com — Cisco Umbrella Rank: 1406	761 B
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 6405 tag-logger.demandbase.com — Cisco Umbrella Rank: 5525	23 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1200	13 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260	60 KB
2	onetrust.io cookies-data.onetrust.io — Cisco Umbrella Rank: 13379	84 B
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2984	1 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6487	171 B
1	t.co t.co — Cisco Umbrella Rank: 726	376 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 14945	204 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 905	15 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4429	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 902	14 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 653	315 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1336	517 B
1	adobetarget.com assets.adobetarget.com — Cisco Umbrella Rank: 34890	31 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4224	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 27103	263 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7892	156 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2607	19 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5910	92 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2634	24 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5803	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3959	4 KB
1	twitter.com platform.twitter.com Failed analytics.twitter.com — Cisco Umbrella Rank: 986	723 B
152	46

	Domain	Requested by
18	www.bitdefender.com.au	1 redirects www.bitdefender.com.au
14	assets.adobedtm.com	www.bitdefender.com.au assets.adobedtm.com
7	businessresources.bitdefender.com	www.bitdefender.com.au
5	px.ads.linkedin.com	2 redirects snap.licdn.com www.bitdefender.com.au
5	www.google.com	1 redirects js.hsforms.net www.gstatic.com www.bitdefender.com.au
5	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org
4	www.facebook.com	www.bitdefender.com.au
4	cdn.bizible.com	assets.adobedtm.com www.bitdefender.com.au cdn.bizible.com
4	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	www.google.com.au	www.bitdefender.com.au
3	connect.facebook.net	www.bitdefender.com.au connect.facebook.net
3	bat.bing.com	assets.adobedtm.com bat.bing.com www.bitdefender.com.au
3	ad.doubleclick.net	2 redirects www.bitdefender.com.au
3	fonts.gstatic.com	fonts.googleapis.com
3	api.company-target.com	assets.adobedtm.com cdn.bizible.com
3	dpm.demdex.net	1 redirects www.bitdefender.com.au
3	www.bitdefender.com	www.bitdefender.com.au www.bitdefender.com
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	v.clarity.ms	cdn.bizible.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	static.scarabresearch.com	cdn.scarabresearch.com
2	www.redditstatic.com	www.bitdefender.com.au cdn.bizible.com
2	googleads.g.doubleclick.net	www.bitdefender.com.au www.googletagmanager.com
2	cookies-data.onetrust.io	cdn.cookielaw.org
2	sstats.bitdefender.com	assets.adobedtm.com www.bitdefender.com.au
2	forms-na1.hsforms.com	www.bitdefender.com.au
2	api.hubspot.com	js.usemessages.com
2	js.hs-scripts.com	www.bitdefender.com.au assets.adobedtm.com
2	consent.cookiebot.com	www.bitdefender.com.au consent.cookiebot.com
1	webchannel-content-service.scarabresearch.com	cdn.bizible.com
1	forms.hubspot.com	cdn.bizible.com
1	download.bitdefender.com
1	c.bing.com	1 redirects
1	imgsct.cookiebot.com
1	tag-logger.demandbase.com	cdn.bizible.com
1	alb.reddit.com	www.bitdefender.com.au
1	pixel-config.reddit.com	cdn.bizible.com
1	s.company-target.com	tag.demandbase.com
1	content.hotjar.io	cdn.bizible.com
1	analytics.twitter.com	www.bitdefender.com.au
1	t.co	www.bitdefender.com.au
1	cdn.bizibly.com	www.bitdefender.com.au
1	cdn.scarabresearch.com	www.bitdefender.com.au
1	tag.demandbase.com	www.bitdefender.com.au
1	script.hotjar.com	static.hotjar.com
1	static.ads-twitter.com	www.bitdefender.com.au
1	d.impactradius-event.com	www.bitdefender.com.au
1	static.hotjar.com	www.bitdefender.com.au
1	www.linkedin.com	1 redirects
1	adservice.google.com	www.bitdefender.com.au
1	snap.licdn.com	js.hsadspixel.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	perf-na1.hsforms.com	www.bitdefender.com.au
1	starget.bitdefender.com	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	bitdefender.demdex.net	assets.adobedtm.com
1	assets.adobetarget.com	assets.adobedtm.com
1	www.gstatic.com	www.google.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	fonts.googleapis.com	js.hsforms.net
1	forms.hsforms.com	js.hsforms.net
1	geolocation-db.com	www.bitdefender.com.au
1	js.hsforms.net	www.bitdefender.com.au
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
0	platform.twitter.com Failed	www.bitdefender.com.au
152	75

This site contains links to these domains. Also see Links.

Domain
www.bitdefender.com
www.justice.gov
twitter.com
t.co
techzone.bitdefender.com
intellizone.bitdefender.com
facebook.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.bitdefender.com.au Sectigo RSA Domain Validation Secure Server CA	`2024-03-05` - `2025-04-04`	a year	crt.sh
businessresources.bitdefender.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.bitdefender.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-11-07`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hsleadflows.net E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
hsforms.net WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
geolocation-db.com R11	`2024-06-10` - `2024-09-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
assets.adobetarget.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-18` - `2025-02-17`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
sstats.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-07`	a year	crt.sh
starget.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-30` - `2024-11-30`	a year	crt.sh
onetrust.io GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.scarabresearch.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-20`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-08` - `2024-10-08`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.company-target.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com.au WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
download.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-20` - `2025-05-19`	a year	crt.sh
webchannel-content-service.scarabresearch.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Frame ID: 45A508196D15AEDC99394458AC49C3CC
Requests: 145 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: AAB89F307AD3E0F9A8C0C960958DF508
Requests: 1 HTTP requests in this frame

Frame: https://bitdefender.demdex.net/dest5.html?d_nsid=0
Frame ID: 4367D95655E54E035CE6C35E209A7FFD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuYml0ZGVmZW5kZXIuY29tLmF1OjQ0Mw..&hl=en&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&badge=inline&cb=hsa64w1gc2wa
Frame ID: 322D99652BA6005B3A712240B315343D
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 2293B3B1B92A62FD9E65ABC099343E72
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=KXX4ARWFlYTftefkdODAYWZh&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 8637A3298E71EC129476695295D5F8F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hive Ransomware's Offspring: Hunters International Takes the Stage

Page URL History Show full URLs

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes... HTTP 301
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes... Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

152
Requests

95 %
HTTPS

0 %
IPv6

46
Domains

75
Subdomains

64
IPs

7
Countries

4153 kB
Transfer

8910 kB
Size

83
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bitdefender.com/business/products/inquire/?hsCtaTracking=1d8885e9-1179-49b1-a5ec-9c75f5f670dd%7C7c7083d1-a63a-479d-8f58-abc2d5c547f8&__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: Contact an expert

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant
Title: dismantle one of the most notorious ransomware groups known as Hive

Search URL Search Domain Scan URL

URL: https://twitter.com/rivitna2/status/1715345562034225621
Title: @rivitna2

Search URL Search Domain Scan URL

URL: https://twitter.com/BushidoToken/status/1715368444806275182
Title: @BushidoToken

Search URL Search Domain Scan URL

URL: https://twitter.com/rivitna2?ref_src=twsrc%5Etfw
Title: @rivitna2

Search URL Search Domain Scan URL

URL: https://t.co/60quS4N9O9
Title: https://t.co/60quS4N9O9

Search URL Search Domain Scan URL

URL: https://twitter.com/BushidoToken/status/1715368444806275182?ref_src=twsrc%5Etfw
Title: October 20, 2023

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/security-layers/protection/ransomware-protection.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: do not solely rely on Shadow Copy technology

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/security-layers/protection/process-protection.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: Process Protection

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/gravityzone-platform/multi-layered-security.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: Bitdefender TechZone

Search URL Search Domain Scan URL

URL: https://intellizone.bitdefender.com/en/threat-search/threats/BDsezklncw?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: ThreatID BDsezklncw

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/business/products/advanced-threat-intelligence.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: visit our product page

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/security-layers/detection/sensors.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: sensors

Search URL Search Domain Scan URL

URL: https://facebook.com/Bitdefender/

Search URL Search Domain Scan URL

URL: https://twitter.com/Bitdefender_Ent

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitdefender/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BitdefenderSecurity

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/site/view/legal-terms.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: Legal Information

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/site/view/legal-privacy-policy-for-bitdefender-websites.html?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/site/Main/contact/1?__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&__hsfp=522907934
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage HTTP 301
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719030430111 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719030430111

Request Chain 69

https://cm.everesttech.net/cm/dd?d_uuid=69610708570727587291383785313946623285 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnZSnwAAAKLfDAM8

Request Chain 77

https://ad.doubleclick.net/activity;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=1172748687.1719030432;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=932244923;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=1172748687.1719030432;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=932244923;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=932244923;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Request Chain 79

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1854795500.1719030432&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=1172748687.1719030432&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1854795500.1719030432&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=1172748687.1719030432&frm=0

Request Chain 83

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D359890%26time%3D1719030432139%26url%3Dhttps%253A%252F%252Fwww.bitdefender.com.au%252Fblog%252Fbusinessinsights%252Fhive-ransomwares-offspring-hunters-international-takes-the-stage%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true&liSync=true

Request Chain 144

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2A936A8256D84429BB6D3FE4A6093BA1&RedC=c.clarity.ms&MXFR=16AAAFFC6E206DD812E4BB5A6A206384 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2A936A8256D84429BB6D3FE4A6093BA1&MUID=07C5A61C790867E83CABB2BA789866BB

152 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Redirect Chain

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

141 KB
37 KB

436ms
435ms

Document
text/html

172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e57eb0ba8a5b7db9d8db260230796eaa63a12d3999a123ccbafe68ed8bb1b529

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' .bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com .facebook.com .google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net .criteo.com .2mdn.net .googlesyndication.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri .bitdefender.com .bitdefender.com.au .bitdefender.co.uk .bitdefender.ro .bitdefender.fr .bitdefender.de
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 89797be8ecaba938-SYD
content-encoding: gzip
content-security-policy: default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' *.bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' *.emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com *.google.com www.gstatic.com *.hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com *.googleadservices.com tag.demandbase.com *.doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com *.hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com *.bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net *.clarity.ms *.bitdefender.com *.scarabresearch.com www.dwin1.com *.taboola.com *.outbrain.com retrack-kupona.kuponacdn.de ad4m.at *.google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' *.cookielaw.org *.criteo.com *.googletagservices.com *.2mdn.net *.googlesyndication.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com *.facebook.com *.google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net *.criteo.com *.2mdn.net *.googlesyndication.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com *.emarsys.net *.hubapi.com *.hubspot.com *.facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com *.bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com *.google.com *.scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com *.google-analytics.com *.analytics.google.com analytics.google.com *.clarity.ms *.doubleclick.net *.taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com *.bizible.com *.bizible.net px.ads.linkedin.com *.redditstatic.com *.googlesyndication.com *.cookielaw.org *.onetrust.com *.onetrust.io *.criteo.com *.reddit.com *.googleadservices.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri *.bitdefender.com *.bitdefender.com.au *.bitdefender.co.uk *.bitdefender.ro *.bitdefender.fr *.bitdefender.de
content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 04:27:07 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 89797be24daca938-SYD
date: Sat, 22 Jun 2024 04:27:07 GMT
location: /blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H3 200 image%20(3)-3.png
businessresources.bitdefender.com/hubfs/ 559 KB
561 KB 92ms
44ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/image%20(3)-3.png

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e50d3be7ae652e8b3c9077698cb5b77538fafc1c28652871f5f9ec22bd2ae0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-144390890007,P-341979,FLS-ALL
age: 106056
x-amz-request-id: 8WZVY55W25SA7G23
x-amz-server-side-encryption: AES256
edge-cache-tag: F-144390890007,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="image%20(3)-3.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "1b4bafb685723c6565f7be75239d892d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699392995461
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 28d9734ff3f988ae9afd788fe4df27c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vlD.LBMxW0ngQPq57joomufoxdo4pP4x
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1176603
x-cache: Miss from cloudfront
cache-tag: F-144390890007,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 572418
x-amz-id-2: LowJ+APdiC2xQMB4uqoVp+NdW09Mjs2m8YSrMsGhPgNluWrgC85HF31NqPemCpUcDlXlHILUFHM=
last-modified: Tue, 07 Nov 2023 21:36:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlgT0ysLGpJpGMaK%2BhV8dB2L6c%2BUdRuEJgiW9owrVoIV44c8xQD2TizrB%2BGEl6DnzULpaRawmN2mMxrrjZFzFajM2kklDcatkGpd0ZYuMw4PVV%2FA%2Biqs5a6TVhx3rf4jD9vV%2BbgwqfxYAQ%2Fe%2FloCSESfpg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bebff04a80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZJeGiKXTLcGSQMSKH4MFu2XnKkUsSAjnfHu74tO_pRy1uuZNyr-oFA==

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 109 KB
34 KB 384ms
12ms Script
application/javascript 104.102.244.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.244.121 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-244-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7dda4b29507887a80d74c81a30e6ff5241e414a7381cc0a4f6eef32595ebadf3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 07:02:36 GMT
etag: "d6e744804dc1da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=149
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 34250
expires: Sat, 22 Jun 2024 04:29:36 GMT

GET
H2 200 TagIT.v1.min.js Show response
www.bitdefender.com/scripts/ 15 KB
4 KB 1372ms
1355ms Script
application/x-javascript 172.64.147.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.169 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1789e6bf0f139fc89e73756237ae433989a6d27e7effe2d1771c06d2566f889b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sat, 22 Jun 2024 04:27:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 15 Mar 2019 11:31:57 GMT
server: cloudflare
etag: W/"5c8b8d2d-3b83"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 89797bebcd395c05-SYD

GET
H2 200 launch-b77a56f2d5f1.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/ 534 KB
153 KB 370ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9342b2c5d6efa563547b694ef832c0f0b3db49e04659d1c6271d8f047bf671d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:09 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:31 GMT
server: AkamaiNetStorage
etag: "fdb5fd8b74feda48dcb06785266f0b6b:1716984390.961067"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 155853
expires: Sat, 22 Jun 2024 05:27:09 GMT

GET
H2 200 341979.js Show response
js.hs-scripts.com/ 3 KB
1 KB 1018ms
698ms Script
application/javascript 104.16.137.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/341979.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f01a50bfcac2d1883a05d012267686baf1184c0d89e3adfcf6ba67fead49c7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6d8fed41-f10e-4345-947c-fd132e0a8c27
x-envoy-upstream-service-time: 5
content-length: 699
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6d8fed41-f10e-4345-947c-fd132e0a8c27
last-modified: Sat, 22 Jun 2024 04:17:15 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-v4m8x
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 89797bf64c07aadd-SYD
expires: Sat, 22 Jun 2024 04:28:39 GMT

GET
H2 200 service-worker.js Show response
www.bitdefender.com.au/content/dam/workers/ 101 B
562 B 851ms
851ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/content/dam/workers/service-worker.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6f4ec6849e6e8849d1130e40a378a9c7e751cd949306edd3383f7effa90658

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-vhost: bitdefender.com.au
x-cache: MISS
content-disposition: attachment; filename="service-worker.js"; filename*=UTF-8''service-worker.js
x-xss-protection: 1; mode=block
service-worker-allowed: /
x-served-by: cache-syd10124-SYD
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 May 2024 10:26:49 GMT
server: cloudflare
x-timer: S1719030429.865163,VS0,VS0,VE823
etag: W/"0x8DC7592B25921C3"
x-frame-options: SAMEORIGIN
bitdefender-test: this-is-added-via-Fastly-config
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=600, immutable
vary: Accept-Encoding
cf-ray: 89797bf44934a938-SYD

GET
H2 200 becf6ba.js Show response
www.bitdefender.com.au/blog/_nuxt/ 5 KB
2 KB 28ms
26ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1ce0a956c2fe87a1ccb2855dc96bfd069dfbb25144b3801e4a65e1394a68c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235050
etag: W/"1411-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf61a938-SYD

GET
H2 200 74747a3.js Show response
www.bitdefender.com.au/blog/_nuxt/ 240 KB
82 KB 24ms
22ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/74747a3.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce7fa542b8dd9e9737b93da77f8386c6ccb5e5e0b8dd1eaf9d741b7145ca6b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235050
etag: W/"3bfb1-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf63a938-SYD

GET
H2 200 e3da87c.js Show response
www.bitdefender.com.au/blog/_nuxt/ 29 KB
9 KB 23ms
21ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/e3da87c.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59db75d7a5be7419c7e0f29c09275c70d29a4586c8e1b37b00a6c0fb88e79372

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235050
etag: W/"7393-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf64a938-SYD

GET
H2 200 729f721.css
www.bitdefender.com.au/blog/_nuxt/css/ 36 KB
7 KB 2626ms
2625ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/729f721.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e815080b904770061dd4c45e5e70721be774b7bb15fe135a6e8f40b772aca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"90bd-190302a6090"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf5aa938-SYD

GET
H2 200 0475f83.js Show response
www.bitdefender.com.au/blog/_nuxt/ 96 KB
28 KB 32ms
30ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/0475f83.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfc9f2ed2b7484f41f6cb3aef85fd8a7d3f61440e1fdd141bb63503662b5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235050
etag: W/"17fde-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf65a938-SYD

GET
H2 200 a948464.css
www.bitdefender.com.au/blog/_nuxt/css/ 1 KB
518 B 26ms
25ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/a948464.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

831b25d2cf0066937657444e6d8366c0e51af9ac0989def0613358d48bd45b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1273895
etag: W/"432-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf5ca938-SYD

GET
H2 200 693ed4e.js Show response
www.bitdefender.com.au/blog/_nuxt/ 51 KB
14 KB 28ms
27ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/693ed4e.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b3d508f173d533137db40577d18f7dc9083ce8e56b41741e60b9908e6d6e437

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 113825
etag: W/"cb4c-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf66a938-SYD

GET
H2 200 6e55ef7.css
www.bitdefender.com.au/blog/_nuxt/css/ 114 B
176 B 29ms
28ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/6e55ef7.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6692354a1d9a4d531832e922f7e86a9e80f24562572c9dc7614a71fe5145b266

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1273894
etag: W/"72-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf5fa938-SYD

GET
H2 200 0175dd4.js Show response
www.bitdefender.com.au/blog/_nuxt/ 767 B
558 B 30ms
29ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/0175dd4.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5aa0a6b077aaff322c613466f59676e2006820805af770e34adca461bd8607

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 31539
etag: W/"2ff-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bebaf67a938-SYD

GET
H2 200 cc.js Show response
consent.cookiebot.com/4a55b566-7010-4633-9b03-7ba7735be0b6/ 378 B
605 B 420ms
420ms Script
application/x-javascript 104.102.244.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/4a55b566-7010-4633-9b03-7ba7735be0b6/cc.js?renew=false&referer=www.bitdefender.com.au&dnt=false&init=false&culture=en_US
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.244.121 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-244-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: faa2d073082188a0039399a9f374a523a9f3750ae9f1d2599ae63b27a860b149

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:09 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
cross-origin-resource-policy: cross-origin
content-length: 368
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 / Show response
www.bitdefender.com/site/Main/TagIT/newsessioninit/ 33 B
705 B 1379ms
1379ms Script
application/javascript 172.64.147.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/site/Main/TagIT/newsessioninit/?callback=&l=en&ch=1719030430

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.169 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fceba08a6bbdf2598e8f6d43e71b51854337da5f880c3fff252a25b9cd10b6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP="NOI ADM DEV COM NAV OUR STP"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 89797bf44c9b5c05-SYD
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET widgets.js
platform.twitter.com/ 0
0

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame AAB8 0
0 312ms
3ms Document
text/html 23.38.128.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.128.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-128-171.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 04:27:09 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sun, 22 Jun 2025 04:27:09 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1719030429192_389542559_559618740_32_996_1_5_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719030430111
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719030430111

965 B
1 KB

210ms
209ms

XHR
application/json

44.212.234.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719030430111

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

44.212.234.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-212-234-98.compute-1.amazonaws.com

Software

Resource Hash

ddf7a1af4b999f12447e6f1cb4e9834bf1abdb6a4d0753d665e716fb1d6b646c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v060-08662871e.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: Ix7XT07PQFw=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 555
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v060-087c8ec94.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 5kqycIRrS3Y=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719030430111
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 35 KB
13 KB 3ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:30 GMT
server: AkamaiNetStorage
etag: "964f8cb588092ac645368e7307eb73ac:1709578290.803919"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12938
expires: Sat, 22 Jun 2024 05:27:10 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 3 KB
2 KB 4ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:31 GMT
server: AkamaiNetStorage
etag: "9cf185793291692f744c78c75da01dd8:1709578291.795602"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1599
expires: Sat, 22 Jun 2024 05:27:10 GMT

GET
H2 200 RC50ea5341704e40ab9332a85e7d603ff0-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 1 KB
735 B 3ms
2ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC50ea5341704e40ab9332a85e7d603ff0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 583cabf7f2229d895c7db724e90d84ab6a7c9dd29660c487ca4ef529eaca9f02

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 473
expires: Sat, 22 Jun 2024 05:27:10 GMT

GET
H2 200 RCdf53f36ada0443f383014b28992e7a3c-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 60 KB
24 KB 10ms
9ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RCdf53f36ada0443f383014b28992e7a3c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a78c9f43dc3bd6f5fd515c9bb4b5f9a902d3352897674ca4b2f36a065cef1da2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 24043
expires: Sat, 22 Jun 2024 05:27:10 GMT

GET
H2 200 RC408cde3d6bbb49f4a45d50fdd0c881bb-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 4 KB
2 KB 3ms
2ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC408cde3d6bbb49f4a45d50fdd0c881bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ec4d2d21dd008135647d484526d98d4ac5700f623162536aac2c381bad26c15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1531
expires: Sat, 22 Jun 2024 05:27:10 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 331ms
11ms Script
application/javascript 104.17.128.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.128.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: 7Zz_oLsqoY3yHsxt9nM5YRwsj1MKwqFV
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 77
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.565/bundles/pixels-release.js&cfRay=89797a1b3dc05d14-SYD
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 708a592f-3b46-44e8-886f-bf99c62761ca
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 708a592f-3b46-44e8-886f-bf99c62761ca
last-modified: Tue, 18 Jun 2024 12:46:30 UTC
server: cloudflare
etag: W/"b233ea75981268a81228cd819e8fd5eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-8zszv
cf-ray: 89797bfe7e38a820-SYD
x-amz-cf-id: BrW0PAws2qMjQpPWy390HlxRYdhxEoHPvzsOIEtkBMin0m9hlVeifw==
x-hs-target-asset: adsscriptloaderstatic/static-1.565/bundles/pixels-release.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 564ms
243ms Script
application/javascript 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1fca31f7e7a89c198881e69c42c6bb3578b7d55f2cee7463b96360feaf7eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1194/bundles/project.js&cfRay=89797bfe7bb3a943-SYD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"50f2e99c1f025777ca05bdae3cfcf91d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1194/bundles/project.js
date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: MDb_7hFyElKIrRJmReYAEj96Es7nef4a
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 5cf1973f-e0d3-4104-bdd7-2362558aebf8
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5cf1973f-e0d3-4104-bdd7-2362558aebf8
last-modified: Thu, 20 Jun 2024 14:37:30 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24dz9FqY1JvjBhmKhBWk03ICkwZYR6TGPqJp1mtAM1SFVHZ5lvAwe0BC802qt7OAHLLAXgjc0WfU15Otot560s81MzqLAXqU5B%2BVuPH6VIunaQnMIsM7I%2BuQnbE62l6K"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray: 89797bfe7bb3a943-SYD
x-amz-cf-id: T6wnYO_xhxCiWrRn9veiB0IwIC2dOKwTzu1phgnWL4M7SDJecnXfUA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 332ms
11ms Script
application/javascript 104.16.78.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.78.142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: yFTRQFC1g6ZpuTIoktepwBCyrzt6F_8h
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 17
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16706/bundles/project.js&cfRay=89797b91af71a965-SYD
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 3364870e-20f2-4a3b-8d70-f0b99275859a
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3364870e-20f2-4a3b-8d70-f0b99275859a
last-modified: Fri, 21 Jun 2024 14:34:54 UTC
server: cloudflare
etag: W/"d5ed42fdc505d7812288ee600abec355"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-th2td
cf-ray: 89797bfe7feba807-SYD
x-amz-cf-id: KcYrjyUd8lFSnHhvezmtR2CVy9B5qMZwZ6KywZUom0TA5Nmx-deJbQ==
x-hs-target-asset: conversations-embed/static-1.16706/bundles/project.js

GET
H2 200 341979.js Show response
js.hs-analytics.net/analytics/1719030300000/ 68 KB
24 KB 705ms
387ms Script
text/javascript 104.17.175.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1719030300000/341979.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12a0adff1e747becb97843abe35079449a0503669f2676b1cc1071e605c551e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: ZQRNWAP3HXM1FCVS
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e40fc1bc-39c8-445f-afde-61d0348627fc
x-envoy-upstream-service-time: 19
x-amz-id-2: Dn+yo2ciotaQq2TlygJXzgdaM8biJNsPbxraDheCQtgTM9MClU8ju8Ika1zqQ93b+bart3Yc9Sg=
x-evy-trace-listener: listener_https
x-request-id: e40fc1bc-39c8-445f-afde-61d0348627fc
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 21 Jun 2024 21:00:07 GMT
server: cloudflare
etag: W/"ab7cc4f0ff9ee75037e3c846f8f4c601"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-zmwrp
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 89797bfe789fdfbd-SYD
expires: Sat, 22 Jun 2024 04:32:10 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 359ms
38ms Script
application/javascript 104.18.140.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.140.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
age: 23274
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=897743c56b47a883-SYD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3a023020-2ff3-43f8-9183-2a68004c41a9
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 42
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3a023020-2ff3-43f8-9183-2a68004c41a9
last-modified: Thu, 30 May 2024 10:22:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray: 89797bfe7fe0a93b-SYD
x-amz-cf-id: jGEpnBJCZm951ZtCiM47Wpnm7ywJYAyuei-Ph_K-VfrKbEdZQ9epSA==

GET
H2 200 341979.js Show response
js.hs-banner.com/ 64 KB
19 KB 573ms
256ms Script
text/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/341979.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42aae2fedb7d28450f675df260a414800b1edb4a07746f5b06ca7402b45c62d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: JoLp8dnSdKx8T6sgcYIr6h4YJgD4ueJg
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: VT8XP9K0WBYTWQ1P
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6bbb3b78-7a89-495f-91c5-d3aac9b0fe9e
x-envoy-upstream-service-time: 22
x-amz-id-2: Fvv92Bp08Y4r/zHU6TB52y5U8Pb4GZsdi8PI6qOP/iIgLavG7EGXVJZR9mHkMecm0rDJoHb8ejpIqUhcWay2YgEc2I1mSo30
x-evy-trace-listener: listener_https
x-request-id: 6bbb3b78-7a89-495f-91c5-d3aac9b0fe9e
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 20 May 2024 14:39:21 GMT
server: cloudflare
etag: W/"16ba22fe5a5c02e7fcbde59df22cae99"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 89797bfe6ae8aae3-SYD
expires: Sat, 22 Jun 2024 04:32:10 GMT

GET
H2 200 12001bd.js Show response
www.bitdefender.com.au/blog/_nuxt/ 16 KB
6 KB 20ms
20ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/12001bd.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795ab11cff58833e2c762b04466095173cc064a0267697713e8743c42edb5ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235050
etag: W/"3fa5-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bfcaaeaa938-SYD

GET
H2 200 15b3e8a.js Show response
www.bitdefender.com.au/blog/_nuxt/ 36 KB
11 KB 23ms
23ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/15b3e8a.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de2ad928eac17e56b9f314967d5362eb222e65b4ec32c419c444dc1841d9ac68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235050
etag: W/"90ec-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bfcaaeba938-SYD

GET
H3 200 image-png-Nov-07-2023-09-05-01-8615-PM.png
businessresources.bitdefender.com/hubfs/ 471 KB
472 KB 45ms
44ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/image-png-Nov-07-2023-09-05-01-8615-PM.png

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b550b03b688b2f4a310525cb12c7b0e5097968f9c8850b6cf7698c7027b904d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-144382387037,P-341979,FLS-ALL
age: 106052
x-amz-request-id: SB1TRJQVJQ9E4VCA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-144382387037,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="image-png-Nov-07-2023-09-05-01-8615-PM.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "b8e8f240291371fd95e67c69f3b14f51"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699391101861
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 cb712125c0a106eae5fd0f1f475a2270.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P3ZToaxEfmn1VvFFe20q_zCK9VpxMB26
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=870704
x-cache: Miss from cloudfront
cache-tag: F-144382387037,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 482086
x-amz-id-2: JRWghvd3qTNa2AdqnK2G7hlgbR10HacNtFYO7j5LgdKsM/OeihTsLVV5Ea43JQlGjwjWWl1MTV4=
last-modified: Tue, 07 Nov 2023 21:05:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJkqdcCKO5CM7GJ1PX5IHOIZqR6a360ly1OF%2FmFO%2FRAmwtMtCO9tCYms%2FXC2E1z3Jx7JIwLAZkvkhxPn5Y3cecNxe%2BUL5LkcjzqVs6bj3HnlCJE7cWU%2F%2FHro%2F80ZIrupEzRGPYv1o%2BRwLU6QEManG1fyXA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bfcf811a80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: r2_EcfnPkzUFPyGq2HrvP74_8H_1dm34LON8aQ66tzMONDuvkm0s2w==

GET
H2 200 / Show response
www.bitdefender.com/site/Main/TagIT/getparams/ 53 B
226 B 389ms
388ms Script
application/javascript 172.64.147.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/site/Main/TagIT/getparams/?callback=TagIT_getParams_callback&callback2=&l=en&ch=1719030432

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.169 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f4a3188e5bd3946bc65cba66db7f0400a6c149acc208b4b46640af86858f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP="NOI ADM DEV COM NAV OUR STP"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 89797bfd0d715c05-SYD
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/ 26 KB
9 KB 351ms
36ms Script
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe13fe0388b45529b8c11007bfc3c4c42e9888a95987a9d2d9165ff61051ca41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 57684
content-md5: 3ZTWH6GMA8w/57XsT8+IAw==
content-length: 8745
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 12:15:09 GMT
server: cloudflare
etag: 0x8DC80A226786113
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c92c494d-001e-000b-188b-b2591d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89797bff2e905c09-SYD
expires: Sun, 23 Jun 2024 04:27:10 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 460 B
967 B 181ms
163ms XHR
application/json 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=KwSda5imnkvOJSjeABR2uSSyEJq5IADxsKfkTanK&page=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&referrer=&page_title=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&src=adobelaunch
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-54.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 0c6360095b095e0aeea120f1581a49652ffe0e3ab0c55164684677064a12124f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: f3517205-800a-4dbe-9332-7fd93eb54977
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: levh2Jows_eIBygj5PBhV_7eF2j5rpomLtTXs8hww57MQzrJL4Pslg==
expires: Fri, 21 Jun 2024 04:27:10 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/embed/ 482 KB
156 KB 40ms
16ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/693ed4e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 569
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=89796e120bc15d35-SYD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Sat, 22 Jun 2024 04:27:10 GMT
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: c767df43-ec10-4046-b69f-64f32fa9acdd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: c767df43-ec10-4046-b69f-64f32fa9acdd
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuR1qPyrlripBvk241SBrZ1K7kmHyw%2BynPPAXuE59IAvQ1w0dIOUnE%2BruB%2FFewB%2FnVXAB7ZJf%2BEjTPKNi4AKUtzgNsLQ3pcXAx%2FgoBXvUMlH9LPwO7zh36GnY6cnWQvu"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-x8whk
cf-ray: 89797bfdad0faadb-SYD
x-amz-cf-id: 4Ux50g_Dl2EAWzfrblp43lTgMqsn_ogDZ6FzM3Lrf5xvJsjpDz5HMw==

GET
H2 200 / Show response
geolocation-db.com/json/ 153 B
263 B 1366ms
524ms Fetch
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/0475f83.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dac4d96ffcb8d25857f216825e332e81efe07642532657ba6daaf33cefc2900a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 528ms
116ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

72bc932cbb9cd002706ea99c1883d1d6c3eb38f4dedb5f84d951b31429ab9521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 79692
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 04:27:10 GMT

GET
H3 200 IMG_6622.jpg
businessresources.bitdefender.com/hubfs/ 183 KB
184 KB 46ms
45ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/IMG_6622.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3d0e01677feadbc19d661d9910328561fa9b3fbc0427d4b17906adb7cc8471

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-103881847921,P-341979,FLS-ALL
age: 503965
x-amz-request-id: 7PQPYGHAG5RWGEKT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-103881847921,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="IMG_6622.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "25d8f84d74318c9b21c0eb13090142fd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1677187455379
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 75109f22d44404e68915a641fc09f102.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G8j4q1.PKdffk_HnCG8BwBfMPLFJEg6y
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=644891
x-cache: RefreshHit from cloudfront
cache-tag: F-103881847921,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 187074
x-amz-id-2: +L/oXB/F8KAzKUTTDfmJEe85RrwiGek9ZLr+9unKkQAlCCASUMiJZLk4T0ESLrczmeDFbmgq0V4=
last-modified: Thu, 23 Feb 2023 21:24:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J71HPoi1Cm%2FXdk9NNNRDR8Atoa0hgtLg%2FGwGs8e%2BNlOM4y%2FG8t3j3r1Ca35a%2F3CpzR8RY%2B7KyqghhEBFWl05tNJWREgPAKTjOi%2Bgr3SNRnxtQ87B7I7A6woX6twqAeU%2FSo2OaVmKJDoxj%2FZHP%2B470OhIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bfdc8c7a80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: C9jxGbL_uzylLg9dijJmWI2Vl9XzLcPB2mylObOAvjVsZv5PwrIC2A==

GET
H3 200 pexels-cottonbro-studio-5483064.jpg
businessresources.bitdefender.com/hubfs/ 757 KB
759 KB 58ms
56ms Image
image/jpeg 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/pexels-cottonbro-studio-5483064.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f98201416864cc4b68732366a13b61a9fca087a2ed0e1ec8c657b89ad1b9fdb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-149184068928,P-341979,FLS-ALL
age: 751956
x-amz-request-id: J7VGB5NMBCZJHKW7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-149184068928,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "5fb71b6301b9b55d579b7ceced535108"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1702064322912
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 f21e2ffc4473de4703e807b6f2df3d0e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3NbTNETsHUoSCPjkM7rVO9Bl5C6uWei5
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: origSize=778468, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-149184068928,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 775306
x-amz-id-2: G/qixM3RCpawYDcik6FrGTTeWdUVGPxxfGh0HNdIyAIe9BZhOLXR+RSZqXgbWJiTgbEXC/w/fg8=
last-modified: Fri, 08 Dec 2023 19:38:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XF3t9hI%2BvRjrAXelgnarNHkb0t238Xr9qaQ88NE8Sh4hUQU%2FgdHP4XcyyTQXEgVO5Hx9Yj63VXBeNCaxnlsgN%2B05rSOpGpNWwNs29EmmWsck5SJYaJeUHwxeN9VF9c3CCbHBcHeNO6mc0s%2B%2B%2FtogT5vdw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bfdc8c9a80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: cqA2Ze8nwssUOfuZuGDeE8gFmVEMJCH8ej8GXkzz9buTOhol7VnANQ==

GET
H3 200 BSG_Survey_Blog-2.jpg
businessresources.bitdefender.com/hubfs/ 77 KB
78 KB 43ms
42ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/BSG_Survey_Blog-2.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ad847e598b98652e25e9a59e9ae0d3bc134007579a9caeec0c1dcd7eb48447

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-108351114338,P-341979,FLS-ALL
age: 573743
x-amz-request-id: G3MJM4TX9A3M9W6M
x-amz-server-side-encryption: AES256
edge-cache-tag: F-108351114338,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="BSG_Survey_Blog-2.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "e598f8d5225078d68205e5a23608b784"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679947808530
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 c8c3180933886633be93f042334d6e12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: S_A1jeZpirBC0cjx2E_a209LvlKEO0pn
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=512083
x-cache: RefreshHit from cloudfront
cache-tag: F-108351114338,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 78784
x-amz-id-2: visovcbs/DnYSsejvyVtD7dhWW5fNWQ7L08dL9M2TBNlk8q1I/UAG2yXLKiuFPhHsOhG3PIgPmk=
last-modified: Mon, 27 Mar 2023 20:10:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxNg7WzU5Tgh2f9hO96dhQHk8%2FkYCxcEq98CISMWylek8N4j3OeyeqcMg8z7QMrTAl3YzBToJiJRk5%2FHDl1FIbR2QDvhmhqfzrlQv5q%2BIAJ%2FSLHAVB1%2BZABSlzn3mLZKj3YutZC05kHykjxllzEPKwR7Og%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bfdc8caa80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: iwDwlwvzD2tjqwPCFljbNLESzK_iD0CFL_oz3TPzHI5YTUIWyTVkvQ==

GET
H3 200 3CX.jpg
businessresources.bitdefender.com/hubfs/ 62 KB
64 KB 48ms
47ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/3CX.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

159453401c68cee218a8af0d1864ac09ade311641d6b6022e01004a9fa164dd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109048266260,P-341979,FLS-ALL
age: 502950
x-amz-request-id: B6KBSTM8Z95C8TFA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109048266260,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="3CX.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "77dd89e158431efbfab92c9d3e205d51"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680282819012
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 18225112e7d56a947f23d8abfccd5d3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: E6ikASKr0QNzMUC59LqqBIPz8IDHMHtU
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=446885
x-cache: RefreshHit from cloudfront
cache-tag: F-109048266260,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 63858
x-amz-id-2: oo8OGcr86tj/MNTpiXIIIoe+HQoXD6FTEabHXPIFcQF+KAZAVds8v5K+hCLx7Bb68AfaRpJrRE7awtSLV62ImUz6qIKB7ygC
last-modified: Fri, 31 Mar 2023 17:13:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Re8bYhh1xhkhEty69anOwoeHrtJ6FQMsGkGmmF2AZpstpbdSAZ%2BY4pDvVXaGRVdA4Z8lLhSkwSogjPg8Xh8KzEs2ZdBtLxVWPLQLn7IZ%2FlKNKnpkf2frdDDxT7qjADE2hmPfmNJeSGgqgweLmgW6DO3dYw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bfdc8cba80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZWJyEgop0gciAI3At0ImxWMgP_zCptuYLrbDz8WLUfCGb-xnFYAaJQ==

GET
H3 200 US_CyberStrategy_Josue.jpg
businessresources.bitdefender.com/hubfs/ 23 KB
25 KB 50ms
49ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/US_CyberStrategy_Josue.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aed280416005df8902253b020bbf3a7a47fc8ffc9a4e6764c11ec96c2079ef3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-105637398372,P-341979,FLS-ALL
age: 751956
x-amz-request-id: AYPBD3XKRZC91CDY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105637398372,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="US_CyberStrategy_Josue.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "83cbcac3ab5544154a404db9b840e4ef"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678298540243
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 5ec31a807b3a12da1cd448f2e2805d3a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: S61E9Tsgo5K3grpbyUOdN3N78FXMFL0G
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=273354
x-cache: RefreshHit from cloudfront
cache-tag: F-105637398372,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 23906
x-amz-id-2: vA21JHnmfnNC8bqxyif0FovXP5MuPRP7gBEzVSgnr48/zvVh1ygryz574xPVVmFZ3ILcoi/Lhv8ykjKTYMCUqw==
last-modified: Wed, 08 Mar 2023 18:02:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I61hbmYAc2rrqVtEmAiePwsA1mi1XWknB%2Fa%2FFSCVVLxn6M4rAbPgELeorEVimSn1MNxNdgSfFP4HJygw4yeWVKHVSptWvFMcvU%2FtLBKa%2BdHAGB51HpVyUxgBYLjy5tfVM80oULfjnV0AQn9nCvi%2F3d8W8w%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 89797bfdc8cda80e-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 0QHOvtr5uMN_XQeyh1GPe-5Ye5z_S0lutqEGZUgnBSZnBNfhtjMuBA==

GET
H2 200 cf43f35.css
www.bitdefender.com.au/blog/_nuxt/css/ 279 B
230 B 31ms
31ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/cf43f35.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2069e4f379291c013b2ac6b33c3770c98737524f80ccdfca1ea8586169622e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1273825
etag: W/"117-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bfdec64a938-SYD

GET
H2 200 c5e617e.js Show response
www.bitdefender.com.au/blog/_nuxt/ 53 KB
14 KB 23ms
23ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/c5e617e.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

781149055514a774421f07052fd07260e43da76fd632f25d89a5630d563da011

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 234274
etag: W/"d3cb-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bfdec66a938-SYD

GET
H2 200 b8b5ed9.css
www.bitdefender.com.au/blog/_nuxt/css/ 106 B
180 B 24ms
23ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/b8b5ed9.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2207e1dfdac97cdf65dce070c145d2f8251b726777b5073bb79308e69e1a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1273825
etag: W/"6a-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bfdec68a938-SYD

GET
H2 200 642c7b6.js Show response
www.bitdefender.com.au/blog/_nuxt/ 45 KB
12 KB 37ms
36ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/642c7b6.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/becf6ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dca5c1b15584926c9f9549101752bf572e7fdcda47e1b2bf3c181372a5cb0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:14 GMT
server: cloudflare
cf-cache-status: HIT
age: 235048
etag: W/"b204-190302a4150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89797bfdec6aa938-SYD

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/341979/6296aa14-482c-4e42-9095-8e693b5f4caa/ 19 KB
5 KB 259ms
244ms XHR
application/json 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/341979/6296aa14-482c-4e42-9095-8e693b5f4caa/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef329b35c4d5c9b2a7c7411a47b5554462dbc88349d1635d383df952c3854527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 64a42d0a-daae-4908-b52f-1dcf3f336e70
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 64a42d0a-daae-4908-b52f-1dcf3f336e70
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 89797bfe2b00a95c-SYD
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-z6zvr

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
1 KB 241ms
241ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=341979&conversations-embed=static-1.16706&mobile=false&messagesUtk=dd9bec49dfbb46c49e654fc40db2de0c&traceId=dd9bec49dfbb46c49e654fc40db2de0c

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26decf869d35389aee658f487ff614dabb9078b6e4fefa92c72379390aea58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a018d183-1652-4a2a-930b-e849e0c5add7
x-envoy-upstream-service-time: 8
content-length: 267
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a018d183-1652-4a2a-930b-e849e0c5add7
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-862tq
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBELiltWuGQ%2F9ZeAlQJhZNdd8cxvBeJkhJxmcMeHXuxssASIayy02sAaqG%2Ftg25vD1fxC3Rlqorf2cAkF%2B3idfjZFdiOz9knq5Z7iQf6%2B%2BBc83aZNerTMbSI4RS%2BPLpubQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89797c005d58a943-SYD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 242ms
236ms Preflight
text/plain 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.bitdefender.com.au
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 89797bfedc0da943-SYD
content-length: 18
content-type: text/plain; charset=utf-8
date: Sat, 22 Jun 2024 04:27:10 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGEeus9oVWV2uwtbaeJcC%2BRhxd2OcLV2qOxE%2Bg9ZyNRuMwqwU5RjiO0MSGitn%2BKt3PLGvyKNBd6LXHDfK4A1%2FMq8FsguIUNZqXZmd1kLVnXUSsfvuRDTPqZqt%2FjHnWZG1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-qhbv4
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 42df6676-0965-43c7-8d16-c0e68a0bea66
x-request-id: 42df6676-0965-43c7-8d16-c0e68a0bea66

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
884 B 243ms
227ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e7602cb1-3fac-4118-b01a-4d268861051e
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e7602cb1-3fac-4118-b01a-4d268861051e
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-fw6vv
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 89797c001a82a7fc-SYD

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 462ms
105ms Stylesheet
text/css 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 03:20:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jun 2024 04:27:11 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 210ms
106ms Script
text/javascript 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_ee46cf42_0303_4eb7_b9d2_bf0543c649dd&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f4.1e100.net

Software

GSE /

Resource Hash

5371bf46e46a9cb4d28be3be42997ccf1e5057b188958a706834dbadcdc462eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 22 Jun 2024 04:27:10 GMT

GET
H2 200 e20c9587-7d17-4f35-85f7-38c1eb9c3478.json Show response
cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/ 7 KB
3 KB 343ms
35ms XHR
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/e20c9587-7d17-4f35-85f7-38c1eb9c3478.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c23ed876dffc288ff16cfb9fb7b3a83364285a813a571e14c2226370efdb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 29219
content-md5: 5E95aJztTrRC6nbvQwl4HA==
content-length: 2005
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 12:15:09 GMT
server: cloudflare
etag: 0x8DC80A22632D7AF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d3cf9483-001e-0000-6a8b-b24169000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89797c04295ea94f-SYD
expires: Sun, 23 Jun 2024 04:27:11 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
539 B 227ms
226ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f51d7c0b-2d7e-4924-a896-1c6e956348b8
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f51d7c0b-2d7e-4924-a896-1c6e956348b8
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 89797c025cd9a7fc-SYD

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 186 B
1 KB 578ms
261ms XHR
application/json 104.18.244.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=341979

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.244.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc0d1858bc1e2eab3856936743cda081ee0cf36b11db4b6aa8e52ef7e287d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 70aa3bf5-4754-42b5-8618-fd92d0285ca5
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 70aa3bf5-4754-42b5-8618-fd92d0285ca5
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-jz4bg
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YLClfipq8zlTlcuB%2BnpWtid%2FNg3h3AfNWKQLE6LNIJ11zOYrDJljdf0ov0YuWXt54pvlnyduKAE7%2BDkOKCYBD3OzkODEvhfdaxtULiBWfp%2F86EgBlvbGUHosKi72eR7"}],"group":"cf-nel","max_age":604800}
cf-ray: 89797c044db0572c-SYD
access-control-allow-headers: *

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 241ms
236ms Fetch
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=341979&currentUrl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 59c3e161-efa7-44d1-a0b6-130b1cf39457
content-encoding: br
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 59c3e161-efa7-44d1-a0b6-130b1cf39457
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V5EBWQg1%2Fw8u0%2F%2BOy5W1ZazXxq9JLZnVY6%2F%2Bw%2FR651eTQBa2K%2FW03YbeTH%2BwSbnw2vJVU6xCDcEaYpnzNWaOO5TZPRkP1MS406HCveSKSTt1cbb3aX8qBVvKNTcuy9nLToCx%2BkmO8%2FmzSCzF6MQ%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 89797c026f98a943-SYD
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-fw6vv

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 517 KB
205 KB 405ms
3ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_ee46cf42_0303_4eb7_b9d2_bf0543c649dd&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209238
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 17:14:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 121ms
120ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D4JK29RRG4&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

acb46b58cae0ce0ee0754a4cb5de6906cd77ab82e23e12c3d8a5b5315a300c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104039
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Sat, 22 Jun 2024 04:27:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
105 KB 220ms
219ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7445d1d100b66fd8e5d91871d05c3cca4f3955551136e13596413ef5c598a4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Sat, 22 Jun 2024 04:27:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 208ms
207ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

19ed9f5421db4f8e3711b9e3a9b6caa4c9d17f8e035624542b251df9e8fe7f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 93149
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 04:27:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 419ms
8ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 15:43:02 GMT
x-content-type-options: nosniff
age: 564249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Jun 2025 15:43:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 417ms
7ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:52:06 GMT
x-content-type-options: nosniff
age: 9305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 01:52:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 416ms
6ms Font
font/woff2 142.250.66.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:42 GMT
x-content-type-options: nosniff
age: 96569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Jun 2025 01:37:42 GMT

GET
H2 200 rules.json Show response
assets.adobetarget.com/bitdefender/production/v1/ 373 KB
31 KB 391ms
10ms Fetch
application/json 104.68.24.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobetarget.com/bitdefender/production/v1/rules.json
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.24.142 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-24-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9cb4eab4bada7c1acc0e15585f6c8207d7ea4630985d54dd18f6655c15ba5982

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8c7V987ZRvj_odJMENHT0b4ikEaaRKMT
content-encoding: gzip
date: Sat, 22 Jun 2024 04:27:11 GMT
x-amz-request-id: E2EZTVN65MZ7XSKN
x-geo-region-code: NSW
x-amz-server-side-encryption: AES256
x-geo-country-code: AU
x-amz-replication-status: COMPLETED
x-geo-longitude: 151.22
content-length: 31202
x-amz-id-2: KDS2Jd1CrWi1klOubm5KMqDvVBNLgKhSPAvYRTgz41kzHXmdBe4KJ8GvUw5t1LV6WPd2qtJepoqnFyjaOMVAHLbp3fyVZ/L5PUjkt7nzGf8=
last-modified: Thu, 20 Jun 2024 13:23:07 GMT
server: AmazonS3
etag: "95c9713a93af9346907d42a9a682f521"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-geo-country-code, x-geo-region-code, x-geo-city, x-geo-latitude, x-geo-longitude
cache-control: max-age=25
x-geo-city: SYDNEY
x-geo-latitude: -33.88
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 dest5.html
bitdefender.demdex.net/ Frame 4367 0
0 643ms
206ms Document
text/html 34.193.29.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bitdefender.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.193.29.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-29-58.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 22 Jun 2024 04:27:11 GMT
dcs: dcs-prod-va6-2-v060-01f6a99ee.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 9 May 2024 12:26:56 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: O4jBUDrxTkk=

GET
H2 200 id Show response
sstats.bitdefender.com/ 48 B
466 B 29ms
8ms XHR
application/x-javascript 63.140.56.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.bitdefender.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&mid=69591376881043202701386355117336834034&ts=1719030431297

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.56.170 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-56-170.data.adobedc.net

Software

jag /

Resource Hash

7e19a12748e74eb478a6b8e4689bc1df9ec27c0ab4e9b6ee86e6a5a3758f3b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZnZSnwAAAKLfDAM8
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=69610708570727587291383785313946623285
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnZSnwAAAKLfDAM8

42 B
716 B

208ms
208ms

Image
image/gif

44.212.234.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnZSnwAAAKLfDAM8

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

44.212.234.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-212-234-98.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v060-03ff23df4.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: bbiYt4nmSvY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZnZSnwAAAKLfDAM8
Date: Sat, 22 Jun 2024 04:27:11 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
starget.bitdefender.com/rest/v1/ 354 B
850 B 672ms
222ms XHR
application/json 63.140.38.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=babc2d08b72b46598a8ea560380f154e&version=2.11.4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.189 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-189.data.adobedc.net

Software

jag /

Resource Hash

3204d4cf57b29ed2d7aa10ab08fbaadc8f0538c865cc1d434e6ffc3601e3308e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: e68532c8-a6ef-4d9a-b10c-15ea88bd43fc

GET
H2 200 s91317189548730
sstats.bitdefender.com/b/ss/bitdefenderproduction/1/JS-2.26.0-LDQM/ 43 B
201 B 5ms
5ms Image
image/gif 63.140.56.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sstats.bitdefender.com/b/ss/bitdefenderproduction/1/JS-2.26.0-LDQM/s91317189548730?AQB=1&ndh=1&pf=1&t=22%2F5%2F2024%2012%3A27%3A11%206%20-480&sdid=57200A331C61F7B9-5F323ADFE06D235F&mid=69591376881043202701386355117336834034&aamlh=7&ce=UTF-8&pageName=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&g=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&c.&inList=3.0&apl=4.0&getPercentPageViewed=5.0.2&handlePPVevents=n%2Fa&p_fo=3.0&.c&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&ch=blog&server=www.bitdefender.com.au&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=businessinsights&v1=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&c2=enterprise-security&c3=hive-ransomwares-offspring-hunters-international-takes-the-stage&v3=D%3Dc8&c4=production&v4=D%3Dc9&c5=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&v6=D%3Dc6&c7=en&v7=D%3Dc7&c8=22%2F6%2F2024&c9=12%3A27%7C12%3A00-12%3A59%7Csaturday%7Cgmt%20%2B8&c12=undefined&c13=highestPercentViewed%3D%20%7C%20initialPercentViewed%3D%20%7C%20foldsSeen%3D%20%7C%20foldsAvailable%3D&v92=D%3Dc5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.56.170 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-56-170.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 23 Jun 2024 04:27:11 GMT
server: jag
etag: 3691589741511049216-4618550970181643124
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21 Jun 2024 04:27:11 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
581 B 235ms
230ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8fa5f628-e4be-45ba-a1b5-3618084d0d0c
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8fa5f628-e4be-45ba-a1b5-3618084d0d0c
last-modified: Sat, 22 Jun 2024 04:27:11 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-n485z
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 89797c03eeaea7fc-SYD

GET
H2 200 domaingroupcheck Show response
cookies-data.onetrust.io/bannersdk/v1/ 16 B
84 B 35ms
35ms XHR
application/json 172.64.155.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469ab758cfe6a8ac93cda5872ca28655f6f874a2f6cceafa710fc01f52fc787d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
location: cdn.cookielaw.org
Referer: https://www.bitdefender.com.au/
url: www.bitdefender.com.au
domainId: e20c9587-7d17-4f35-85f7-38c1eb9c3478
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 89797c067f91a86a-SYD
access-control-allow-headers: Content-Type
content-length: 16

OPTIONS
H2 200 domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ Frame 0
0 332ms
14ms Preflight
application/json 172.64.155.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: domainid,location,url
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-ray: 89797c066f55a86a-SYD
content-length: 0
content-type: application/json
date: Sat, 22 Jun 2024 04:27:11 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 77 B
315 B 334ms
19ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 89797c08b9f7a953-SYD
access-control-allow-headers: Content-Type

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 316ms
3ms Script
application/javascript 23.32.5.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.5.109 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-32-5-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:47:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=60968
accept-ranges: bytes
content-length: 14004

GET
H3

200

dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=1172748687.1719030432;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-...
https://ad.doubleclick.net/activity;dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=1172748687.1719030432;u2=https%3A%2F%2Fwww.bitdefender.com.au...
https://adservice.google.com/ddm/fls/z/dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusines...

42 B
63 B

240ms
140ms

Image
image/gif

142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=932244923;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CJ_ch7Kv7oYDFcnwFgUd3G0diQ;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=932244923;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;register_conversion=1;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=1172748687.1719030432;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ranso...
ad.doubleclick.net/ 0
24 B 249ms
149ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=5165113;type=na-c;cat=allpages;ord=3774287146891;npa=0;auiddc=1172748687.1719030432;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=932244923;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F?

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11174734921249443208"}],"aggregatable_trigger_data":[{"filters":[{"14":["2831056"]}],"key_piece":"0xeccec0ecd23e2ab0","source_keys":["12","13","14","15","16","17","18","19","20","21","628479444","628479445","628479446","628479447","628490980","628490981","628490982","628490983","628496680","628496681","628496682","628496683","628738860","628738861","628738862","628738863","628782028","628782029","628782030","628782031","628893860","628893861","628893862","628893863","634755164","634755165","634755166","634755167","634761816","634761817","634761818","634761819"]},{"key_piece":"0x32d78366b2bd6e4c","not_filters":{"14":["2831056"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628479444","628479445","628479446","628479447","628490980","628490981","628490982","628490983","628496680","628496681","628496682","628496683","628738860","628738861","628738862","628738863","628782028","628782029","628782030","628782031","628893860","628893861","628893862","628893863","634755164","634755165","634755166","634755167","634761816","634761817","634761818","634761819"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628479444":34,"628479445":34,"628479446":34,"628479447":3345,"628490980":46,"628490981":46,"628490982":46,"628490983":4540,"628496680":32,"628496681":32,"628496682":32,"628496683":3177,"628738860":32,"628738861":32,"628738862":32,"628738863":3177,"628782028":32,"628782029":32,"628782030":32,"628782031":3177,"628893860":32,"628893861":32,"628893862":32,"628893863":3177,"634755164":36,"634755165":36,"634755166":36,"634755167":3530,"634761816":34,"634761817":34,"634761818":34,"634761819":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"2118193123606197766","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11174734921249443208","filters":[{"14":["2831056"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11174734921249443208","filters":[{"14":["2831056"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11174734921249443208","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11174734921249443208","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["5165113"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1854795500.1719030432&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hun...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1854795500.1719030432&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-...

42 B
65 B

200ms
101ms

Ping
image/gif

172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1854795500.1719030432&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=1172748687.1719030432&frm=0

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1854795500.1719030432&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=1172748687.1719030432&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 322D 0
0 215ms
114ms Document
text/html 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuYml0ZGVmZW5kZXIuY29tLmF1OjQ0Mw..&hl=en&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&badge=inline&cb=hsa64w1gc2wa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s3wESPTpw9OT2XynXWdYQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s3wESPTpw9OT2XynXWdYQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 04:27:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/ 450 KB
109 KB 14ms
13ms Script
application/javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1efbc0b6cbcc4cd357af84f294673258064a1d7cd74dcbd46c49d4a06fddcb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pbkzFb84/2JLGlYwK3wr3Q==
age: 65900
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 111556
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:19 GMT
server: cloudflare
etag: 0x8DC89E03EC9A159
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8e41ddfa-f01e-0051-348e-bc5f9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89797c08d8545c09-SYD

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 543ms
191ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FB9B3888B65A4025AE20E839A37CC80F Ref B: SYD03EDGE0913 Ref C: 2024-06-22T04:27:12Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbcvZKyG60XknVOHqBUg==
x-fs-uuid: 00061b72f64ac86eb45e49d5387a8152

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-ta...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-ta...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D359890%26time%3D1719030432139%26url%3Dhttps%253A%252F%252Fwww.bitdefender.com.au%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-ta...

0
178 B

222ms
222ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true&liSync=true
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E9199D7F554F44F497540E6839CD6F0D Ref B: SYD03EDGE2016 Ref C: 2024-06-22T04:27:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbcvZbYCjEMIrDqGGftQ==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 04:27:12 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYbcvZX9PjnvTOkKo51mw==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 031402CC17494A28916FFA41F758737F Ref B: SYD03EDGE2016 Ref C: 2024-06-22T04:27:13Z
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719030432139&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/018f0b3a-ce81-74b0-b8c3-084a25974ad4/ 130 KB
27 KB 26ms
26ms Fetch
application/x-javascript 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/018f0b3a-ce81-74b0-b8c3-084a25974ad4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e086eb01f206971454c351b5a75ad5c0fe691bc1ee6796691812bf90796780f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 56170
content-md5: ZXTWoQ5UsRsFIahqgi/9Qw==
content-length: 27907
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 12:15:51 GMT
server: cloudflare
etag: 0x8DC80A23F9A1064
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c95d8b99-001e-0066-6e8b-b2f333000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 89797c090e9ea94f-SYD
expires: Sun, 23 Jun 2024 04:27:12 GMT

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 24 KB
4 KB 14ms
14ms Fetch
text/css 104.19.177.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.177.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 9eusssrwoAzVOVsIadvhfQ==
age: 56169
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d81c273f-801e-0011-5ffa-bb7672000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 89797c095ed4a94f-SYD

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 29ms
2ms Script
application/x-javascript 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E78A) /

Resource Hash

568fab9461aa2db7d46ebe579172321147272063db4ac8f85e2c7b3c1e9cfbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 20 Jun 2024 18:44:29 GMT
server: ECS (nwa/E78A)
age: 25527
etag: "589c29e241c3da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 RCedebf5fbc0cd4a1281ee85acef62b538-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 870 B
754 B 3ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RCedebf5fbc0cd4a1281ee85acef62b538-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7eba0a323a7b7b65aa07526d2c2ed096f4632babb1afc1b6c6dd91d9cf66700

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 492
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 hotjar-51807.js Show response
static.hotjar.com/c/ 9 KB
4 KB 18ms
5ms Script
application/javascript 108.158.32.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-51807.js?sv=6

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-82.syd3.r.cloudfront.net

Software

Resource Hash

fd4d2ccb8c727b1cd70b5f3e728519c255bf484fb75d2c7bf01c989a78880e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 04:27:12 GMT
via: 1.1 9fe9a459a2b2b8935dc7f533182681dc.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
age: 31
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/880a23d0c42a4697d67a85c909543aeb
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: lh3yFlqN5aCCbTCxVmYhTmH7MKCx-ZAQKHL0y7ewNs7p3AF3FiS5BQ==

GET
H2 200 RC26e86b262da1468086096378c4a2e7b0-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 656 B
687 B 3ms
2ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC26e86b262da1468086096378c4a2e7b0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d0766ae65a129cd9249a3d42aae14c7f89e2dc4a2901cdf94cc9f48148fef61b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 425
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 460 B
966 B 301ms
300ms XHR
application/json 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=KwSda5imnkvOJSjeABR2uSSyEJq5IADxsKfkTanK&page=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&referrer=&page_title=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&src=adobelaunch
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-54.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 0c6360095b095e0aeea120f1581a49652ffe0e3ab0c55164684677064a12124f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: 27ee94b9-7e46-4907-8f92-267419b5ea86
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D7T5-2U0N3B_6m8jbNvmp9Ts50emJi4REeY5qROCY_CaBlEpParNKw==
expires: Fri, 21 Jun 2024 04:27:12 GMT

GET
H2 200 RCede6662f1aee40f1b292e93a62db8140-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 727 B
716 B 3ms
1ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RCede6662f1aee40f1b292e93a62db8140-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28eb9c0b3d685e85d474a74e5a2ebd4760387395231340f740c314d0a814eed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 454
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 RC40205af83a7e4c59bb460ec5b21d0f2a-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 690 B
697 B 4ms
2ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC40205af83a7e4c59bb460ec5b21d0f2a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: af0f090ffc58f4f04cdd42ee8f94cfdea962d3a1bbc0ed4bad1b201cb05979e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 435
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 476ms
132ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 22 Jun 2024 04:27:12 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 72C9FCC3985B48BCA572CD146215D166 Ref B: SYD03EDGE0808 Ref C: 2024-06-22T04:27:12Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 RC358d92de38324995be19c9638badbfee-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 684 B
688 B 4ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC358d92de38324995be19c9638badbfee-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 793137450e10df1f5246e33a2f76bd598fdf77181b81a0e90d55921a9d1c69ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 426
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 RC8dc6bc1852fb47f2b2d2ac5e58b4a255-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 488 B
555 B 4ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC8dc6bc1852fb47f2b2d2ac5e58b4a255-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 776929cec54d2f7732640c0f1e5a459c49289ce73bbfad95fe3c437f1f6f820d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 22 Jun 2024 05:27:12 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
569 B 424ms
183ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.bitdefender.com.au/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 18673835E22C49A0A572CB1B30984781 Ref B: SYD03EDGE2016 Ref C: 2024-06-22T04:27:12Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://www.bitdefender.com.au
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbcvZKr6vEEfnc1cyU4A==

GET
H2 200 A254030-1420-4f36-87b0-178a4806cb111.js Show response
d.impactradius-event.com/ 40 KB
16 KB 17ms
3ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A254030-1420-4f36-87b0-178a4806cb111.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e5434cf124c82209d101031a9fc9c601725244be89af5ea9d18cca4bb598362

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:26:55 GMT
content-encoding: gzip
age: 17
x-guploader-uploadid: ACJd0NqIMHPShhIitP3p8amdKhwX5bxR6EqHusSyiGBHb5ZsGW7mGR5SV0Qcg5DEBQsMfwAFBQeD-kAjwA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16204
last-modified: Tue, 18 Jun 2024 16:46:29 GMT
server: UploadServer
etag: "6455283e5974e63d0ba8591378374577"
vary: Accept-Encoding
x-goog-generation: 1718729189747987
x-goog-hash: crc32c=C7BXkw==, md5=ZFUoPll05j0LqFkTeDdFdw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 16204
accept-ranges: bytes
expires: Sat, 22 Jun 2024 04:31:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
60 KB 315ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

8762e051aae40d75a40ff473e9104f1217afba76a9a01867bf49d6c218bfd3b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 04:27:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 59450
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=15, mss=1317, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: hjzFwW0SrhxjGND1EC8Qv+fDqVrLdEXXTuajzWEI06Dfjx7Tr8FPPkZfTnk4xqaYiFbae+JjTVqH708qSa4TtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 27ms
1ms Script
application/javascript 151.101.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000023-IAD, cache-syd10155-SYD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 326ms
1ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 341979.js Show response
js.hs-scripts.com/ 3 KB
0 1ms
1ms Script
application/javascript 104.16.137.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/341979.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f01a50bfcac2d1883a05d012267686baf1184c0d89e3adfcf6ba67fead49c7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6d8fed41-f10e-4345-947c-fd132e0a8c27
x-envoy-upstream-service-time: 5
content-length: 699
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6d8fed41-f10e-4345-947c-fd132e0a8c27
last-modified: Sat, 22 Jun 2024 04:17:15 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-v4m8x
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 89797bf64c07aadd-SYD
expires: Sat, 22 Jun 2024 04:28:39 GMT

GET
H2 200 RC06a0c6e9db9741c29b3fc3cc1a6db966-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 529 B
597 B 5ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC06a0c6e9db9741c29b3fc3cc1a6db966-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eb9a859b4b75e248b087ead48d90e1112b8fd091224a827775a0ee86c16c2f5d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 335
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 RC9c55e9d2d0d14090b97413df1cbd84be-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 949 B
759 B 5ms
3ms Script
application/x-javascript 23.55.11.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC9c55e9d2d0d14090b97413df1cbd84be-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.11.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-55-11-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d364575db314b58cf31d2d40ea325401ebe36c9ec54b0afde4f188439534c9dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 497
expires: Sat, 22 Jun 2024 05:27:12 GMT

GET
H2 200 modules.ef112488b1de7ff5f962.js Show response
script.hotjar.com/ 223 KB
56 KB 15ms
2ms Script
application/javascript 18.67.93.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ef112488b1de7ff5f962.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-51807.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.93.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-93-120.syd62.r.cloudfront.net

Software

Resource Hash

4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 133564
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56326
last-modified: Thu, 20 Jun 2024 15:20:30 GMT
etag: "4bf3c968ca73f7170da42a1ae7ed463c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: T2ml55krv5vvgvLsl1n8Qe37EaUlyCbKSdre1eX2JHsit1LTb5C2Ew==

GET
H2 200 ee38c350.min.js Show response
tag.demandbase.com/ 80 KB
22 KB 19ms
3ms Script
application/javascript 18.67.110.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/ee38c350.min.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-80.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

36074aa57ab395dc8e9c99b10e435ac3ac636f7ebf034da481ba7ca475a979f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: sUfhprQVdcy6sjiaTBVLR8skCyhSeFxl
content-encoding: gzip
via: 1.1 428f5fd898b57c76263aa42c4277686a.cloudfront.net (CloudFront)
date: Sat, 22 Jun 2024 03:37:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: SYD62-P2
age: 2974
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 Jun 2024 18:03:03 GMT
server: AmazonS3
etag: W/"8b359abab87b9afbfa75b12c655e419e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: 3QOyixCTNzxzjbzAH4VDPJf_JDXnOKqcVjjnkyJhcyfAm4J6aMLGUg==

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/198DE47607F5EBDB/ 95 KB
23 KB 18ms
3ms Script
application/javascript 108.158.20.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/198DE47607F5EBDB/scarab-v2.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-64.syd62.r.cloudfront.net
Software: /
Resource Hash: 28cadabd6f2d70fe764730d4ec1ce97d1631d6fcf9c0bff198685ad8c0e4dd95

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 03:55:14 GMT
Content-Encoding: gzip
Via: 1.1 0853add243e6eac9b8f74b5c74814a3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SYD62-P3
Age: 1928
ETag: "7a742e16122b7773702df4f7471d9760--gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
X-Cache: Hit from cloudfront
Cache-Control: max-age=3600,public
Connection: keep-alive
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7idjljxje7nSpOd0FqlHEqt3MCe3jt6U9qvBHxv_fNzIf89Yf_PXYA==

GET
H2 200 ipv
cdn.bizible.com/ 43 B
304 B 3ms
1ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=afe40d9809724278cb5f6dd510a48be2&_biz_l=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&_biz_t=1719030432274&_biz_i=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&_biz_n=0&a=bitdefender.com&rnd=691432&cdn_o=a&_biz_z=1719030432275

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E792) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 21 Jun 2024 21:15:33 GMT
server: ECS (nwa/E792)
age: 25900
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
204 B 11ms
2ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=afe40d9809724278cb5f6dd510a48be2&_biz_l=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&_biz_t=1719030432278&_biz_i=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&a=bitdefender.com&rnd=449811&cdn_o=a&_biz_z=1719030432278

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E78C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 21 Jun 2024 21:15:32 GMT
server: ECS (nwa/E78C)
age: 25900
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
321 B 192ms
191ms Script
text/javascript 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=afe40d9809724278cb5f6dd510a48be2&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.20&a=bitdefender.com

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E789) /

Resource Hash

c53df5ea8340056caf7628466bad700a44db5126ecf57f491b6dea2b55327321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (nwa/E789)
etag: 9FD4563E
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 214

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 175ms
154ms Image
image/gif 117.18.232.195
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c6c67d88-9568-4f06-8d91-509f2106daf3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2892903c-0369-4774-b42f-e015014f331c&tw_document_href=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&tw_iframe_status=0&txn_id=o2afg&type=javascript&version=2.3.30

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.232.195 , Australia, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 146
date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=0
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: 14a29b2266abcf2d
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 57a3d4663366a0261711e5c62a2172c29e96159e4342dc2953542506cae20821
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 582ms
288ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c6c67d88-9568-4f06-8d91-509f2106daf3&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2892903c-0369-4774-b42f-e015014f331c&tw_document_href=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&tw_iframe_status=0&txn_id=o2afg&type=javascript&version=2.3.30

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 144
date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=631138519
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: d1d1ce4d1bc6d008
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: d5f1a439012e92fe46b058583a0d912447fb668a0d0cf5f2de5349c082b95f14
content-length: 43

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 1425ms
833ms XHR
application/json 52.210.44.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=51807&gzip=1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.44.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-44-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0a6c78f9e8df1e4b5ee988f792343de94f49652dfa381df0ccd90d16bf17c9f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 04:27:13 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H/1.1 200
OK wploader.js Show response
static.scarabresearch.com/wpjs/ 31 KB
11 KB 26ms
6ms Script
application/javascript 108.158.32.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wploader.js?ts=2842
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/198DE47607F5EBDB/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-67.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd823e8760f4762e83ae42ec9776261729cef7cec16254a21ee5e89f8575fe79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0x2awj0RR6rMetjUbRjcwNrSJvMtI_6a
Content-Encoding: gzip
Via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
Date: Sat, 22 Jun 2024 03:50:43 GMT
X-Amz-Cf-Pop: SYD3-P2
Age: 2190
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 May 2024 14:02:59 GMT
Server: AmazonS3
ETag: W/"551d83230352beb5a309b816116c6873"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: 5EQ2MRSGUl1z-OrFKWfUuhvhXMn6H4y8_iqae55ZVD9NNHd8tqWRbw==

GET
H2 200 sync
s.company-target.com/s/ Frame 2293 0
0 363ms
197ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/ee38c350.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Sat, 22 Jun 2024 04:27:12 GMT
via: 1.1 google

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 460 B
970 B 303ms
303ms XHR
application/json 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&page_title=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-54.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: cd4d3df5041882188dfc052a6980d097807697b7ce82fce8f30d50f6266f0009

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 3e61a2014e7d26249915c64513c0b4f2.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: ade4d9bd-a8ec-41f5-aa61-3719d1704c51
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -V8Vh5rGAY8UvCuo3rMR1uWcV7YSbL0pjUoljPHYq_ZHBpMLr1cXCQ==
expires: Fri, 21 Jun 2024 04:27:12 GMT

GET
H2 200 u
cdn.bizible.com/ 43 B
85 B 2ms
2ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=ecid&mapValue=0E920C0F53DA9E9B0A490D45%40AdobeOrg_69591376881043202701386355117336834034&_biz_u=afe40d9809724278cb5f6dd510a48be2&_biz_l=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&_biz_t=1719030432278&_biz_i=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&_biz_n=1&a=bitdefender.com&rnd=381814&cdn_o=a&_biz_z=1719030432430

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E78C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 21 Jun 2024 21:15:32 GMT
server: ECS (nwa/E78C)
age: 25900
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

POST
H2 204 collect
analytics.google.com/g/ 0
0 570ms
162ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D4JK29RRG4&gtm=45je46j0v876401340za200zb9171448788&_p=1719030430339&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=1832989221.1719030432&ul=en-au&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&uid=&sid=1719030431&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dt=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=true&ep.geoRegion=&ep.pageSubSection=businessinsights&ep.login_status=false&ep.source=&ep.medium=&ep.cid=&ep.page_name=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&ep.fingerprint=&ep.siteSection=blog&ep.pageSubSubSection=enterprise-security&tfd=6523&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4JK29RRG4&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 594ms
95ms Ping
text/plain 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D4JK29RRG4&cid=1832989221.1719030432&gtm=45je46j0v876401340za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4JK29RRG4&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1040562098/ 4 KB
2 KB 110ms
110ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040562098/?random=1719030431876&cv=11&fst=1719030431876&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9164188826za200zb9171448788&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&hn=www.googleadservices.com&frm=0&tiba=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&npa=0&us_privacy=1YNY&pscdl=noapi&auid=1172748687.1719030432&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=gtagDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

dadd584faf3939ac96460b59a5cb6c493e3205218f105c16467e9fce4b6a7099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 1564
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 205ms
104ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D4JK29RRG4&cid=1832989221.1719030432&gtm=45je46j0v876401340za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=42550694

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 531ms
163ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6M0GWNLLWF&gtm=45je46j0v869430580za200zb9171448788&_p=1719030430339&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=1832989221.1719030432&ecid=516127435&ul=en-au&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&uid=&sid=1719030431&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dt=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=true&ep.geoRegion=&ep.pageSubSection=businessinsights&ep.login_status=false&ep.source=&ep.medium=&ep.cid=&ep.page_name=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&ep.fingerprint=&ep.siteSection=blog&ep.pageSubSubSection=enterprise-security&tfd=6563&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 555ms
95ms Ping
text/plain 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6M0GWNLLWF&cid=1832989221.1719030432&gtm=45je46j0v869430580za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 202ms
104ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6M0GWNLLWF&cid=1832989221.1719030432&gtm=45je46j0v869430580za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=426033149

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wpes6.js Show response
static.scarabresearch.com/wpjs/ 102 KB
33 KB 3ms
2ms Script
application/javascript 108.158.32.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2842
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/198DE47607F5EBDB/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-67.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e916c5c4045dd8e2c17ee1ddce9dd9515c4125bc52280b39e07fb83780055c14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WShe2VjHG7xdZq.WOyX410QEaEqVAMzN
Content-Encoding: gzip
Via: 1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
Date: Sat, 22 Jun 2024 03:50:47 GMT
X-Amz-Cf-Pop: SYD3-P2
Age: 2186
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 May 2024 14:03:01 GMT
Server: AmazonS3
ETag: W/"075dffa80a8379a15df2704b81679ad7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: Te52JiN6unB2rIvw4beoyu1XnCO9FGv_VSvSGyAYEjPzm8o-O7Bacg==

GET
H3 200 /
www.google.com/pagead/1p-user-list/1040562098/ 42 B
64 B 104ms
103ms Image
image/gif 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1040562098/?random=1719030431876&cv=11&fst=1719028800000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9164188826za200zb9171448788&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&hn=www.googleadservices.com&frm=0&tiba=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&npa=0&us_privacy=1YNY&pscdl=noapi&auid=1172748687.1719030432&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLTmzyKTNTQUb-cvL_NScTzLEqUWputWvE_gCBSYoiAhQVheVD&random=3868453223&rmt_tld=0&ipr=y

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1040562098/ 42 B
64 B 106ms
105ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1040562098/?random=1719030431876&cv=11&fst=1719028800000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9164188826za200zb9171448788&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&hn=www.googleadservices.com&frm=0&tiba=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&npa=0&us_privacy=1YNY&pscdl=noapi&auid=1172748687.1719030432&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLTmzyKTNTQUb-cvL_NScTzLEqUWputWvE_gCBSYoiAhQVheVD&random=3868453223&rmt_tld=1&ipr=y

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:12 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 209580512574099 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 265ms
265ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/209580512574099?v=next&r=canary&domain=www.bitdefender.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C42%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C157%2C133%2C27%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a81a65ff14c4132ec1f430e83cb3742b9fae832d5e39d8ed77e44ac6ecc632d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 04:27:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=65, mss=1317, tbw=64962, tp=-1, tpl=-1, uplat=261, ullat=1
pragma: public
x-fb-debug: 8U3+m9uBmGMyUpu6sbQTIbPsyR1F9vX+cPdB1+ToDzqag/TIZ+LNPt8WHEwWYBt16xOq2jLfMZ7QmK9JOn5z1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_twxv2a69/ 3 B
124 B 14ms
3ms XHR
application/json 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_twxv2a69/config
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_twxv2a69_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 319ms
13ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_twxv2a69_telemetry
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 14ms
2ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1719030432610&id=t2_twxv2a69&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=7543ef7d-66e8-4a64-8b4b-4ffbf76fe6ac&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:12 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 5104414.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 141ms
141ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5104414.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8a6494ebcc1c54d6dca46f9d5319a8477def37a026b5ca1cb57ea1176a26845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 22 Jun 2024 04:27:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7F50DEE3A15487AA4CECA6C1D98E1C0 Ref B: SYD03EDGE0808 Ref C: 2024-06-22T04:27:12Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
362 B 145ms
145ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5104414&tm=al001&Ver=2&mid=2cefe48a-bc39-42ed-a068-ca1601f87b69&sid=b282d960304f11efa562c5348d50ec81&vid=b282f2c0304f11ef95a8618499712900&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&p=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&r=&lt=4263&pt=1719030425919,,,0,1101,1101,1101,1101,1101,1101,,1101,1536,1891,1541,4175,4262,4263,,,&pn=0,1&evt=pageLoad&sv=1&rn=786119

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jun 2024 04:27:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B7D0CDE699944FC907FA449C6953845 Ref B: SYD03EDGE0808 Ref C: 2024-06-22T04:27:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
418 B 1148ms
834ms XHR
text/html 18.67.93.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=-V8Vh5rGAY8UvCuo3rMR1uWcV7YSbL0pjUoljPHYq_ZHBpMLr1cXCQ==&api-version=v3
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-113.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Fri, 21 Jun 2024 18:29:03 GMT
via: 1.1 d9766b9925771288ecfcf1392328f114.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 35897
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: l0XRNmt46Oym498SbK3jn8uh8wquu-eGUj6LiRdn8yr-cni9tMF4Yg==

GET
H2 200 5104414 Show response
www.clarity.ms/tag/uet/ 826 B
1 KB 557ms
231ms Script
application/x-javascript 13.107.246.31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5104414?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5104414.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b7b0aa0073bf3fc25875199adaa64b15b5e9e25c9f2b271167af3e287bf60b5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sat, 22 Jun 2024 04:27:13 GMT
x-azure-ref: 20240622T042713Z-17b8d4f8bc7q8txzv12t26v8ds00000001m0000000001xap
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 826
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 316ms
2ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=209580512574099&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719030432931&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.2.1719030432928.284297381824052014&ler=empty&cdl=API_unavailable&it=1719030432597&coo=false&uppt=0&uvpt=0.09999990463256836&ttf=5912.599999904633&bdt=321.90000009536743&bdsize=231229&btsize=59450&brbs=0&cdt=297.40000009536743&cdsize=61197&ctsize=12483&crbs=0&let=34&upcl=0&upurlcl=8&rqm=GET

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 04:27:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 561ms
248ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=209580512574099&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719030432931&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.2.1719030432928.284297381824052014&ler=empty&cdl=API_unavailable&it=1719030432597&coo=false&uppt=0&uvpt=0.09999990463256836&ttf=5912.599999904633&bdt=321.90000009536743&bdsize=231229&btsize=59450&brbs=0&cdt=297.40000009536743&cdsize=61197&ctsize=12483&crbs=0&let=34&upcl=0&upurlcl=8&rqm=FGET

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x487c23ccd3a1c1e0","source_keys":["1","2"]},{"key_piece":"0xbefa168172a33b05","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 04:27:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383179492006239872", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=3106, tp=-1, tpl=-1, uplat=245, ullat=0
pragma: no-cache
x-fb-debug: cwcDmcvJl+S6iv2L3Pq+eO+RmD6cxg8Q8l6KfxVQtJ/xBKffdgwgiZTsptkkFsSEqKxk/vnwKezRdq6r3fywBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383179492006239872"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame 8637 0
0 104ms
103ms Document
text/html 172.217.24.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=KXX4ARWFlYTftefkdODAYWZh&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l3pJHfL7wb1_tVNsPDOk7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-l3pJHfL7wb1_tVNsPDOk7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 04:27:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 9ms
8ms Script
application/javascript 13.107.246.31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5104414?insights=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:13 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240622T042713Z-17b8d4f8bc7q8txzv12t26v8ds00000001m0000000001xaw
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d605c894-001e-0079-58f9-c2d2ff000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
286 B 1007ms
599ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.bitdefender.com.au
Date: Sat, 22 Jun 2024 04:27:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
744 B 366ms
5ms Image
image/gif 23.38.128.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=4a55b566-7010-4633-9b03-7ba7735be0b6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.128.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-128-171.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 04:27:14 GMT
X-GUploader-UploadID: ACJd0NoDSkOcLSDcd6wHN8i6aw4DLauztqFvR657RlHLk38sGXHXVVne8ifzRsNm3QKB4wodXHLGY9MXPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 35
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Server: UploadServer
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-generation: 1698061172769999
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public,max-age=1800
x-goog-stored-content-length: 35
Accept-Ranges: bytes
Content-Type: image/gif

GET
H3 200 136759154343249 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 304ms
304ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/136759154343249?v=next&r=canary&domain=www.bitdefender.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C42%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C157%2C133%2C27%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

5a57e097e75bc754d90232d0ac1c4d08b140b5a91e2f7308fc1588703d3b5942

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 04:27:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=23, mss=1232, tbw=4332, tp=9, tpl=0, uplat=300, ullat=1
pragma: public
x-fb-debug: ErT5Qa5d5AilSqJ2r0GOOVH9lwxmVglpdtO0uyze4kGTJw0d+d2bGeTLbxAdXmMFBd6+FRrWxb84EdKpp9kvZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 563ms
243ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-au&bfp=522907934&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&pu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&t=Hive+Ransomware%27s+Offspring%3A+Hunters+International+Takes+the+Stage&cts=1719030433793&vi=8d996e438b1fa83cbbc576d77ba7cef1&nc=true&u=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&b=33008289.1.1719030433790&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: afc35a8f-8a93-479f-a4c9-bc7cfa3e0f4f
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: afc35a8f-8a93-479f-a4c9-bc7cfa3e0f4f
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydz9XUZPLs3KXbV0SnhX36tcXviiN5TLgovIY73YkhwqyvU2YAbhqAYKTVSjY217C6yH9lIJEOILein3xJucKRm6kWU%2Brsop%2Bm01lE1JIXBu5pUy11mPiuoCFsnUwYx4oBEz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-5gwdl
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 89797c153a8aa7ed-SYD
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
742 B 562ms
247ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=6296aa14-482c-4e42-9095-8e693b5f4caa&fci=ee46cf42-0303-4eb7-b9d2-bf0543c649dd&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-au&bfp=522907934&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&pu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&t=Hive+Ransomware%27s+Offspring%3A+Hunters+International+Takes+the+Stage&cts=1719030433794&vi=8d996e438b1fa83cbbc576d77ba7cef1&nc=true&u=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&b=33008289.1.1719030433790&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 17596fff-08b6-4afc-8245-18f3e412fec7
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 17596fff-08b6-4afc-8245-18f3e412fec7
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mffpAwE2QLotNfeqXsUk%2B6985K0X2lozZAZi%2Be0hc%2FoXPxJ%2BtA8HQEKFgfNxj9Hj%2F1JINR1%2BDoVWHPG8XvDZ1HNuui%2F4lfLcY5Fc5SVVveJQ4BNw2lCBHJJI0NdFKnZKFM0a"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-pkwbj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 89797c153a8ca7ed-SYD
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2A936A8256D84429BB6D3FE4A6093BA1&RedC=c.clarity.ms&MXFR=16AAAFFC6E206DD812E4BB5A6A206384
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2A936A8256D84429BB6D3FE4A6093BA1&MUID=07C5A61C790867E83CABB2BA789866BB

42 B
443 B

127ms
126ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2A936A8256D84429BB6D3FE4A6093BA1&MUID=07C5A61C790867E83CABB2BA789866BB
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:14 GMT
last-modified: Thu, 20 Jun 2024 17:32:12 GMT
server: Microsoft-IIS/10.0
etag: "1b2b37c937c3da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 04:27:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE9C343D8AD94096A89C094A2D365D4A Ref B: SYD03EDGE0808 Ref C: 2024-06-22T04:27:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2A936A8256D84429BB6D3FE4A6093BA1&MUID=07C5A61C790867E83CABB2BA789866BB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK favicon-32x32.png
download.bitdefender.com/resources/images/favicon/ 568 B
947 B 346ms
6ms Other
image/png 23.46.179.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://download.bitdefender.com/resources/images/favicon/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.46.179.82 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-46-179-82.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fab8294d35a12278bfd9179ac66940d6d77145b986fc04e5826a8521f7aa1d49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN *.bitdefender.com

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 04:27:14 GMT
Last-Modified: Thu, 10 Jul 2014 14:17:00 GMT
Server: nginx
ETag: "53bea05c-238"
X-Frame-Options: SAMEORIGIN *.bitdefender.com
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3207
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 568
Expires: Sat, 22 Jun 2024 05:20:41 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
938 B 255ms
251ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=341979&utk=8d996e438b1fa83cbbc576d77ba7cef1&__hstc=33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1&__hssc=33008289.1.1719030433790&currentUrl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa21948f43b22501c5ce324cc33fd6266420a04e17602a404c54b3d3c098e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 04:27:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e3adb6dd-6186-44f8-8414-21b572dcad62
content-encoding: br
x-envoy-upstream-service-time: 26
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e3adb6dd-6186-44f8-8414-21b572dcad62
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-xtlwj
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1%2BzI2S4N7vRc7DzcZuCwspChZbLnYP5foKRED8Qza18dvswnOJLdkXyjkOWFeRYls8NCsE4%2BSyvb2OlOhC0%2FZdLsMBropHXNODvFqussJT3VEAbXTbocAFRgxkrXRSO%2BYXc"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 89797c136a4ba943-SYD

GET
H2 200 /
www.facebook.com/tr/ 0
124 B 5ms
3ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=136759154343249&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719030434105&sw=1600&sh=1200&ud[external_id]=8d996e438b1fa83cbbc576d77ba7cef1&v=next&r=canary&a=hubspot&ec=0&o=4126&fbp=fb.2.1719030432928.284297381824052014&ler=empty&cdl=API_unavailable&cs_est=true&it=1719030432597&coo=false&uppt=0&uvpt=0&ttf=7085.299999713898&bdt=321.90000009536743&bdsize=231229&btsize=59450&brbs=0&cdt=305.19999980926514&cdsize=31347&ctsize=5000&crbs=0&upcl=0&upurlcl=8&estcl=4&iwlpcl=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1317, tbw=6863, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 04:27:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 196ms
195ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=136759154343249&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719030434105&sw=1600&sh=1200&ud[external_id]=8d996e438b1fa83cbbc576d77ba7cef1&v=next&r=canary&a=hubspot&ec=0&o=4126&fbp=fb.2.1719030432928.284297381824052014&ler=empty&cdl=API_unavailable&cs_est=true&it=1719030432597&coo=false&uppt=0&uvpt=0&ttf=7085.299999713898&bdt=321.90000009536743&bdsize=231229&btsize=59450&brbs=0&cdt=305.19999980926514&cdsize=31347&ctsize=5000&crbs=0&upcl=0&upurlcl=8&estcl=4&iwlpcl=0&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc5667283b39b3004","source_keys":["1","2"]},{"key_piece":"0x6d5411c5761f459c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 04:27:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383179495930042216", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=4, rtx=0, c=10, mss=1317, tbw=7031, tp=-1, tpl=-1, uplat=192, ullat=0
pragma: no-cache
x-fb-debug: vPEVy/AXVWV2vH/DVfZaykhjy13G2zTbPafe+iIgCMvCnu0Wy0FCxBpfmijj7tKwxf9lvjspbmhal3rYVQ/GYg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383179495930042216"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
286 B 196ms
196ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.bitdefender.com.au
Date: Sat, 22 Jun 2024 04:27:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 campaigns Show response
webchannel-content-service.scarabresearch.com/customer/786874886/ 10 B
422 B 322ms
302ms XHR
application/json 34.111.52.132

General

Check archive.org

Show headers Download Go to

Full URL

https://webchannel-content-service.scarabresearch.com/customer/786874886/campaigns?url=https:%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&prev_url=&lang=en&uli=false

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.52.132 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sat, 22 Jun 2024 04:27:17 GMT
x-content-type-options: nosniff
x-envoy-decorator-operation: webchannel-content-web.web-channel.svc.cluster.local:80/*
via: 1.1 google
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:49:42	Name: _GRECAPTCHA Value: 09AOZOU_OMnX9p0V4_8ImuCQE22Fb03VUf3zIo3J24uiKfO9IfsykZO8beUT5RV8oyMRN3MT8zcESxenEbhm8OnB4
.businessresources.bitdefender.com/	1970-01-20 21:30:32	Name: __cf_bm Value: UHiJzCE7j52.05SAnZ9g10Z.QTuagX1mehod5tkQBkU-1719030427-1.0.1.1-5SoNwJDTohQezrC0GjXAW37w6E2IM1GBsmuk.mfPxp.w5U8u5zIYsrQDX80OWlGLBXJth9UJ7BA5zxbJp3UHrQ
.businessresources.bitdefender.com/	1969-12-31 23:59:59	Name: __cfruid Value: 9bee9e4ed8419025fb9ac899467864a71da96984-1719030427
www.bitdefender.com.au/	1969-12-31 23:59:59	Name: tagit_session Value: 1
.bitdefender.com.au/	1969-12-31 23:59:59	Name: at_check Value: true
.hsforms.net/	1970-01-20 21:30:32	Name: __cf_bm Value: Yh7_mreaAAspIXER1F601ZfwNZKzfeqOrAaofPXmFHY-1719030430-1.0.1.1-U6ythE8uvC2e2bBFke2VlxXlcN..PXbSJgNE4tj_bQaUlE3KZ8HFydgmGFKC1O209XZx_JTlRU5JfwHKqTkadA
.demdex.net/	1970-01-21 01:49:42	Name: demdex Value: 69610708570727587291383785313946623285
.hsforms.com/	1970-01-20 21:30:32	Name: __cf_bm Value: Tri_jZ6p7f895biPApHMaIKTZETWmMrXLVstQ.Q6mlk-1719030430-1.0.1.1-znu0rd.8VBAx8RIPYgGbXUKtrr8_45VWGvVblDDls936.yNTGI_EGLvQIMQOAiomh6i_KHEhGrI8jlVwa0AD5w
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: WsgoEDtXD1IZQzkSivdiKxyotCHGBqgLFFLvykaX1MY-1719030430956-0.0.1.1-604800000
www.bitdefender.com.au/	1969-12-31 23:59:59	Name: tagit_params Value: %7B%22obj%22%3A%5B%5D%7D
.bitdefender.com.au/	1969-12-31 23:59:59	Name: AMCVS_0E920C0F53DA9E9B0A490D45%40AdobeOrg Value: 1
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: blog%253Abusinessinsights%253Aenterprise-security%253Ahive-ransomwares-offspring-hunters-international-takes-the-stage%2C9%2C9%2C1200%2C1%2C10
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-21 06:16:06	Name: everest_g_v2 Value: g_surferid~ZnZSnwAAAKLfDAM8
.bitdefender.com.au/	1970-01-20 23:40:06	Name: _gcl_au Value: 1.1.1172748687.1719030432
.bitdefender.com.au/	1970-01-20 21:40:35	Name: at_geo Value: {%22latitude%22:-33.88%2C%22longitude%22:151.22%2C%22countryCode%22:%22AU%22%2C%22stateCode%22:%22NSW%22%2C%22city%22:%22SYDNEY%22}
.bitdefender.com.au/	1970-01-21 07:06:30	Name: mbox Value: session#babc2d08b72b46598a8ea560380f154e#1719032292\|PC#babc2d08b72b46598a8ea560380f154e.34_0#1782275232
.dpm.demdex.net/	1970-01-21 01:49:42	Name: dpm Value: 69610708570727587291383785313946623285
.bitdefender.com.au/	1970-01-21 07:06:30	Name: AMCV_0E920C0F53DA9E9B0A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C19897%7CMCMID%7C69591376881043202701386355117336834034%7CMCAAMLH-1719635231%7C7%7CMCAAMB-1719635231%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1719037631s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19904%7CvVersion%7C5.5.0
.doubleclick.net/	1970-01-20 22:13:42	Name: ar_debug Value: 1
.demdex.net/	1970-01-21 01:49:42	Name: dextp Value: 771-1-1719030431971\|1123-1-1719030432072\|129099-1-1719030432172
.doubleclick.net/	1970-01-21 01:49:42	Name: receive-cookie-deprecation Value: 1
.www.bitdefender.com.au/	1970-01-21 07:06:30	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Jun+22+2024+12%3A27%3A12+GMT%2B0800+(Australian+Western+Standard+Time)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&identifierType=Cookie+Unique+Id&hosts=&consentId=071ae084-f375-4b49-b484-26f7133e8393&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.bitdefender.com.au/	1970-01-21 06:16:06	Name: _biz_uid Value: afe40d9809724278cb5f6dd510a48be2
.bitdefender.com.au/	1970-01-21 06:16:06	Name: _biz_nA Value: 2
.bizible.com/	1970-01-21 06:16:06	Name: _BUID Value: afe40d9809724278cb5f6dd510a48be2
.doubleclick.net/	1970-01-21 07:06:30	Name: IDE Value: AHWqTUlRI-VHRhw3hu5VaxMA-EEkm8DpoVk55v5IFhtVFbaiMzsOWyLc4ZBJa_t9FD8
.bizibly.com/	1970-01-21 06:16:06	Name: _BUID Value: c122c1dd0fb993aeab217df8e946aee1
.bitdefender.com.au/	1969-12-31 23:59:59	Name: IR_gbd Value: bitdefender.com.au
.bitdefender.com.au/	1969-12-31 23:59:59	Name: IR_4466 Value: 1719030432299%7C0%7C1719030432299%7C%7C
.bitdefender.com.au/	1970-01-21 06:16:06	Name: _hjSessionUser_51807 Value: eyJpZCI6IjYyOWRmNDQwLWQ5YWYtNTdlNi05MjhhLWE0ZmU4ZDhiOTFhYiIsImNyZWF0ZWQiOjE3MTkwMzA0MzIzNDksImV4aXN0aW5nIjp0cnVlfQ==
.bitdefender.com.au/	1970-01-20 21:30:32	Name: _hjSession_51807 Value: eyJpZCI6ImExZTJiOWU0LWYwMWYtNGNhNy04Y2IyLTNiMTI5ZWY1MjViNCIsImMiOjE3MTkwMzA0MzIzNTAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.bitdefender.com.au/	1969-12-31 23:59:59	Name: _ga_D4JK29RRG4 Value: GS1.1.1719030431.1.0.1719030431.60.0.0
.bitdefender.com.au/	1969-12-31 23:59:59	Name: _ga Value: GA1.1.1832989221.1719030432
.bitdefender.com.au/	1969-12-31 23:59:59	Name: _ga_6M0GWNLLWF Value: GS1.1.1719030431.1.0.1719030431.60.0.516127435
.bitdefender.com.au/	1970-01-21 06:16:06	Name: _biz_pendingA Value: %5B%5D
.t.co/	1970-01-21 07:06:30	Name: muc_ads Value: fa8b67e0-4bb1-4368-bbc5-777c9ae5a9d5
.bitdefender.com.au/	1970-01-21 06:16:06	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Ecid%22%3A%22-931030113%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.bitdefender.com.au/	1970-01-20 23:40:06	Name: _rdt_uuid Value: 1719030432607.7543ef7d-66e8-4a64-8b4b-4ffbf76fe6ac
.rkdms.com/	1970-01-21 06:16:06	Name: sc Value: 3%3A118104
.rkdms.com/	1970-01-21 06:16:06	Name: sessionid Value: h-9fb9d695435940dd821b7e583f322f32_t-1719030432
.bitdefender.com.au/	1970-01-20 21:31:56	Name: _uetsid Value: b282d960304f11efa562c5348d50ec81
.bitdefender.com.au/	1970-01-21 06:52:06	Name: _uetvid Value: b282f2c0304f11ef95a8618499712900
.company-target.com/	1970-01-21 07:06:30	Name: tuuid Value: 9830333a-c35a-405b-a9a4-a9f581a269bb
.company-target.com/	1970-01-21 07:06:30	Name: tuuid_lu Value: 1719030432\|ix:0\|mctv:0\|rp:0
.bing.com/	1970-01-21 06:52:06	Name: MUID Value: 07C5A61C790867E83CABB2BA789866BB
.bat.bing.com/	1970-01-20 21:40:35	Name: MR Value: 0
.twitter.com/	1970-01-21 07:06:30	Name: guest_id_marketing Value: v1%3A171903043268273208
.twitter.com/	1970-01-21 07:06:30	Name: guest_id_ads Value: v1%3A171903043268273208
.twitter.com/	1970-01-21 07:06:30	Name: personalization_id Value: "v1_RYy/LrAk3XuquXtLTaH6RA=="
.twitter.com/	1970-01-21 07:06:30	Name: guest_id Value: v1%3A171903043268273208
.bitdefender.com.au/	1970-01-20 23:40:06	Name: _fbp Value: fb.2.1719030432928.284297381824052014
.casalemedia.com/	1970-01-21 06:16:06	Name: CMID Value: ZnZSoIsFVqoAADVSAVsdNgAA
.casalemedia.com/	1970-01-20 23:40:06	Name: CMPS Value: 4700
.casalemedia.com/	1970-01-20 23:40:06	Name: CMPRO Value: 4700
.linkedin.com/	1970-01-20 23:40:06	Name: li_sugr Value: 6e76aa6a-cb9d-4ee1-80a0-9cf2b0e74a44
.linkedin.com/	1970-01-21 06:16:06	Name: bcookie Value: "v=2&21cea340-25e5-4a16-87ff-912a25f79977"
.linkedin.com/	1970-01-20 21:31:56	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=3026:u=1:x=1:i=1719030433:t=1719116833:v=2:sig=AQEHWH3X0q4X_diR55P98XOsyK0fHaZF"
.rubiconproject.com/	1970-01-21 06:16:06	Name: khaos Value: LXPMC3AD-1Z-93YI
.rubiconproject.com/	1970-01-21 06:16:06	Name: audit Value: 1\|5GCGBT6BChlmQ3xTL05xTF1tIHv53CFN7icKJ7JpxCxrLxq/6nQ6FeJ8dwitguQwkGIfmq08lZkwHTRO1/p4iJLoYn4tEwhGVPqNxgMY1hDbng30TtazszbIuUC0+ys1LhxzxDR6xdpAThla+h9+2vkS+R3waA3uVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.rubiconproject.com/	1970-01-20 23:40:06	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-20 22:13:42	Name: UserMatchHistory Value: AQLbM7chHIl5kwAAAZA-MsXKBOMxJE3LJ4KaFZ0s2olkEviQOgbhBwD6w3aaLxpKY6K35SgEnUMKMQ
.linkedin.com/	1970-01-20 22:13:42	Name: AnalyticsSyncHistory Value: AQL8Ul8XwDxn9AAAAZA-MsXKaE1vnlbT9Jk0q5B5GPAjde3V-fAP2xPeJi_cuDTIcl953wAiwwKvX8iC_rXjYQ
www.clarity.ms/	1970-01-21 06:16:06	Name: CLID Value: 0617f9644c4c4c19b0e74a298c868668.20240622.20250622
.bitdefender.com.au/	1970-01-21 06:16:06	Name: _clck Value: 14h848d%7C2%7Cfmu%7C0%7C1634
.www.linkedin.com/	1970-01-21 06:16:06	Name: bscookie Value: "v=1&202406220427137a3c36d9-4b72-4ada-8771-68992c81a12cAQH0-mT7248uvTRoPjGnHY5HNuOwf0_d"
.tremorhub.com/	1970-01-21 06:16:27	Name: tvid Value: 92b7ec90ea55431ebb403ccdc0b3ec2d
.tremorhub.com/	1970-01-21 07:06:30	Name: tv_UIDM Value: 9830333a-c35a-405b-a9a4-a9f581a269bb
www.bitdefender.com.au/	1970-01-21 01:49:42	Name: __hstc Value: 33008289.8d996e438b1fa83cbbc576d77ba7cef1.1719030433790.1719030433790.1719030433790.1
www.bitdefender.com.au/	1970-01-21 01:49:42	Name: hubspotutk Value: 8d996e438b1fa83cbbc576d77ba7cef1
www.bitdefender.com.au/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.bitdefender.com.au/	1970-01-20 21:30:32	Name: __hssc Value: 33008289.1.1719030433790
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_tp Value: 12943
.c.bing.com/	1970-01-20 21:40:35	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:52:06	Name: SRM_B Value: 07C5A61C790867E83CABB2BA789866BB
.hubspot.com/	1970-01-20 21:30:32	Name: __cf_bm Value: QhzAC_5h86iJOnHqzuacn9D0YmA625krFPmEt4.7qrw-1719030434-1.0.1.1-B01NVo.Y5jpXp2Dqe3j_bGOLzpyPPxMJVs2SVaVDpA9jl3dRv87VbZl9XvAMhzLbSveRKuRTniIs7N30UajqRg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: eFW7RhD3kP30RLMgPQBrMtXf5yjFfAyjWwlfgdHoLHc-1719030434364-0.0.1.1-604800000
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:52:06	Name: MUID Value: 07C5A61C790867E83CABB2BA789866BB
.c.clarity.ms/	1970-01-20 21:40:35	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:30:31	Name: ANONCHK Value: 0
.bitdefender.com.au/	1970-01-20 21:31:56	Name: _clsk Value: fle72o%7C1719030434562%7C1%7C1%7Cv.clarity.ms%2Fcollect

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/ Message: Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: "script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=gtagDataLayer&cx=c(Line 133) Message: Refused to connect to 'https://google.com/ccm/form-data/1040562098?gtm=45be46j0v9164188826za200zb9171448788&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&npa=0&frm=0&pscdl=noapi&auid=1172748687.1719030432&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&em=tv.1' because it violates the following Content Security Policy directive: "connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com".
security	error	URL: https://bat.bing.com/bat.js Message: Refused to connect to 'https://bat.bing.com/actionp/0?ti=5104414&tm=al001&Ver=2&mid=2cefe48a-bc39-42ed-a068-ca1601f87b69&sid=b282d960304f11efa562c5348d50ec81&vid=b282f2c0304f11ef95a8618499712900&vids=1&msclkid=N&evt=pageHide' because it violates the following Content Security Policy directive: "connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' .bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com .facebook.com .google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net .criteo.com .2mdn.net .googlesyndication.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri .bitdefender.com .bitdefender.com.au .bitdefender.co.uk .bitdefender.ro .bitdefender.fr .bitdefender.de
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
api.hubapi.com
api.hubspot.com
assets.adobedtm.com
assets.adobetarget.com
bat.bing.com
bitdefender.demdex.net
businessresources.bitdefender.com
c.bing.com
c.clarity.ms
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.scarabresearch.com
cm.everesttech.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
content.hotjar.io
cookies-data.onetrust.io
cta-service-cms2.hubspot.com
d.impactradius-event.com
download.bitdefender.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
geolocation-db.com
geolocation.onetrust.com
googleads.g.doubleclick.net
imgsct.cookiebot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
perf-na1.hsforms.com
pixel-config.reddit.com
platform.twitter.com
px.ads.linkedin.com
s.company-target.com
script.hotjar.com
snap.licdn.com
sstats.bitdefender.com
starget.bitdefender.com
static.ads-twitter.com
static.hotjar.com
static.scarabresearch.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
track.hubspot.com
v.clarity.ms
webchannel-content-service.scarabresearch.com
www.bitdefender.com
www.bitdefender.com.au
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
platform.twitter.com
104.102.244.121
104.16.117.116
104.16.118.116
104.16.137.209
104.16.78.142
104.17.128.172
104.17.175.201
104.18.140.17
104.18.142.119
104.18.244.108
104.19.175.188
104.19.177.52
104.244.42.195
104.68.24.142
108.158.20.64
108.158.32.67
108.158.32.82
117.18.232.195
13.107.246.31
13.107.42.14
142.250.204.2
142.250.66.227
142.250.66.234
142.250.76.102
142.251.221.67
151.101.1.140
151.101.129.140
151.101.193.140
151.101.28.157
152.195.58.59
157.240.8.23
157.240.8.35
159.89.102.253
172.217.24.34
172.217.24.36
172.217.24.40
172.64.147.169
172.64.150.107
172.64.153.27
172.64.155.119
172.64.155.63
18.65.244.54
18.67.110.80
18.67.93.113
18.67.93.120
199.60.103.254
20.114.189.135
204.79.197.237
216.239.36.181
23.32.5.109
23.38.128.171
23.46.179.82
23.55.11.47
34.111.52.132
34.193.29.58
34.96.71.22
35.186.249.72
44.212.234.98
52.210.44.146
52.231.230.148
54.169.185.174
63.140.38.189
63.140.56.170
74.125.24.157
0a6c78f9e8df1e4b5ee988f792343de94f49652dfa381df0ccd90d16bf17c9f8
0b3d508f173d533137db40577d18f7dc9083ce8e56b41741e60b9908e6d6e437
0c6360095b095e0aeea120f1581a49652ffe0e3ab0c55164684677064a12124f
10ad847e598b98652e25e9a59e9ae0d3bc134007579a9caeec0c1dcd7eb48447
159453401c68cee218a8af0d1864ac09ade311641d6b6022e01004a9fa164dd3
1789e6bf0f139fc89e73756237ae433989a6d27e7effe2d1771c06d2566f889b
19ed9f5421db4f8e3711b9e3a9b6caa4c9d17f8e035624542b251df9e8fe7f37
1efbc0b6cbcc4cd357af84f294673258064a1d7cd74dcbd46c49d4a06fddcb9a
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
28cadabd6f2d70fe764730d4ec1ce97d1631d6fcf9c0bff198685ad8c0e4dd95
2aed280416005df8902253b020bbf3a7a47fc8ffc9a4e6764c11ec96c2079ef3
2f3d0e01677feadbc19d661d9910328561fa9b3fbc0427d4b17906adb7cc8471
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3204d4cf57b29ed2d7aa10ab08fbaadc8f0538c865cc1d434e6ffc3601e3308e
33f4a3188e5bd3946bc65cba66db7f0400a6c149acc208b4b46640af86858f61
36074aa57ab395dc8e9c99b10e435ac3ac636f7ebf034da481ba7ca475a979f5
3f2069e4f379291c013b2ac6b33c3770c98737524f80ccdfca1ea8586169622e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
469ab758cfe6a8ac93cda5872ca28655f6f874a2f6cceafa710fc01f52fc787d
4a2207e1dfdac97cdf65dce070c145d2f8251b726777b5073bb79308e69e1a68
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4ec4d2d21dd008135647d484526d98d4ac5700f623162536aac2c381bad26c15
50e50d3be7ae652e8b3c9077698cb5b77538fafc1c28652871f5f9ec22bd2ae0
5371bf46e46a9cb4d28be3be42997ccf1e5057b188958a706834dbadcdc462eb
568fab9461aa2db7d46ebe579172321147272063db4ac8f85e2c7b3c1e9cfbbe
583cabf7f2229d895c7db724e90d84ab6a7c9dd29660c487ca4ef529eaca9f02
59db75d7a5be7419c7e0f29c09275c70d29a4586c8e1b37b00a6c0fb88e79372
5a57e097e75bc754d90232d0ac1c4d08b140b5a91e2f7308fc1588703d3b5942
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5dca5c1b15584926c9f9549101752bf572e7fdcda47e1b2bf3c181372a5cb0ea
5f98201416864cc4b68732366a13b61a9fca087a2ed0e1ec8c657b89ad1b9fdb
6692354a1d9a4d531832e922f7e86a9e80f24562572c9dc7614a71fe5145b266
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71cfc9f2ed2b7484f41f6cb3aef85fd8a7d3f61440e1fdd141bb63503662b5c7
72bc932cbb9cd002706ea99c1883d1d6c3eb38f4dedb5f84d951b31429ab9521
7445d1d100b66fd8e5d91871d05c3cca4f3955551136e13596413ef5c598a4c2
753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5
776929cec54d2f7732640c0f1e5a459c49289ce73bbfad95fe3c437f1f6f820d
781149055514a774421f07052fd07260e43da76fd632f25d89a5630d563da011
793137450e10df1f5246e33a2f76bd598fdf77181b81a0e90d55921a9d1c69ea
795ab11cff58833e2c762b04466095173cc064a0267697713e8743c42edb5ebf
7dda4b29507887a80d74c81a30e6ff5241e414a7381cc0a4f6eef32595ebadf3
7e19a12748e74eb478a6b8e4689bc1df9ec27c0ab4e9b6ee86e6a5a3758f3b9e
80e815080b904770061dd4c45e5e70721be774b7bb15fe135a6e8f40b772aca7
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
831b25d2cf0066937657444e6d8366c0e51af9ac0989def0613358d48bd45b88
8762e051aae40d75a40ff473e9104f1217afba76a9a01867bf49d6c218bfd3b6
8e5434cf124c82209d101031a9fc9c601725244be89af5ea9d18cca4bb598362
8fa21948f43b22501c5ce324cc33fd6266420a04e17602a404c54b3d3c098e85
9342b2c5d6efa563547b694ef832c0f0b3db49e04659d1c6271d8f047bf671d6
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d
9b550b03b688b2f4a310525cb12c7b0e5097968f9c8850b6cf7698c7027b904d
9cb4eab4bada7c1acc0e15585f6c8207d7ea4630985d54dd18f6655c15ba5982
9dc0d1858bc1e2eab3856936743cda081ee0cf36b11db4b6aa8e52ef7e287d5c
a1ce0a956c2fe87a1ccb2855dc96bfd069dfbb25144b3801e4a65e1394a68c45
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a26decf869d35389aee658f487ff614dabb9078b6e4fefa92c72379390aea58d
a28eb9c0b3d685e85d474a74e5a2ebd4760387395231340f740c314d0a814eed
a6c23ed876dffc288ff16cfb9fb7b3a83364285a813a571e14c2226370efdb65
a78c9f43dc3bd6f5fd515c9bb4b5f9a902d3352897674ca4b2f36a065cef1da2
a7eba0a323a7b7b65aa07526d2c2ed096f4632babb1afc1b6c6dd91d9cf66700
a81a65ff14c4132ec1f430e83cb3742b9fae832d5e39d8ed77e44ac6ecc632d2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1fca31f7e7a89c198881e69c42c6bb3578b7d55f2cee7463b96360feaf7eaa
ac6f4ec6849e6e8849d1130e40a378a9c7e751cd949306edd3383f7effa90658
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb46b58cae0ce0ee0754a4cb5de6906cd77ab82e23e12c3d8a5b5315a300c2e
af0f090ffc58f4f04cdd42ee8f94cfdea962d3a1bbc0ed4bad1b201cb05979e8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7b0aa0073bf3fc25875199adaa64b15b5e9e25c9f2b271167af3e287bf60b5f
b8a6494ebcc1c54d6dca46f9d5319a8477def37a026b5ca1cb57ea1176a26845
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066
c12a0adff1e747becb97843abe35079449a0503669f2676b1cc1071e605c551e
c42aae2fedb7d28450f675df260a414800b1edb4a07746f5b06ca7402b45c62d
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c53df5ea8340056caf7628466bad700a44db5126ecf57f491b6dea2b55327321
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd4d3df5041882188dfc052a6980d097807697b7ce82fce8f30d50f6266f0009
cd823e8760f4762e83ae42ec9776261729cef7cec16254a21ee5e89f8575fe79
ce7fa542b8dd9e9737b93da77f8386c6ccb5e5e0b8dd1eaf9d741b7145ca6b52
d0766ae65a129cd9249a3d42aae14c7f89e2dc4a2901cdf94cc9f48148fef61b
d364575db314b58cf31d2d40ea325401ebe36c9ec54b0afde4f188439534c9dd
dac4d96ffcb8d25857f216825e332e81efe07642532657ba6daaf33cefc2900a
dadd584faf3939ac96460b59a5cb6c493e3205218f105c16467e9fce4b6a7099
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
ddf7a1af4b999f12447e6f1cb4e9834bf1abdb6a4d0753d665e716fb1d6b646c
de2ad928eac17e56b9f314967d5362eb222e65b4ec32c419c444dc1841d9ac68
e086eb01f206971454c351b5a75ad5c0fe691bc1ee6796691812bf90796780f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57eb0ba8a5b7db9d8db260230796eaa63a12d3999a123ccbafe68ed8bb1b529
e916c5c4045dd8e2c17ee1ddce9dd9515c4125bc52280b39e07fb83780055c14
eb9a859b4b75e248b087ead48d90e1112b8fd091224a827775a0ee86c16c2f5d
ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef329b35c4d5c9b2a7c7411a47b5554462dbc88349d1635d383df952c3854527
ef5aa0a6b077aaff322c613466f59676e2006820805af770e34adca461bd8607
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
f01a50bfcac2d1883a05d012267686baf1184c0d89e3adfcf6ba67fead49c7b8
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
faa2d073082188a0039399a9f374a523a9f3750ae9f1d2599ae63b27a860b149
fab8294d35a12278bfd9179ac66940d6d77145b986fc04e5826a8521f7aa1d49
fceba08a6bbdf2598e8f6d43e71b51854337da5f880c3fff252a25b9cd10b6ae
fd4d2ccb8c727b1cd70b5f3e728519c255bf484fb75d2c7bf01c989a78880e7b
fe13fe0388b45529b8c11007bfc3c4c42e9888a95987a9d2d9165ff61051ca41

www.bitdefender.com.au Open in urlscan Pro 172.64.150.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

152 Requests

95 %HTTPS

0 %IPv6

46 Domains

75 Subdomains

64 IPs

7 Countries

4153 kBTransfer

8910 kBSize

83 Cookies

20 Outgoing links

Page URL History

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bitdefender.com.au Open in urlscan Pro
172.64.150.107 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

95 %
HTTPS

0 %
IPv6

46
Domains

75
Subdomains

64
IPs

7
Countries

4153 kB
Transfer

8910 kB
Size

83
Cookies

152 HTTP transactions
0 data transactions