Submitted URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1...
Effective URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AI...
Submission: On November 28 via api from OM — Scanned from DE

Summary

This website contacted 67 IPs in 6 countries across 48 domains to perform 158 HTTP transactions. The main IP is 35.152.119.144, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.threatlocker.com. The Cisco Umbrella rank of the primary domain is 257048.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 14th 2024. Valid for: a year.
This is the only time www.threatlocker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.152.119.144 16509 (AMAZON-02)
23 104.18.160.117 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 108.138.15.119 16509 (AMAZON-02)
10 95.101.111.184 20940 (AKAMAI-AS...)
2 6 142.250.186.164 15169 (GOOGLE)
1 18.66.122.55 16509 (AMAZON-02)
2 18.66.102.89 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.244.20.109 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 76.76.21.142 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.67 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-AS...)
1 104.16.90.50 13335 (CLOUDFLAR...)
1 142.250.186.131 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 2a04:4e42::396 54113 (FASTLY)
6 2620:1ec:33:1... 8075 (MICROSOFT...)
1 34.107.254.219 396982 (GOOGLE-CL...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.117.162.98 396982 (GOOGLE-CL...)
2 52.23.44.33 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.67 15169 (GOOGLE)
1 151.101.193.140 54113 (FASTLY)
1 151.101.65.140 54113 (FASTLY)
1 13.232.14.252 16509 (AMAZON-02)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.95.41 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.117.110.211 396982 (GOOGLE-CL...)
1 13.107.42.14 8068 (MICROSOFT...)
1 18.66.112.30 16509 (AMAZON-02)
2 34.107.133.146 396982 (GOOGLE-CL...)
5 2600:1f18:e8a... 14618 (AMAZON-AES)
2 2600:1901:1:7... 396982 (GOOGLE-CL...)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.66.122.58 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.18.94.41 13335 (CLOUDFLAR...)
3 172.175.38.6 8075 (MICROSOFT...)
3 157.240.253.1 32934 (FACEBOOK)
1 142.250.184.200 15169 (GOOGLE)
1 2 142.250.186.162 15169 (GOOGLE)
2 2 142.250.186.98 15169 (GOOGLE)
6 157.240.252.35 32934 (FACEBOOK)
1 2a02:26f0:480... 20940 (AKAMAI-AS...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.223.40.198 16509 (AMAZON-02)
1 216.239.34.36 ()
158 67
Apex Domain
Subdomains
Transfer
23 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6218
821 KB
12 typekit.net
use.typekit.net — Cisco Umbrella Rank: 460
p.typekit.net — Cisco Umbrella Rank: 571
141 KB
11 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5557
c.6sc.co — Cisco Umbrella Rank: 6739
ipv6.6sc.co — Cisco Umbrella Rank: 5633
b.6sc.co — Cisco Umbrella Rank: 3603
22 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1015 B
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
628 B
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
33 KB
6 rageagainstthesoap.com
d.rageagainstthesoap.com — Cisco Umbrella Rank: 166465
en.rageagainstthesoap.com — Cisco Umbrella Rank: 128736
43 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
k.clarity.ms — Cisco Umbrella Rank: 8151
29 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
390 KB
5 hubspotonwebflow.com
hubspotonwebflow.com — Cisco Umbrella Rank: 33737
104 KB
4 bing.net
bat.bing.net — Cisco Umbrella Rank: 8327
706 B
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
345 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
80 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 10745
191 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
599 B
3 d41.co
paapi1411.d41.co
cdn-0.d41.co — Cisco Umbrella Rank: 27568
33 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
33 KB
3 sproutvideo.com
cdn-thumbnails.sproutvideo.com — Cisco Umbrella Rank: 513355
c.sproutvideo.com — Cisco Umbrella Rank: 182621
54 KB
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1531
insight.adsrvr.org — Cisco Umbrella Rank: 960
7 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
3 KB
2 spotify.com
pixels.spotify.com — Cisco Umbrella Rank: 3212
272 B
2 aplo-evnt.com
aplo-evnt.com — Cisco Umbrella Rank: 30175
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2010
alb.reddit.com — Cisco Umbrella Rank: 1418
763 B
2 influ2.com
www.influ2.com — Cisco Umbrella Rank: 51417
t.influ2.com — Cisco Umbrella Rank: 49006
3 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
2 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 8407
2 KB
2 lfeeder.com
sc.lfeeder.com — Cisco Umbrella Rank: 15595
tr.lfeeder.com — Cisco Umbrella Rank: 24311
12 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
fonts.googleapis.com — Cisco Umbrella Rank: 29
9 KB
2 threatlocker.com
www.threatlocker.com — Cisco Umbrella Rank: 257048
static.threatlocker.com — Cisco Umbrella Rank: 485749
68 KB
2 hubspotlinks.com
ct4vs04.na1.hubspotlinks.com — Cisco Umbrella Rank: 532187
4 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2477
1 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3690
843 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
25 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3341
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
26 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
318 B
1 videsigns-staging.co.uk
videsigns-staging.co.uk — Cisco Umbrella Rank: 363393
184 B
1 byspotify.com
pixel.byspotify.com — Cisco Umbrella Rank: 6998
22 KB
1 apollo.io
assets.apollo.io — Cisco Umbrella Rank: 29527
2 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
14 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
959 B
1 embedly.com
cdn.embedly.com — Cisco Umbrella Rank: 14316
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
32 KB
1 elfsight.com
static.elfsight.com — Cisco Umbrella Rank: 14225
17 KB
1 calendly.com
assets.calendly.com — Cisco Umbrella Rank: 13800
4 KB
158 48
Domain Requested by
23 cdn.prod.website-files.com www.threatlocker.com
cdn.prod.website-files.com
10 use.typekit.net www.threatlocker.com
7 b.6sc.co www.threatlocker.com
6 www.facebook.com www.threatlocker.com
6 bat.bing.com www.googletagmanager.com
bat.bing.com
6 www.google.com 2 redirects www.threatlocker.com
www.googletagmanager.com
www.gstatic.com
5 en.rageagainstthesoap.com d.rageagainstthesoap.com
www.threatlocker.com
5 hubspotonwebflow.com www.threatlocker.com
hubspotonwebflow.com
4 bat.bing.net bat.bing.com
www.threatlocker.com
4 challenges.cloudflare.com 1 redirects www.threatlocker.com
challenges.cloudflare.com
4 www.googletagmanager.com www.threatlocker.com
www.googletagmanager.com
4 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net d.rageagainstthesoap.com
connect.facebook.net
3 k.clarity.ms www.clarity.ms
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 www.google.de www.threatlocker.com
3 region1.analytics.google.com www.googletagmanager.com
3 cdn.jsdelivr.net www.threatlocker.com
www.googletagmanager.com
2 googleads.g.doubleclick.net 2 redirects
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 pixels.spotify.com pixel.byspotify.com
2 aplo-evnt.com assets.apollo.io
2 paapi1411.d41.co www.googletagmanager.com
cdn-0.d41.co
2 www.clarity.ms ct4vs04.na1.hubspotlinks.com
www.clarity.ms
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 tracking.g2crowd.com ct4vs04.na1.hubspotlinks.com
tracking.g2crowd.com
2 p.typekit.net use.typekit.net
www.threatlocker.com
2 c.sproutvideo.com www.threatlocker.com
c.sproutvideo.com
2 j.6sc.co www.threatlocker.com
j.6sc.co
2 js.adsrvr.org www.threatlocker.com
www.googletagmanager.com
2 ct4vs04.na1.hubspotlinks.com 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 track.hubspot.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 api.hubapi.com js.hsadspixel.net
1 cdn-0.d41.co www.googletagmanager.com
1 tr.lfeeder.com www.threatlocker.com
1 px4.ads.linkedin.com www.threatlocker.com
1 t.influ2.com www.influ2.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 api.ipify.org www.threatlocker.com
1 videsigns-staging.co.uk code.jquery.com
1 alb.reddit.com www.threatlocker.com
1 pixel-config.reddit.com www.redditstatic.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 pixel.byspotify.com ct4vs04.na1.hubspotlinks.com
1 assets.apollo.io ct4vs04.na1.hubspotlinks.com
1 www.influ2.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 sc.lfeeder.com ct4vs04.na1.hubspotlinks.com
1 js.hs-scripts.com www.googletagmanager.com
1 d.rageagainstthesoap.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 cdn.embedly.com www.threatlocker.com
1 fonts.googleapis.com ajax.googleapis.com
1 code.jquery.com www.threatlocker.com
1 static.threatlocker.com www.threatlocker.com
1 d3e54v103j8qbb.cloudfront.net www.threatlocker.com
1 static.elfsight.com www.threatlocker.com
1 assets.calendly.com www.threatlocker.com
1 cdn-thumbnails.sproutvideo.com www.threatlocker.com
1 ajax.googleapis.com www.threatlocker.com
1 www.threatlocker.com ct4vs04.na1.hubspotlinks.com
158 66

This site contains links to these domains. Also see Links.

Domain
threatlocker.kb.help
ztw25.com
portal.threatlocker.com
videos.sproutvideo.com
Subject Issuer Validity Valid
hubspotlinks.com
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
*.threatlocker.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-14 -
2025-10-14
a year crt.sh
prod.website-files.com
WE1
2024-10-21 -
2025-01-19
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-17 -
2025-11-17
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
6sc.co
R10
2024-09-23 -
2024-12-22
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
sproutvideo.com
Amazon RSA 2048 M03
2024-05-11 -
2025-06-08
a year crt.sh
calendly.com
E6
2024-11-24 -
2025-02-22
3 months crt.sh
static.elfsight.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
static.threatlocker.com
Amazon RSA 2048 M03
2024-06-30 -
2025-07-29
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA
2024-05-04 -
2025-05-04
a year crt.sh
*.hubspotonwebflow.com
R11
2024-11-21 -
2025-02-19
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
embedly.com
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.rageagainstthesoap.com
Amazon RSA 2048 M02
2024-10-13 -
2025-11-11
a year crt.sh
hs-scripts.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
*.lfeeder.com
Amazon RSA 2048 M02
2024-02-20 -
2025-03-20
a year crt.sh
g2crowd.com
WE1
2024-10-19 -
2025-01-17
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-06 -
2025-04-03
6 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
influ2.com
WR3
2024-11-18 -
2025-02-16
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
apollo.io
E6
2024-10-30 -
2025-01-28
3 months crt.sh
pixel.byspotify.com
WR3
2024-10-15 -
2025-01-13
3 months crt.sh
*.d41.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-15 -
2025-02-14
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.de
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-13 -
2025-04-11
6 months crt.sh
videsigns-staging.co.uk
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
ipify.org
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
hs-banner.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
hsadspixel.net
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
hs-analytics.net
WE1
2024-10-07 -
2025-01-05
3 months crt.sh
t.influ2.com
R10
2024-11-13 -
2025-02-11
3 months crt.sh
aplo-evnt.com
R10
2024-11-05 -
2025-02-03
3 months crt.sh
*.spotify.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-05 -
2025-02-04
a year crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07
2024-10-27 -
2025-04-25
6 months crt.sh
hubapi.com
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
challenges.cloudflare.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-06 -
2024-12-05
3 months crt.sh
*.googleadservices.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
hubspot.com
WE1
2024-10-03 -
2025-01-01
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Frame ID: 2B8BF1957CA8F5A8E00858CC531AFF9E
Requests: 147 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F_E_DWY0Ncq0%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D_E_DWY0Ncq0&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F_E_DWY0Ncq0%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube
Frame ID: F9DCFD5F380073291B26174B64D6946F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.threatlocker.com
Frame ID: A022A615B1496ADF35F94B3342660E3C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbJwMpAAAAAGu0MJHvjIzZby3niJ0Lrv7VDXvH&co=aHR0cHM6Ly93d3cudGhyZWF0bG9ja2VyLmNvbTo0NDM.&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=ilu2f73gi8o0
Frame ID: ABF21071D25EC1CF70D1E6FE6A30E13A
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qh4hz/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/normal/auto/
Frame ID: E804BBF0A5DCF186DA9F5F4A755695F9
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/972f6/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/normal/auto/
Frame ID: 3A7EB966DB50BA9658006B3A02B2929B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcbJwMpAAAAAGu0MJHvjIzZby3niJ0Lrv7VDXvH
Frame ID: BCDA75A1FFFC3DA28A8B42042D64433D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=capjhp2&ref=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&upid=6wtct2r&upv=1.1.0&paapi=1
Frame ID: DDBE05BE040C10693793A3E6DA2BD41C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

How to stop remote encryption using ThreatLocker

Page URL History Show full URLs

  1. https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H... Page URL
  2. https://ct4vs04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4... HTTP 307
    https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://assets\.calendly\.com/assets/external/widget\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

158
Requests

96 %
HTTPS

48 %
IPv6

48
Domains

66
Subdomains

67
IPs

6
Countries

2449 kB
Transfer

6461 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04 Page URL
  2. https://ct4vs04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04?_ud=44d88ee1-a678-4cfc-9ce4-931184e59320&_jss=1&_fl=8&_pl=5&_hc=16&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1600,1200 HTTP 307
    https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
Request Chain 91
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&tm=gtmv2 HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&tm=gtmv2&e_ipv6=AQK9vSPI7HE3_QAAAZNw5uMD-g6aNj7cfZZKaozj_Q2CSghmEIvDg69MOI4s_E1EFXU7Qpr2
Request Chain 119
  • https://www.googleadservices.com/pagead/conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI34fLr5D-iQMVR5yDBx3sjgUMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI34fLr5D-iQMVR5yDBx3sjgUMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dONquc_Nt6ZZ5t5UG9IPj-S6YrgCAmg&random=3116014925 HTTP 302
  • https://www.google.de/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI34fLr5D-iQMVR5yDBx3sjgUMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dONquc_Nt6ZZ5t5UG9IPj-S6YrgCAmg&random=3116014925&ipr=y
Request Chain 128
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&gtm_ee=1&npa=1&pscdl=noapi&auid=1280589782.1732765999&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI2oPcr5D-iQMVsp6DBx2bTxD1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tL0JYQ2hFSWdLT2J1Z1lRazV6NnY5MnlxNmFlQVJJdEFFVVl1QU51V2gwcC14X3JnSFlleUItZnkyREpLd2dUNDNEbkhKdXhJUUZsT01VQmVBemtQVi1xM0M3OQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&gtm_ee=1&npa=1&pscdl=noapi&auid=1280589782.1732765999&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI2oPcr5D-iQMVsp6DBx2bTxD1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tL0JYQ2hFSWdLT2J1Z1lRazV6NnY5MnlxNmFlQVJJdEFFVVl1QU51V2gwcC14X3JnSFlleUItZnkyREpLd2dUNDNEbkhKdXhJUUZsT01VQmVBemtQVi1xM0M3OQ&is_vtc=1&cid=CAQSKQCa7L7dmrHY2mjynSUTGkGlNxlnfBRvBHS6-UErTiX6fF-aOF1ZuBml&random=1257550386 HTTP 302
  • https://www.google.de/pagead/1p-conversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&gtm_ee=1&npa=1&pscdl=noapi&auid=1280589782.1732765999&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI2oPcr5D-iQMVsp6DBx2bTxD1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tL0JYQ2hFSWdLT2J1Z1lRazV6NnY5MnlxNmFlQVJJdEFFVVl1QU51V2gwcC14X3JnSFlleUItZnkyREpLd2dUNDNEbkhKdXhJUUZsT01VQmVBemtQVi1xM0M3OQ&is_vtc=1&cid=CAQSKQCa7L7dmrHY2mjynSUTGkGlNxlnfBRvBHS6-UErTiX6fF-aOF1ZuBml&random=1257550386&ipr=y

158 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-S...
ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/
8 KB
3 KB
Document
General
Full URL
https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0981df7a736e6b9114f636b1f7e914b3b5c2a7976da8a34a0b7a08b69882bc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
8e9768f5ad745c02-FRA
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 28 Nov 2024 03:53:16 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5988f99f77-v84cx
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
b59b80b9-c056-43fa-9d7f-3b7e509d9b0e
x-request-id
b59b80b9-c056-43fa-9d7f-3b7e509d9b0e
x-robots-tag
none
Primary Request stop-remote-encryption
www.threatlocker.com/
Redirect Chain
  • https://ct4vs04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg...
  • https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni...
202 KB
66 KB
Document
General
Full URL
https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Requested by
Host: ct4vs04.na1.hubspotlinks.com
URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.152.119.144 Milan, Italy, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-152-119-144.eu-south-1.compute.amazonaws.com
Software
/
Resource Hash
eecea65c1e15819405bbec61d2ce3f746c79fd1f84e2347052856315715d2681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
8e9768fac8b5ed26-MXP
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Thu, 28 Nov 2024 03:53:18 GMT
last-modified
Thu, 28 Nov 2024 03:53:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
surrogate-control
max-age=2147483647
surrogate-key
www.threatlocker.com 6356c441ce34029b327802bf pageId:67464de5758849d33b648aa2
vary
Accept-Encoding
x-cluster-name
eu-south-1-prod-hosting-red
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-lambda-id
805521bc-5373-4345-8252-89eae24e5ccc

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
8e9768f7de5b5c02-FRA
date
Thu, 28 Nov 2024 03:53:16 GMT
link
<https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter>; rel="canonical"
location
https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
30
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5988f99f77-89dsl
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
a0a8dd25-7134-423e-b34b-c3dfd45ec2ed
x-request-id
a0a8dd25-7134-423e-b34b-c3dfd45ec2ed
x-robots-tag
none
tl-build.aa480dc9e.min.css
cdn.prod.website-files.com/6356c441ce34029b327802bf/css/
576 KB
105 KB
Stylesheet
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.aa480dc9e.min.css
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9177b34214c286eb177713c262cba11452713d2d31e62988b52431ca4ae91bf1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"07f381d6e7ada3fb152e5fe8130b4dc0"
x-amz-version-id
kp.vUKIylbnC7B7iiRzAoPC1Acl8hfeT
age
2464
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/css
last-modified
Wed, 27 Nov 2024 22:09:56 GMT
vary
Accept-Encoding
x-amz-id-2
MjHZG6CGH1jaG1FP7+mLyUurzITwWalu8uVK22frCY32IXSMXakpsVRRZqEiCDeBqZ4C6zBGnR0=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
J93FSZJQGD8J13SS
cf-ray
8e9769008da6915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
106531
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
age
69833
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 08:29:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 08:29:25 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
wpr3nqk.js
use.typekit.net/
19 KB
7 KB
Script
General
Full URL
https://use.typekit.net/wpr3nqk.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
aec1985c2e202be76f0fd0741b69a0413bccec9b28a45ee16e5f3e238c58657c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
6865
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx
up_loader.1.1.0.js
js.adsrvr.org/
15 KB
6 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01a0567df178f4841a6288926e99a3b74a974d9a94f9643893fb9f9a9e44e72f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding
Content-Encoding
gzip
ETag
W/"ca10a83376fd9bc0ab90281b9867f488"
Age
75875
Connection
keep-alive
Via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Y65IJ6lgs80uExEK953CQjvpya8tMm9-76b0S8D2m3u72MJPHuiuEw==
Date
Wed, 27 Nov 2024 06:48:44 GMT
Content-Type
application/javascript
Last-Modified
Mon, 25 Nov 2024 06:48:02 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
x-amz-server-side-encryption
AES256
506cb44c-866d-46a3-8f40-02bab25016ce.js
j.6sc.co/j/
1 KB
1 KB
Script
General
Full URL
https://j.6sc.co/j/506cb44c-866d-46a3-8f40-02bab25016ce.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3719936c4b46f7c13616a3788c4432737e5f4f900062e15c6c435e96026fa71e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-amz-server-side-encryption
AES256
content-type
application/javascript
cache-control
private, max-age=1800
x-amz-version-id
RConxRUNS.tuBF0rUHnmPHiGeN7MgodM
etag
"0026fea7ed172e52c6225970de9c92af"
expires
Thu, 28 Nov 2024 04:23:18 GMT
accept-ranges
bytes
content-length
1070
x-amz-cf-id
Xp3s8OyXZP_4X74HZ3s5xZeeYylbT2pJmxKCpI5QU9U907SNyFUcyA==
date
Thu, 28 Nov 2024 03:53:18 GMT
last-modified
Mon, 25 Nov 2024 21:05:44 GMT
vary
accept-encoding
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-meta-content-type
application/json
wpr3nqk.css
use.typekit.net/
6 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/wpr3nqk.css
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
056b586b28e729158aae42933695501bf132d36d6fddbdb91950e59c56ff58d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
893
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
api.js
www.google.com/recaptcha/
1 KB
967 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
ESF /
Resource Hash
d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 28 Nov 2024 03:53:18 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
poster.jpg
cdn-thumbnails.sproutvideo.com/7991d0b11a1ee1c2f0/536364e9a4565928/1732661811/w_640,h_360,btn_true/
9 KB
10 KB
Image
General
Full URL
https://cdn-thumbnails.sproutvideo.com/7991d0b11a1ee1c2f0/536364e9a4565928/1732661811/w_640,h_360,btn_true/poster.jpg
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21f57bdd708058a426ae5b52aa1805decdbfaee2ba54b382d427c2915c1247a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=31536000, public
etag
"1874cc78a3153f0555fbb54e4c348b88"
age
50674
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
content-length
9555
x-amz-cf-id
Yw1acNEaXJxiOWFKrOG0maE9Lxs18wi7YEW2RryJocGR2FTX1X0LLg==
date
Wed, 27 Nov 2024 13:48:45 GMT
content-type
image/avif
last-modified
Tue, 26 Nov 2024 22:57:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
v1.0.0.js
c.sproutvideo.com/lightbox/
122 KB
42 KB
Script
General
Full URL
https://c.sproutvideo.com/lightbox/v1.0.0.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f9708f479402e766ee2ec58e2f5a01a312509e8894da67b864722b44095757a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
etag
W/"dbe52e2db91acc200099dd1a7204f1b7"
age
4874719
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
fKC5yPhw2REE3k82BQNJ_iGzc1wPWW5hTlrMbFrff-P-5jiH5F4KuQ==
date
Thu, 31 Oct 2024 21:46:38 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Wed, 01 Nov 2023 21:45:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=31536000
referrer-policy
strict-origin-when-cross-origin
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
widget.js
assets.calendly.com/assets/external/
11 KB
4 KB
Script
General
Full URL
https://assets.calendly.com/assets/external/widget.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=300
content-encoding
br
cf-cache-status
HIT
etag
W/"ef3bf711963c747494cae07900aacd7c"
age
169
x-content-type-options
nosniff
cf-ray
8e976901c96fd2ba-FRA
expires
Fri, 29 Nov 2024 03:53:18 GMT
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 22:34:49 GMT
vary
Accept-Encoding
server
cloudflare
66c36f475989f3987640f4ba_ThreatLocker_Navy_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
3 KB
3 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f475989f3987640f4ba_ThreatLocker_Navy_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6972ba42e587284c835b1f4806efda667f41987832b382b817d00aa330385ce8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"1059343a9575d1cad569f785a4981326"
x-amz-version-id
12ODJy.o5hNwtqK0SbPcA6OM8cpN5r3N
age
2464
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:01 GMT
vary
Accept-Encoding
x-amz-id-2
P9ILLWaU8vkLDTY51Yil23a9jZmt2ToxCwQRXWwZG1CFN6Yx1IYz9Q1pyuYaZqV1vB4TOSHZceuxihLKZP5U4PmjBHNVPgKG/XXhkL7EMLA=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J937W51E1SK71P72
cf-ray
8e9769016dfc915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2638
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f46ac6ba8be68f9f399_ThreatLocker_jetBlue_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
4 KB
4 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f46ac6ba8be68f9f399_ThreatLocker_jetBlue_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64198eefb9fcbed2c2708d419b9d9a9e12864562abf1b5d58284be2460a7c1a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"1848033a7d427bcb3e2250fbfd088078"
x-amz-version-id
sfFXS_T2xnmWSEq465t0jwRvvMpMdFXd
age
2463
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
INDZOQngsrWsC4/k5cqYWv7aB/cT6Kmwiv29v2dREet70vIpPOyWiFk3/61JSfLu2PNGy9jFDnI=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J93FJKDFVYFVRRFF
cf-ray
8e976901ce1a915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3770
server
cloudflare
x-amz-server-side-encryption
AES256
6717ff6eef813f4b10da7282_ThreatLocker_TrueCar_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
6 KB
6 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6717ff6eef813f4b10da7282_ThreatLocker_TrueCar_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64b9b5512f8e67dd2b9fdbcfda4e303ba6d62e473e93bd99d830cdb466da6972

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"601fe644d1f723fad9422b7066ce9315"
x-amz-version-id
a.7yplvzCRF_oH4rCB81L0Lv5QoED8mG
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Tue, 22 Oct 2024 19:39:27 GMT
vary
Accept-Encoding
x-amz-id-2
Hk/+RxD9c9mxoK+4SC022sq4GudxCtJhFRLMEQaKO1kTZ8pBSpQzKv/32W1gy1kl2JfAv13EWyk=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J938SXANW0G1F2D0
cf-ray
8e9769021e35915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5920
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f468214a1ec7f9356a7_ThreatLocker_Edeiman_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
2 KB
2 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f468214a1ec7f9356a7_ThreatLocker_Edeiman_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917326a239fe3354f27b6c6a50a9636d2024096dad68bd32ab47d5ae4364772f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"bfdba3894e543ab01b9b56493e6eccf4"
x-amz-version-id
Ha2ePQKqONSN9zjm_hp_nPouvp7aujGe
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
xpClX3GZDAI1nHfvud7Ob6QCsJvLEnH7Oa0+ymm3H1zIuiXFeSEH6MKWiklGMtg54e9ol1q6sX+TZgrjMnCA374GIlPymrmU
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QHC9MPPGPPSWKP
cf-ray
8e9769027e5f915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1908
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f465ecd593add736a58_ThreatLocker_Emirates_Flight_Catering.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
3 KB
4 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f465ecd593add736a58_ThreatLocker_Emirates_Flight_Catering.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d797e8fa32f31ca5cd0ab38265e89e2fd8e897aa2a78b9aa5e7fa833ebec2f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"d97c006d4678971bd8c4ac416964343b"
x-amz-version-id
p4tFLdbXMleLx5lQHnGmwGZM.c2XxHMi
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
2XJ5HtWzLnmuD9/aCSyrbiUnPgtut84umG4mpkBV715a44WxtBAftN8HRyF5pyuy5HQbNglVZKU=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QPM6ET9XR9CA0T
cf-ray
8e976904af48915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3522
server
cloudflare
x-amz-server-side-encryption
AES256
66fd7c267d3d66c057f05be4_ThreatLocker_Colts_Logo.png
cdn.prod.website-files.com/6356c441ce34029b327802bf/
3 KB
3 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66fd7c267d3d66c057f05be4_ThreatLocker_Colts_Logo.png
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ca50e012e955567701c20a079174bb733549084344d0f236b88f3eac231673

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"5990924bfad8852004772451cec47dae"
x-amz-version-id
ddvHhBk0eqsZMSaZiozkM85Fd6qfbNaT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/png
last-modified
Wed, 02 Oct 2024 17:00:23 GMT
vary
Accept-Encoding
x-amz-id-2
6Wq8SSEyYyV4dR6qfl1yWcQdN3U/GyFeAN08/Kt02kP2L9VQiixqsnQZycQlrPwlO3dnAtDhcFo=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QWNM2GB6GRBA0M
cf-ray
8e976904af49915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3053
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f461abd7d06ef382039_ThreatLocker_Hattiesburg_Clinic_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
8 KB
9 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f461abd7d06ef382039_ThreatLocker_Hattiesburg_Clinic_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1addf663fde1d5e2033df73efcc1573c4b6cf71331edf966476e5ade69f849

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"bfcd8203041da82143e863cbf4475245"
x-amz-version-id
4Tx5kyFbEUBBlhN.eG.dhlk5sZR_teES
age
2460
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
K0m6L0r2JorHHGZLVVh/lnGkqMvLs6yONEJzldvaEcDJvfoqyoOWO5upCXO2nCIyYJcH5kz5Nnk=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QTVPA4ZPSMVQG2
cf-ray
8e976904af4a915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8658
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f47341b93b6783cfda7_ThreatLocker_Orlando_City.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
2 KB
3 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f47341b93b6783cfda7_ThreatLocker_Orlando_City.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ae7a6cfade0e2cc1fa7a16973b3cf7575a28e827b6480f67273f8837ac250

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"7cb2b5a68e2643268e7900231e619f6b"
x-amz-version-id
UQfAF8jJwhjkI2F5Z9XpxHMdHh.bCf8E
age
2460
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:01 GMT
vary
Accept-Encoding
x-amz-id-2
ZrAcAYS16xNVUDkkrwEWLDolDwvbdEuz3W8Hg0wVyWSD5YPP1BN8/zYRuvsNyhP356GSB/TbmNw=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QGZQY36NCVJNW2
cf-ray
8e976904af4b915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2226
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f47ba60c206a5b69f4f_ThreatLocker_Universidad_Pontificia_de_Salamanca_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
8 KB
8 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f47ba60c206a5b69f4f_ThreatLocker_Universidad_Pontificia_de_Salamanca_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7c08bcbe41b9d24dd74cbb2ba16e1696f855d79e13813841f49b5adae7fadb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"172e92ab99cbfaed9955695d3319d55a"
x-amz-version-id
BSIX08Faa97n8A.FRv0q4uYPLTiD2Fwn
age
2460
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
flGX5HXvZs8p8dLMWUw/GEdpc03uxXU4TIAmba2uxR/jYyiT3vRdIazGAPiuXxl9d1WTwmu703ememQ+/kCPdDJbLgZyP5bm
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QYF72PXFD0V20E
cf-ray
8e976904af4c915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7742
server
cloudflare
x-amz-server-side-encryption
AES256
66fd7cc480b90d56cece50f0_ThreatLocker_UCF_Logo.png
cdn.prod.website-files.com/6356c441ce34029b327802bf/
3 KB
4 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66fd7cc480b90d56cece50f0_ThreatLocker_UCF_Logo.png
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561ef6a12462274fb0ac89f374525c2e3d63d58e1137543d39dc12aebcf19925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"f225a909a926bdd6bdce86f12ece1baf"
x-amz-version-id
367rrrDMebCWJzHzUx3EZyKOFOU3aQTJ
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/png
last-modified
Wed, 02 Oct 2024 17:03:01 GMT
vary
Accept-Encoding
x-amz-id-2
zo0im2pbZuRlpLkjYBjHHPSc1yQVIwveXmhNMZnx0161yJUTaiTZB/KObHLeCv5rxN+tCOaWCH31oOxQwHPmUCOd8zoyml1RPyQDLfI60p0=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QP2RGC249XKXFA
cf-ray
8e976904af4e915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3442
server
cloudflare
x-amz-server-side-encryption
AES256
66c787b3cd4b5fdec24d75ab_Huston_Rockets_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
3 KB
3 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c787b3cd4b5fdec24d75ab_Huston_Rockets_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6cff6bd6652ed8d9be9fae59c9d1b6b269464a7bcc9bbf8437668bbe0cc754

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"74b891dfd3922d4fbf52c9399ea820b1"
x-amz-version-id
tCPt4UPyOh9q9jhUvqli51RPcrVQeMdf
age
2460
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Thu, 22 Aug 2024 18:47:16 GMT
vary
Accept-Encoding
x-amz-id-2
XlGv3kXgCMQz7MrT/LCIh8VO+N8hs2lnnMuN/6F/uV1ieLgzlhGlwZNm32ynNB5RGz6JSfWPWdt5GFvuiOvb6oF3cnDlsXpA
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QXS8GJZF5ATTKJ
cf-ray
8e976904af4f915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2882
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f4678e2acca3d2f53b1_ThreatLocker_Magic_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
2 KB
3 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f4678e2acca3d2f53b1_ThreatLocker_Magic_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0def70734e71acc63e1abfbf063be6dc855f86c57336c9bbca76af81e58cb2fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"622ce42190d9caf834e7c9fea21b0382"
x-amz-version-id
Cf3TfqLXFuX65Qj77gYz3k0.LB1scYb6
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
CRvfu5aUmI99dGbMdnAzSiXFjijXGy1ZuzRkR5vHejo1h6j1R1UAGYH2oUrKkqDovmpLUg5eZNE=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QXM6N7Q75FTT9P
cf-ray
8e976904af50915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2522
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f476ad967355316d428_ThreatLocker_Arkansas_University_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
4 KB
4 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f476ad967355316d428_ThreatLocker_Arkansas_University_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca13c4b69af09a0c103bf2cf8c0e3b827a7b115cb29bd93418dfe1bc865adf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"db305e1b15428d6e58d353cacbe26ff5"
x-amz-version-id
KXQPo_30LMQhMCPsUCeNlM3yemVyl3Nu
age
2460
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:01 GMT
vary
Accept-Encoding
x-amz-id-2
ehIvjkN7HYrGvqfURdncyo5byK8TQhowwgtdnbaW79h0mKSeeXnxeXLwk2NGVc30w+ZLfS/jplULoLyVL7tdCHs14EPqDqnf
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QWZ2ANB9E2DVW2
cf-ray
8e976904af51915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4104
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f4715d6b2bf871406d1_ThreatLocker_Tafe_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
1 KB
2 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f4715d6b2bf871406d1_ThreatLocker_Tafe_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d031c0ff2571256126ff6c524d395ca2951b9a5f180d5f51f05b5e65bfb500f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"693fc8c6286d1c8974d083848c6ef8ef"
x-amz-version-id
1m.o9lwK0bZiG4ohbs5GpOZDvvxS6n31
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:01 GMT
vary
Accept-Encoding
x-amz-id-2
OGU1CB8BYmdva6Opp0jIJRcMz9K3KHsg3WSDFNqaYgNnlBUatPwImgQx9r4XcBpFIZQqQn8HkGw=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QKWAM6QDDD0AF6
cf-ray
8e976904af53915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1210
server
cloudflare
x-amz-server-side-encryption
AES256
66c36f471abd7d06ef3820fd_ThreatLocker_Port_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
7 KB
8 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66c36f471abd7d06ef3820fd_ThreatLocker_Port_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c874f6443d85ad84747dc55b329d1d5d6c35568e83f14b86e7c3678b223a7ce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"d8d32b0f4da8674226b51d620ccfdbb7"
x-amz-version-id
rqbTF2fc_iTVhsfVEvAKiW8R3mS.XxXR
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/webp
last-modified
Mon, 19 Aug 2024 16:14:00 GMT
vary
Accept-Encoding
x-amz-id-2
kxMcSkuCeUED7fUsx7s1rX/S2VFTp2BeVtu7pg84/PuHxXBFLgbqn6VZKUEfIZiHlMtlCxn/50FBuzc2qM9ooW+ueaUXaebQmR+9SXRRY0g=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J6QVYXHKA8X8XED3
cf-ray
8e976904af54915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7348
server
cloudflare
x-amz-server-side-encryption
AES256
platform.js
static.elfsight.com/platform/
48 KB
17 KB
Script
General
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding
gzip
cf-cache-status
HIT
etag
W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
age
376
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:19 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 05:32:12 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
strict-transport-security
max-age=0
cache-control
max-age=3600
x-amz-request-id
tx00000d797d33e02ff378d-00672a0042-6afdf658-sfo2a
cf-ray
8e976905ba1065c2-FRA
server
cloudflare
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
32 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6356c441ce34029b327802bf
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
7788
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
OLkij6qum-4mcZeKjyj6qPzlxR5AZ_8R4yip7NpIua2iQ9bzg7vfGw==
date
Thu, 28 Nov 2024 01:43:31 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
accept-encoding
cache-control
max-age=84600, must-revalidate
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P11
server
AmazonS3
tl-build.9ead85674.js
cdn.prod.website-files.com/6356c441ce34029b327802bf/js/
1 MB
323 KB
Script
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/js/tl-build.9ead85674.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0449f4ca93bed32017f6d4885c42281392d7ec1f1dc60d55117cca802dc0f9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4dc8babc1e9370e4d5afd3ea931ad309"
x-amz-version-id
r9iojyaXMxOBZd0cvGABnd5wN0jT9O9i
age
505
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 22:09:56 GMT
vary
Accept-Encoding
x-amz-id-2
LWj0Z41NnCWFTgTs35vhrbad2jyfrzm8hD4G6Y0IOPeltI0uMas2BYUcABExNgBlXaUH8OZOcAU=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
J932EZ567RQQRP10
cf-ray
8e9769035eb0915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
330723
server
cloudflare
x-amz-server-side-encryption
AES256
store_utm.min.js
static.threatlocker.com/script/
2 KB
2 KB
Script
General
Full URL
https://static.threatlocker.com/script/store_utm.min.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:1a00:7:cc21:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75ac005172f77cdc62355c9b52efb64a470ae2facb10f7cdbd98cd68b4ba2792
Security Headers
Name Value
Content-Security-Policy default-src
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-amz-version-id
5hx1IlkfaPh_zsEgUb3JpRUkkMFeLGqW
etag
"3bb7be755e4354a3b8265e7f42974b84"
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
YeP3QB6vp2XP0livNMvlJweLZK-KmlmeuFW6sb6os0Ze3PZI6spueg==
date
Thu, 28 Nov 2024 03:53:20 GMT
content-type
application/javascript
last-modified
Fri, 29 Sep 2023 19:58:10 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
default-src
referrer-policy
strict-origin-when-cross-origin
via
1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1541
x-xss-protection
1
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
jquery-3.6.4.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15ec3"
age
2124603
x-cache
HIT, HIT
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
141, 14648
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21953-LGA, cache-cph2320040-CPH
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732765999.737069,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
31011
server
nginx
formsubmit.js
cdn.jsdelivr.net/npm/@finsweet/attributes-formsubmit@1/
9 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@finsweet/attributes-formsubmit@1/formsubmit.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40c284ef78e409dea6ccda1e7aea491b071fe8f8d01c562b1585b2e6918f2a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"226f-uaBN6R/7274Rn+dghEsiNkTp4Vc"
age
36542
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9q%2BDWL22RTlS6%2B2GZ20eydoIQVA9nFG1Ff9K6g9KsxayFY4yy3AOpMYfAHSrWgsce%2BPL5iAy4%2FOcmPgZ4BMxqysrOsXyrP7WQUVoYFRc3AlPJT6kyTeCUspezC%2FbFpfpUW5wRPi0CSzBB2y1jE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220022-FRA, cache-lga21974-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9769059cf4daff-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3616
server
cloudflare
x-jsd-version
1.4.1
multi-step.js
cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/
144 KB
29 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/videsigns/webflow-tools@latest/multi-step.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21195d829e0627ea8c89902db814682c32563a1eec9d87c33bfd6ed94ed9ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"23f45-tszeA4lNa/eVzNHGaW+QNTFs7PM"
age
10992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2csIpPehDd8H8C5tsq0Yn3dhGdlNkU4sQJ3jVmRq6huSKwikjXSiubDHi9t9y3yjtxegkey26jKUZF%2FEwzCRM1JEAACaDXF3B63FmqLmyCSF%2Bort1abR8%2BaKvVeGuRaCnBv0uxiP5bh1ceUTIU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
MISS, MISS
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220039-FRA, cache-lga21939-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9769059cf5daff-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
28584
server
cloudflare
x-jsd-version
3.6.51
form-124.js
hubspotonwebflow.com/assets/js/
10 KB
3 KB
Script
General
Full URL
https://hubspotonwebflow.com/assets/js/form-124.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"392ca1f460caa2aa9439969a89f31c13"
age
1173443
x-matched-path
/assets/js/form-124.js
access-control-allow-origin
*
date
Thu, 28 Nov 2024 03:53:18 GMT
content-disposition
inline; filename="form-124.js"
content-type
application/javascript; charset=utf-8
server
Vercel
last-modified
Wed, 13 Nov 2024 15:18:09 GMT
x-vercel-id
fra1::mrgxb-1732765998896-0fe8f4627337
css
fonts.googleapis.com/
88 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6842efb6422a86912eff57b2b0b534175c9ee443bd887378557d673620a804bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 28 Nov 2024 03:28:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://fonts.googleapis.com/

Response headers

age
110108
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 21:18:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:18:10 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/
49 KB
49 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://fonts.googleapis.com/

Response headers

age
189196
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 23:20:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 23:20:02 GMT
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50296
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://fonts.googleapis.com/

Response headers

age
133905
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 14:41:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 14:41:33 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v29/
39 KB
39 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://fonts.googleapis.com/

Response headers

age
578121
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 11:17:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 11:17:57 GMT
last-modified
Wed, 06 Nov 2024 17:30:50 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39608
x-xss-protection
0
server
sffe
6si.min.js
j.6sc.co/
68 KB
19 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/506cb44c-866d-46a3-8f40-02bab25016ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d5ecf2f6d5b7937dd1aa50165b89193436347d55cb130951d41e028b1f09d3af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
private, proxy-revalidate, max-age=10800
content-encoding
gzip
etag
"66fb91ae-111bb"
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 06:53:18 GMT
accept-ranges
bytes
content-length
18819
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
last-modified
Tue, 01 Oct 2024 06:07:42 GMT
gtm.js
www.googletagmanager.com/
345 KB
115 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
405a7cd06553439241a451a1737af5387151199a5642fbc99dd44eb7cfa605a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 28 Nov 2024 03:53:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
116703
x-xss-protection
0
server
Google Tag Manager
p.css
p.typekit.net/
5 B
174 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=wpr3nqk&ht=tk&f=139.169.173.175.176.5474.5475.25136&a=95479717&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wpr3nqk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"6649f74c-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
text/css
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16560
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"e054ee68ef06f627cc7e34fb951cfa3a80cc5aa0"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16744
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16832
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/font-woff2
server
nginx
63eebaf42d2925e34203e31a_logo-white.svg
cdn.prod.website-files.com/6356c441ce34029b327802bf/
5 KB
2 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/63eebaf42d2925e34203e31a_logo-white.svg
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfdaf1ae3fe702746d6a8ef59197245a12742efb2bf34adba19f20d7779cd8b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"051fdc1836b16f97b0ace8bfb7fccdf8"
x-amz-version-id
422wPwtC4bxhq8QGFEoHxTCaS1WrXuFa
age
2464
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
image/svg+xml
last-modified
Thu, 16 Feb 2023 23:23:33 GMT
vary
Accept-Encoding
x-amz-id-2
B8afJxRsQcEgfnnBU55cTF1/L6c2reRJA+QngqTSTuHlgh/374lo8XWFEP550Ue9yoc4UE1h7cg=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
J9318GWKB50HZECS
cf-ray
8e976904df62915e-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
media.html
cdn.embedly.com/widgets/ Frame F9DC
0
0
Document
General
Full URL
https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F_E_DWY0Ncq0%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D_E_DWY0Ncq0&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F_E_DWY0Ncq0%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.90.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.threatlocker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
HIT
CF-RAY
8e976905a9ef58f0-TXL
Cache-Control
public, max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Nov 2024 03:53:19 GMT
Expires
Thu, 28 Nov 2024 03:58:18 GMT
Last-Modified
Fri, 22 Nov 2024 00:42:54 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
tbaVCNLSs9llfLTIrg/NLTXx196AMYbf4htPwFcaawofFMjRoVUuLm1th/7vZQD2wFhK4t3Mo76VjZkn7MuXkHEGCucvys/s
x-amz-request-id
F14WC3WSNNGBKA36
x-amz-server-side-encryption
AES256
x-amz-version-id
n6xZN.dP21.A1KrjHZtyOt9L9louK_mj
6446a789736ef701c26e59fe_fa-solid-900.woff2
cdn.prod.website-files.com/6356c441ce34029b327802bf/
313 KB
313 KB
Font
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/6446a789736ef701c26e59fe_fa-solid-900.woff2
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.aa480dc9e.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0fd7653283e19ac86a3245bfd82feab6bc58794511975e68af222fa3800e455

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/css/tl-build.aa480dc9e.min.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"9966f4967759f0a0e24b33218c42a89b"
x-amz-version-id
fJ2FZ_3Vnkq01Qu_yfEAAHvYLMFrQycM
age
505
access-control-allow-methods
GET, HEAD
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/octet-stream
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 24 Apr 2023 16:03:07 GMT
x-amz-id-2
zGrQclFggeOIjhBE6Zrmhaam+Ym90pHSl+WvSsD+5UV2vl3VKhj2u+lsgLmohPpYAJoOtyHkxUc=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
596C82E92198N7Z4
cf-ray
8e9769059896372c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
320080
server
cloudflare
x-amz-server-side-encryption
AES256
l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n3&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"f72012c08a11a2b44b8e4fe91c5042bc39decdd0"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16488
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/font-woff2
server
nginx
644fe44697c8aba8ca1ea70c_Hamburger%20Menu_v2.json
cdn.prod.website-files.com/6356c441ce34029b327802bf/
6 KB
1 KB
XHR
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/644fe44697c8aba8ca1ea70c_Hamburger%20Menu_v2.json
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6356c441ce34029b327802bf/js/tl-build.9ead85674.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d8216551a0974e16d1792fee6d9d9feee0b2470ed93a20b35dd0e1e9954a97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-max-age
3000
content-encoding
br
cf-cache-status
HIT
etag
W/"9afdc3b8fbd04f96d02c35cc6c55ed0f"
x-amz-version-id
DBjVZREzo2sJB.6.aC9SepijVH_jsb70
age
505
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:18 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Mon, 01 May 2023 16:09:43 GMT
x-amz-id-2
jYjCeVl0gRDaUYj8av26lrORbgHE5wahHX5Vu0hR17rSkoiPos+e7sfzOspE1cF53dZ+QuUFa6o=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
W8RV7RJK5FPVSD8E
cf-ray
8e9769059894372c-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
663903f26b984439f5554d40_Ringfencing%20Light-p-500.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
5 KB
6 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/663903f26b984439f5554d40_Ringfencing%20Light-p-500.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae80b087e66059cb3de415d523ab7d6111ad26f88b8371e5d7a2bfe46527262

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"a346fc519bd251d13b9947703c34546f"
x-amz-version-id
V9YOvt_Bme4lu7CIFKuDtZHOvJ5fRBy1
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
image/webp
last-modified
Mon, 06 May 2024 16:23:16 GMT
vary
Accept-Encoding
x-amz-id-2
87HDP9QZLjH95DlCV0+V0N+tBohcFWzxZGWXug9A9VaHM4DqpPX4UkYkRvC5/iJiD8tH/3+YKztISfzFatPZpw==
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
JNJTH5AGY2VFRCBK
cf-ray
8e976905afbf915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5550
server
cloudflare
x-amz-server-side-encryption
AES256
66be68dd63342bd627676e6e_ThreatLocker_Wordmark_Logo.webp
cdn.prod.website-files.com/6356c441ce34029b327802bf/
2 KB
3 KB
Image
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66be68dd63342bd627676e6e_ThreatLocker_Wordmark_Logo.webp
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6e1a541ddafad69e880e9cbe06b509bc0513484219fe49fdad34ce84acf9b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"a0c74b4fb4c9fa5305b5d9cf3f3750b6"
x-amz-version-id
.8JwUqgH8oYVfILW4N9.o84JsiPpTjli
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
image/webp
last-modified
Wed, 21 Aug 2024 19:21:56 GMT
vary
Accept-Encoding
x-amz-id-2
QRRXkdpAj09WvA7nchoU66C/OOl8NTjpShgOjb1JfaaBZWP5q0ewVl5VF4D2bcn42MhsH/UUo78=
cache-control
max-age=84600, must-revalidate
x-amz-request-id
JNJGA45Z25SG8T9H
cf-ray
8e976905afc0915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2468
server
cloudflare
x-amz-server-side-encryption
AES256
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
age
3316
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 02:58:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 02:58:03 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption&scrsrc=www.googletagmanager.com&frm=0&rnd=1037468828.1732765999&auid=1280589782.1732765999&npa=1&gtm=45He4bk0v9115913288za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732765999183&tfd=2429&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

js
www.googletagmanager.com/gtag/
413 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08b3edc23cd5b96a6e98d0498a6e71b938a2e3d28a8c81699ab032b07ab8708a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 03:53:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135268
x-xss-protection
0
server
Google Tag Manager
7f7c58ff8d6644687bb2be95293940a7.js
d.rageagainstthesoap.com/i/
108 KB
40 KB
Script
General
Full URL
https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5400:7:4902:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
dfd666152add69ae697218ce9fd38254a063a57cffdaeb60d5b47615bcfb836f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
"1b155-aPUrBiBqR/GVQ1BvG+3l6K3kwNU"
age
35696
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
expires
Thu, 28 Nov 2024 05:58:23 GMT
x-cache
Hit from cloudfront
content-length
40537
x-amz-cf-id
1pbTPuzRKGH7mXZP3A6zvj5PMQZZVjScq-mSX_rzoUYJASkjgP4TdQ==
date
Wed, 27 Nov 2024 18:00:21 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Caddy
x-amz-cf-pop
FRA56-P2
3949713.js
js.hs-scripts.com/
1 KB
959 B
Script
General
Full URL
https://js.hs-scripts.com/3949713.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150916033af38423bed2ceec02d87a9cfa166f89fd72d5104cf2d22237a93bb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:54:49 GMT
date
Thu, 28 Nov 2024 03:53:19 GMT
x-hubspot-correlation-id
12659cb8-b69a-4664-8449-7d96a5dbf69f
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Thu, 28 Nov 2024 03:53:19 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8e976907df74dc98-FRA
accept-ranges
bytes
access-control-allow-origin
https://www.threatlocker.com
content-length
579
server
cloudflare
lftracker_v1_kn9Eq4RjeBl4RlvP.js
sc.lfeeder.com/
32 KB
12 KB
Script
General
Full URL
https://sc.lfeeder.com/lftracker_v1_kn9Eq4RjeBl4RlvP.js
Requested by
Host: ct4vs04.na1.hubspotlinks.com
URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4c00:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15baf5bfb9508a79a17a3403bb340910dda9181710de3cc7b861bbb83deffcd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
x-amz-version-id
WjDX0h1D4111XirsXGtYqgUdzoPUY7.v
etag
W/"2b9f80fded43159513635ebc6f818686"
age
2459
x-cache
Hit from cloudfront
x-amz-cf-id
_F06lOwSVh_Ub47eay6NFqRB9oplQsLMK_Gvv9oQ75yLEUIlSOYZKw==
date
Thu, 28 Nov 2024 03:12:21 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Thu, 10 Oct 2024 07:25:33 GMT
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
5279.js
tracking.g2crowd.com/attribution_tracking/conversions/
2 KB
2 KB
Script
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/5279.js?p=https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter&e=
Requested by
Host: ct4vs04.na1.hubspotlinks.com
URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d5336ec684c3ab573bc2677aec9563703f283a08a516116715091312f6e506c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
text/javascript;charset=UTF-8
content-disposition
inline
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8e976907cd501c3a-FRA
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=42549
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Thu, 28 Nov 2024 03:53:19 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
sup.min.js
cdn.jsdelivr.net/gh/gkogan/sup-save-url-parameters/
800 B
904 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/gkogan/sup-save-url-parameters/sup.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce82b4ceba8d24e7d6fce5422980df77d9d246a1cc7d87b1e2a35f9d4143e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"320-6xK3t6Qb4uqG/vGj3sKpmBu/CtQ"
age
10720
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WS7CycA6Uj8LK9qerKr3Z6uBxnc3eHepl9X9wmPFSf9Qk%2Bvnaou2X%2F%2F9hQJ%2BwjNBW%2FS0hwuJ4t0NRnrhh0wcuOwxArX%2BVO3jDuJU309R6hL4gZtIS7UNaxEWE4hdN8D9bKJULMoU24yNdyroiiI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220144-FRA, cache-lga21921-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e9769074ebedaff-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
497
server
cloudflare
x-jsd-version
master
pixel.js
www.redditstatic.com/ads/
43 KB
13 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Thu, 28 Nov 2024 03:53:19 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/
50 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9BA3BE8DC16049C4AF23CF419C38D2C9 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:19Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
tracker
www.influ2.com/
5 KB
2 KB
Script
General
Full URL
https://www.influ2.com/tracker?clid=087a6b34-4416-4bb1-8253-c5e09162b66c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
706461e62ca1fa001c4c239f8b4de231ad4cf6ecc40fecd9ce0d6db360a40a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
DENY
e0y38b0sji
www.clarity.ms/tag/
622 B
879 B
Script
General
Full URL
https://www.clarity.ms/tag/e0y38b0sji?ref=gtm2
Requested by
Host: ct4vs04.na1.hubspotlinks.com
URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
337ad678562cb9e0c0cdc7f729720c7f242ca0fdf4b0162f5039ccf96cb0719d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
622
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/x-javascript
x-azure-ref
20241128T035319Z-r17f8d897ffwwz5chC1FRA4ng40000000mbg000000001rdf
tracker.iife.js
assets.apollo.io/micro/website-tracker/
3 KB
2 KB
Script
General
Full URL
https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=np1jk9
Requested by
Host: ct4vs04.na1.hubspotlinks.com
URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:27d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=I3tUEw==, md5=SC6zvnW2DshviOm8MzN+iA==
etag
"482eb3be75b60ec86f88e9bc33337e88"
age
83775
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Thu, 27 Nov 2025 04:37:04 GMT
x-goog-stored-content-length
1168
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript
last-modified
Mon, 12 Feb 2024 19:05:14 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5RcsZyXJMUDB4Ejtxeriy8tX2r9TKFh5eRLECv9Cr711oBkOzw6LcGY6e5HMTpJExRd2rtG0wiYg
cache-control
public, max-age=31452225
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e9769092febbbc1-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1707764714580510
content-length
1168
server
cloudflare
ping.min.js
pixel.byspotify.com/
22 KB
22 KB
Script
General
Full URL
https://pixel.byspotify.com/ping.min.js
Requested by
Host: ct4vs04.na1.hubspotlinks.com
URL: https://ct4vs04.na1.hubspotlinks.com/Ctc/ZR+113/ct4vS04/VWLmjx4-b8M5W8xLZ493McMNBW4-ljtc5nW2K8N8JCsCz5nXHsW50kH_H6lZ3m2V-ZHJP2ZwMFDW1dBJ_44L1GnBW5sn67f8Xq1gbW7sygv45hg6_NW2FRbfL4SDTNmW6-m04b9ldJPtW1t8yb390SMj8W5576dd2sGLlNW8nQLsK2k-Bh6W7yTs082KssjFW4X-SGn1PVcW2W6lxBGW3zFcbdW96m1-P7239KGW1HHMkK4QyHqwW2JHQDN8WFw_hW514YwB8kyP35W3THlhv13B7KQW1WfR6Q8xXq6qW4hx6wP5sDs-yW1MG1d98s9jkKV40FYZ8HCY2zW17wBgx20f3CrVBT73H85_GN0W61MM9b3jf6lMW65LMVf381BxJW824Lzm15JSXhW7dfRS778NFq4W2Rbv5023C94QW2sdY3n4rlv6sW6qP_151c92G8W1zC6Rc6kK-V3MlBW69GhbFld1Qxxj04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.162.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
age
3492
x-goog-stored-content-encoding
identity
expires
Thu, 28 Nov 2024 03:55:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22096
date
Thu, 28 Nov 2024 02:55:07 GMT
last-modified
Tue, 25 Jun 2024 13:55:33 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC6MKMCgDSRLpRDY1iz50Z5H4tAB4LTvY_e_EEPikKsyRZnG_qy5PyVSKt2-rEPtdV0xwqpNLLrFqg
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1719323733334567
content-length
22096
server
UploadServer
up_loader.1.1.0.js
js.adsrvr.org/
15 KB
467 B
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01a0567df178f4841a6288926e99a3b74a974d9a94f9643893fb9f9a9e44e72f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

Content-Type
application/javascript
Content-Encoding
gzip
ETag
W/"ca10a83376fd9bc0ab90281b9867f488"
Age
75876
Via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
yGs4eBhtTBCERFB96qRNrXdnA8wf1OpQV87LwPHYN9ZeVPChOlvpdQ==
Date
Wed, 27 Nov 2024 06:48:44 GMT
Last-Modified
Mon, 25 Nov 2024 06:48:02 GMT
Vary
accept-encoding
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
x-amz-server-side-encryption
AES256
/
paapi1411.d41.co/sync/
0
473 B
Script
General
Full URL
https://paapi1411.d41.co/sync/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.44.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-44-33.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
cache-control
no-store
pragma
no-cache
expect-ct
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://www.threatlocker.com
date
Thu, 28 Nov 2024 03:53:19 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame A022
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.threatlocker.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
479298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Nov 2024 14:45:01 GMT
expires
Sat, 22 Nov 2025 14:45:01 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame ABF2
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbJwMpAAAAAGu0MJHvjIzZby3niJ0Lrv7VDXvH&co=aHR0cHM6Ly93d3cudGhyZWF0bG9ja2VyLmNvbTo0NDM.&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=ilu2f73gi8o0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zCRi_iK-nCo6rF057xA2_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.threatlocker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zCRi_iK-nCo6rF057xA2_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 03:53:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1GW8T9MYPR&gtm=45je4bk0v9123343682z89115913288za200zb9115913288&_p=1732765998616&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1509982349.1732765999&ecid=576117196&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1732765999&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&dt=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2742
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.threatlocker.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
550 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1GW8T9MYPR&cid=1509982349.1732765999&gtm=45je4bk0v9123343682z89115913288za200zb9115913288&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.threatlocker.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1GW8T9MYPR&cid=1509982349.1732765999&gtm=45je4bk0v9123343682z89115913288za200zb9115913288&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1768134690
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 28 Nov 2024 03:53:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
config
pixel-config.reddit.com/pixels/t2_1nycqv2/
3 B
125 B
XHR
General
Full URL
https://pixel-config.reddit.com/pixels/t2_1nycqv2/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/json
t2_1nycqv2_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
701 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_1nycqv2_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/
42 B
638 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1732765999511&id=t2_1nycqv2&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=db73b009-5dfe-447d-a870-31a11286ca06&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
image/gif
server
Varnish
counter
videsigns-staging.co.uk/
20 B
184 B
XHR
General
Full URL
https://videsigns-staging.co.uk/counter
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.232.14.252 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-232-14-252.ap-south-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
954bd2f43df10343b52ba245c6d3bafd9978bde46a691bf69921d1479203b5b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.threatlocker.com/

Response headers

access-control-allow-origin
*
content-length
20
date
Thu, 28 Nov 2024 03:53:20 GMT
etag
W/"14-6PKJ0XmRf2XatBWA02iTgOVoT/k"
content-type
text/html; charset=utf-8
x-powered-by
Express
server
nginx
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16880
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
17212
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/40d372/00000000000000007735e607/30/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/40d372/00000000000000007735e607/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i3&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
0ac75b515902d4a9c871724d8da779aaf77108660db9987a1fe1ab789ac95d4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"916ef3d33f48ba3f0537bae74184b159347fff5f"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16988
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/23e139/00000000000000007735e605/30/
16 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.threatlocker.com
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"464e80c81dc664a05b42585c76719dbf06e6c621"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16720
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/font-woff2
server
nginx
/
api.ipify.org/
21 B
318 B
Fetch
General
Full URL
https://api.ipify.org/?format=json
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bae710aac737ee681f8c26f2f3e85f2190030effb66046f95c6db008f46c298

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8e97690a8eace52a-TXL
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=39737&min_rtt=34165&rtt_var=14350&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4043&recv_bytes=2305&delivery_rate=112592&cwnd=254&unsent_bytes=0&cid=78d6940bd0dab03c&ts=241&x=0"
content-length
21
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/json
vary
Origin
server
cloudflare
jquery.fancybox.css
c.sproutvideo.com/lightbox/
5 KB
2 KB
Stylesheet
General
Full URL
https://c.sproutvideo.com/lightbox/jquery.fancybox.css
Requested by
Host: c.sproutvideo.com
URL: https://c.sproutvideo.com/lightbox/v1.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab949277323a943806e144f96d076da2fdaca8d53c6289017ca1e933ab77227d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
etag
W/"fac0d4c3355a9750ba303ee938546890"
age
2212
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
UKR_6e17pGKN59jKQ7MOcsfUnb8Fc_zoj13VY7AGoez5cHrF6gWe8A==
date
Thu, 28 Nov 2024 03:16:52 GMT
content-type
text/css
last-modified
Thu, 14 Apr 2016 04:04:23 GMT
vary
accept-encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public,max-age=3600
referrer-policy
strict-origin-when-cross-origin
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P2
server
AmazonS3
/
px.ads.linkedin.com/wa/
0
651 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.threatlocker.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 248F7AF5517641E896B322919E8EFCE6 Ref B: DUS30EDGE0907 Ref C: 2024-11-28T03:53:19Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYn8QXmTkOEMc0hoC1IOQ==
x-li-proto
http/2
access-control-allow-origin
https://www.threatlocker.com
x-cache
CONFIG_NOCACHE
x-li-source-fabric
prod-lva1
date
Thu, 28 Nov 2024 03:53:19 GMT
vary
Origin
api.js
challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8e97690b3f90e52a-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 17:58:42 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/a6e12e96a2d5/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8e97690a5e72e52a-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 03:53:19 GMT
vary
Accept-Encoding
server
cloudflare
banner.js
js.hs-banner.com/v2/3949713/
71 KB
26 KB
Script
General
Full URL
https://js.hs-banner.com/v2/3949713/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3949713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d21e4a2e9c745c835629ae31df9b47500fdb515fc70226f94a9c7a8434701c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
bda45755-af8c-4e4b-bd0e-c23d10a6475e
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2bef80763cbbe4b381dc657f845208b5"
x-amz-version-id
FK5YQYSp1TbQRw8ky.qnilTbEB9sjykw
age
175
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Thu, 28 Nov 2024 03:55:24 GMT
x-evy-trace-listener
listener_https
date
Thu, 28 Nov 2024 03:53:19 GMT
x-hubspot-correlation-id
bda45755-af8c-4e4b-bd0e-c23d10a6475e
content-type
text/javascript; charset=UTF-8
last-modified
Mon, 04 Nov 2024 19:38:55 GMT
vary
origin, Accept-Encoding
x-amz-id-2
vPLl4O9TnjTY3NkepS/k+O7Ur6aGiACQyTJ7JAB0EGX8HwqcAhGnO6hm7h1praLfCKvuqB+meX4=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-6l8d4
x-envoy-upstream-service-time
92
access-control-allow-credentials
true
x-amz-request-id
4WT040XACG24PBNR
cf-ray
8e97690b0eced289-FRA
access-control-allow-origin
https://www.threatlocker.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
fb.js
js.hsadspixel.net/
6 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3949713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a102aed533390e53f0c3da4a28fd5a0c882afb2d67abd36ae78e418f2d9e5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
b0d015ac-c54c-4720-b7b1-f1e8e78a2af5
content-encoding
gzip
cf-cache-status
HIT
etag
W/"55c50075baa1fb358695bac6a8ac3254"
x-amz-version-id
kgaFlO84ZW6ILlAzIV38LNI2_mvTYgv6
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
395
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
btEuZWmI9pL7Yx7E_CUaTEEQu-NyHDdIoEF4fSuSCsLGawnTXIY7CQ==
date
Thu, 28 Nov 2024 03:53:19 GMT
x-hubspot-correlation-id
b0d015ac-c54c-4720-b7b1-f1e8e78a2af5
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Nov 2024 18:45:45 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-mcbqq
x-envoy-upstream-service-time
1
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.833/bundles/pixels-release.js&cfRay=8e9455beefddb1c7-WAW
via
1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
cf-ray
8e97690b0e1165cb-FRA
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
adsscriptloaderstatic/static-1.833/bundles/pixels-release.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
3949713.js
js.hs-analytics.net/analytics/1732765800000/
68 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1732765800000/3949713.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3949713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11fe6747cb5b2ab3c1cb90a2e40157fd8231b366126e65cda66d476fe7a67250

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
1c139336-535d-4179-ba42-15c7c3f9a546
content-encoding
gzip
cf-cache-status
HIT
etag
W/"0bc6d258f78e5fbc184f601417afc133"
x-amz-version-id
null
age
127
expires
Thu, 28 Nov 2024 03:56:12 GMT
x-evy-trace-listener
listener_https
date
Thu, 28 Nov 2024 03:53:19 GMT
x-hubspot-correlation-id
1c139336-535d-4179-ba42-15c7c3f9a546
content-type
text/javascript
last-modified
Mon, 04 Nov 2024 19:39:45 GMT
vary
origin, Accept-Encoding
x-amz-id-2
wz8PmbkrEH0mByHMpbwnF9NUuE2gjZ3RS9pMiju0aJQZ8MWrj8t9KbbV9giGHiKtRndZY2wK3U0=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ng79d
x-envoy-upstream-service-time
20
access-control-allow-credentials
false
x-amz-request-id
0AV11TXKQ73R3N5V
cf-ray
8e97690ab8731e53-FRA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
/
t.influ2.com/u/
63 B
339 B
Fetch
General
Full URL
https://t.influ2.com/u/?cb=1732765999611
Requested by
Host: www.influ2.com
URL: https://www.influ2.com/tracker?clid=087a6b34-4416-4bb1-8253-c5e09162b66c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.110.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.110.117.34.bc.googleusercontent.com
Software
nginx/1.25.5 /
Resource Hash
27e75bea9cadb79d6da51b077e5711d96e20af06b5fc9376da6c1b41ce07e477

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.threatlocker.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
text/plain; charset=utf-8
server
nginx/1.25.5
attribution_trigger
px.ads.linkedin.com/
2 B
815 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&tm=gtmv2
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.threatlocker.com/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
000627f105e75d47bbbca6f4283da2d3
x-msedge-ref
Ref A: 23B6F2C6530D4E3EBB9F0823BC394E81 Ref B: FRAEDGE1507 Ref C: 2024-11-28T03:53:19Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYn8QXnXUe7vKb0KD2i0w==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_mediu...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medi...
0
267 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&tm=gtmv2&e_ipv6=AQK9vSPI7HE3_QAAAZNw5uMD-g6aNj7cfZZKaozj_Q2CSghmEIvDg69MOI4s_E1EFXU7Qpr2
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 45B59E98074A4EE6A88DA1E7FED42F30 Ref B: FRAEDGE1915 Ref C: 2024-11-28T03:53:20Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYn8QXsIfftx+l++U825Q==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2782332&time=1732765999638&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&tm=gtmv2&e_ipv6=AQK9vSPI7HE3_QAAAZNw5uMD-g6aNj7cfZZKaozj_Q2CSghmEIvDg69MOI4s_E1EFXU7Qpr2
x-msedge-ref
Ref A: 17A837B6DC6A4C66AA483B3AB3634270 Ref B: DUS30EDGE0907 Ref C: 2024-11-28T03:53:19Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYn8QXmrIJyiBGdWfnfLA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Thu, 28 Nov 2024 03:53:19 GMT
assign
tracking.g2crowd.com/attribution_tracking/conversions/
0
0
Ping
General
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5279.js?p=https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarysVRkqtEcmY3A4ZxM
Referer
https://www.threatlocker.com/

Response headers

136027538.js
bat.bing.com/p/action/
2 KB
985 B
Script
General
Full URL
https://bat.bing.com/p/action/136027538.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ec4206effe279a091df26765f1dc2aea25b84b88f443a81051db6fcc202e488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E46EED45AA124BBF98D29142769022A9 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:19Z
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
tr.lfeeder.com/
43 B
339 B
Image
General
Full URL
https://tr.lfeeder.com/?sid=kn9Eq4RjeBl4RlvP&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLTFHVzhUOU1ZUFIiXSwiZ2FDbGllbnRJZHMiOlsiMTUwOTk4MjM0OS4xNzMyNzY1OTk5Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjQuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cudGhyZWF0bG9ja2VyLmNvbS9zdG9wLXJlbW90ZS1lbmNyeXB0aW9uP3V0bV90ZXJtPXdhdGNoLXZpZCZ1dG1fY2FtcGFpZ249bG4xJnV0bV9tZWRpdW09ZW1haWwmX2hzZW5jPXAyQU5xdHotX0I0QUlmVGRVTUZoZDllSm5MZkoxck9TMllNeG55LUcxOGdVSzlpU2pQYnpaT1F2NUdXVnlJbHdGVEg3OTdRZnE5MVREbWFZLWpmbmk1UGloZ1VLNDNpemowbEEmX2hzbWk9MzM1OTI4MDI0JnV0bV9jb250ZW50PWhvdy10by1zdG9wLXJlbW90ZS1lbmNyeXB0aW9uLXVzaW5nLXRocmVhdGxvY2tlciZ1dG1fc291cmNlPW5ld3NsZXR0ZXIiLCJwYWdlVGl0bGUiOiJIb3cgdG8gc3RvcCByZW1vdGUgZW5jcnlwdGlvbiB1c2luZyBUaHJlYXRMb2NrZXIiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjZhNGZmODdlZDNiNTRiMWMiLCJzY3JpcHRJZCI6ImtuOUVxNFJqZUJsNFJsdlAiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjgzYTE5MmU1YzUyOWFiNmQuMTczMjc2NTk5OTY4MiIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJzcGEifQ==
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-30.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cross-origin-resource-policy
cross-origin
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-cache
LambdaGeneratedResponse from cloudfront
content-length
43
x-amz-cf-id
yv0iZULafOh52bGhw-pFZV9o8-EwehL7BKgcIzm8OTuSNY3D2SobCA==
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
image/gif
x-amz-cf-pop
FRA56-P5
server
CloudFront
vary
Origin
track_request
aplo-evnt.com/api/v1/intent_pixel/
0
0
Fetch
General
Full URL
https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=65e1978a960c2c06e05043d6
Requested by
Host: assets.apollo.io
URL: https://assets.apollo.io/micro/website-tracker/tracker.iife.js?nocache=np1jk9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.133.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=3600
x-transaction-id
cabb597d2dbc2ba6a84dcd65fb47f316
access-control-max-age
7200
cache-control
no-cache
content-security-policy
frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn *.salesforce.com *.lightning.force.com
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
via
1.1 google
status
204 No Content
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:20 GMT
vary
Origin
server
nginx
x-frame-options
ALLOWALL
track_request
aplo-evnt.com/api/v1/intent_pixel/ Frame
0
0
Preflight
General
Full URL
https://aplo-evnt.com/api/v1/intent_pixel/track_request?app_id=65e1978a960c2c06e05043d6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.133.146 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
146.133.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.threatlocker.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-length
0
date
Thu, 28 Nov 2024 03:53:19 GMT
server
nginx
status
200 OK
via
1.1 google
ct
en.rageagainstthesoap.com/
6 KB
2 KB
Script
General
Full URL
https://en.rageagainstthesoap.com/ct?id=27762&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1732765999824&hl=2&op=0&ag=4270235709&rand=73120976202189078727061827650612148872380610725321650011926663518168999817806610980819&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDU1MDVdLFsiYWJuY2giLDIwXSxbLTgsIi0iXSxbLTEyLCJudWxsIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMTAiXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTY1LCItIl0sWy0xLCItIl0sWy0yNSwiLSJdLFstMjksIi0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTY3LCItIl0sWy05LCIrIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbLTIwLCIxNTA5OTgyMzQ5LjE3MzI3NjU5OTkiXSxbLTI3LCJbNTAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUsbGF0bixncmVnb3J5Il0sWy01NCwie1wiaFwiOltcIjMzMDkzMTQxNjdcIixcIjgxMDM0MzY4OFwiLFwiMjQ2MzMxMjkxN1wiLFwiMTI0MDY0MzQ3OFwiLFwiMjMxNTE1MzYyOFwiLFwiMTUxMDU4NzQxOVwiLFwiXzNcIixcIjI4NzI4OTkzMjBcIl0sXCJkXCI6W10sXCJiXCI6W10sXCJzXCI6MX0iXSxbLTU5LCJkZWZhdWx0Il0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTIsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTE0LCItIl0sWy0xNiwiMCJdLFstMjEsIi0iXSxbLTI0LCJbXSJdLFstMzIsIjIiXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy02MiwiODAiXSxbLTEwLCItIl0sWy00MCwiMzMiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy02LCItIl0sWy03LCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMzMsIi0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTQ0LCIwLDAsMCw1Il0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTZ8fDAiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTE1LCItIl0sWy0xOSwiWzEwLDEwLDEwLDEwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjg1LDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkUFhCa1JVVTFOU1VvREZoWmRGMHRZWGx4WVhsaFFWMHBOVFZGY1NsWllTUmRhVmxRV1VCWU9YdzVhREFGZlh3RmREdzhORFE4QkRsdGJDMXRjQUF3TEFBb0FEUWxZRGhkVFNnTUlBdzhCREFFT0VCVllUUmxMR1JGUlRVMUpTZ01XRmwwWFMxaGVYRmhlV0ZCWFNrMU5VVnhLVmxoSkYxcFdWQlpRRmc1ZkRsb01BVjlmQVYwUER3ME5Ed0VPVzFzTFcxd0FEQXNBQ2dBTkNWZ09Gdz09Il0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTIsIjQsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwSXNnSUlqU1ErOGlLZ3FJMG9zSUFpcEZFRVFSSWtVZ2RFUVFwVW9KU0F0Q0FxU0g5R3l5N1pXWitlci9kK2U5MmJ3c0NTRC8xZSJdLFstNCwiLSJdLFstMjYsIntcInRqaHNcIjoyOTQ4ODI3MSxcInVqaHNcIjoyMTI5MjYyNyxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzQsIi0iXSxbLTQ4LCIwLDAiXSxbLTYzLCIwIl0sWy02OCwiLSJdLFstNzAsIi0iXSxbLTUsIi0iXSxbLTE3LCIxNiJdLFstMzUsIlsxNzMyNzY1OTk5Nzk5LC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zOCwiaSwtMSwtMSwxODAsMCwxLDAsNTQsMjI5LDkyNCwtMSwwLDIxMTUuMywyMTE1LjMsMzA0NSwzMDQ1Il0sWy00NiwiMCJdLFstNTAsIi0iXSxbLTUzLCIxMDAiXSxbLTYwLDE1NV0sWy03MSwiYTAxMTAwMTAxMDAxMDAxMDEwMDAxMDEwMDExMTExMDEwMDAwMTAiXSxbLTIzLCIrIl0sWy01NSwiMSJdLFstNTgsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixjaHVhZnVsbHZlcnNpb25saXN0LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsc2NyZWVud2FrZWxvY2sscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxjaHVhYXJjaCxjb21wdXRlcHJlc3N1cmUsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSx1c2IsY2hzYXZlZGF0YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxzaGFyZWRzdG9yYWdlLHJ1bmFkYXVjdGlvbixjaHVhZm9ybWZhY3RvcnMsY2hkb3dubGluayxvdHBjcmVkZW50aWFscyxwYXltZW50LGNodWEsY2h1YW1vZGVsLGNoZWN0LGF1dG9wbGF5LGNhbWVyYSxwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGFjY2VsZXJvbWV0ZXIsY2h1YXBsYXRmb3JtdmVyc2lvbixpZGxlZGV0ZWN0aW9uLHByaXZhdGVhZ2dyZWdhdGlvbixpbnRlcmVzdGNvaG9ydCxjaHZpZXdwb3J0aGVpZ2h0LGxvY2FsZm9udHMsY2h1YXBsYXRmb3JtLG1pZGksY2h1YWZ1bGx2ZXJzaW9uLHhyc3BhdGlhbHRyYWNraW5nLGNsaXBib2FyZHJlYWQsZ2FtZXBhZCxkaXNwbGF5Y2FwdHVyZSxrZXlib2FyZG1hcCxqb2luYWRpbnRlcmVzdGdyb3VwLGNod2lkdGgsY2hwcmVmZXJzcmVkdWNlZG1vdGlvbixicm93c2luZ3RvcGljcyxlbmNyeXB0ZWRtZWRpYSxneXJvc2NvcGUsc2VyaWFsLGNocnR0LGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCx1bmxvYWQsY2hkcHIsY2hwcmVmZXJzY29sb3JzY2hlbWUsY2h1YXdvdzY0LGF0dHJpYnV0aW9ucmVwb3J0aW5nLGZ1bGxzY3JlZW4saWRlbnRpdHljcmVkZW50aWFsc2dldCxwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24saGlkLGNodWFiaXRuZXNzLHN0b3JhZ2VhY2Nlc3Msc3luY3hocixjaGRldmljZW1lbW9yeSxjaHZpZXdwb3J0d2lkdGgscGljdHVyZWlucGljdHVyZSxtYWduZXRvbWV0ZXIsY2xpcGJvYXJkd3JpdGUsbWljcm9waG9uZSJdLFsiYm5jaCIsMjA3XSxbLTEzLCItIl0sWy00MSwiLSJdLFstNDksIi0iXSxbImRkYiIsIjAsNCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCw1LDEsMCwwLDAsMCwwLDEsMSwwLDAsMCwxLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMiwxMywxLDE3LDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDE0LDAsMCwwLDAsMCwwLDAsMCwwLDEsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxNCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDUsMSwwLDAsMCwwLDAsMCwyLDAsMCwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=sDznZUeDqL&pto=3071&ver=62&gac=1509982349.1732765999&mei=&ap=&fe=1&duid=1.1732765999.RPLbuAq34DhlbKua&suid=1.1732765999.ZVgakS8sZVqmIhfc&tuid=1.1732765999.cjJ7ycuHAVuOPf2H&fbc=-&gtm=W10%3D&it=74%2C2441%2C296&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by
Host: d.rageagainstthesoap.com
URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b4a1bd29b8755c8157b7e197f7aa97bb163527c2507ac86afd6b3110a4558aa6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
https://www.threatlocker.com
content-encoding
gzip
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
2280
date
Thu, 28 Nov 2024 03:53:20 GMT
content-type
text/javascript
ingest
pixels.spotify.com/v1/
52 B
272 B
Fetch
General
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash
a12552ac438be15c91b005583d3c6023217c438046c1326be0cb5814d2fa471f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.threatlocker.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
grpc-status
0
content-encoding
gzip
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
via
HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding
gzip,x-snappy-framed
access-control-allow-origin
https://www.threatlocker.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/json
vary
Accept-Encoding
grpc-encoding
identity
server
envoy
clarity.js
www.clarity.ms/s/0.7.56/
66 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/e0y38b0sji?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-azure-ref
20241128T035319Z-r17f8d897ffwwz5chC1FRA4ng40000000mbg000000001rf7
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
fb4ab631-301e-0000-5701-3d2edb000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 19:41:29 GMT
ingest
pixels.spotify.com/v1/ Frame
0
0
Preflight
General
Full URL
https://pixels.spotify.com/v1/ingest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.threatlocker.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://www.threatlocker.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 28 Nov 2024 03:53:19 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
0
bat.bing.net/actionp/
0
345 B
Ping
General
Full URL
https://bat.bing.net/actionp/0?ti=136027538&tm=gtm002&Ver=2&mid=41dd283e-a3e2-4038-bb6c-c323c8e99c69&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5A20AF019964441FAC9F421CD5185292 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:20Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:19 GMT
136027538
bat.bing.com/p/insights/t/
783 B
952 B
Script
General
Full URL
https://bat.bing.com/p/insights/t/136027538
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/136027538.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
fc6396a406ce224d71c3e2044c8a009809602105a40c139fa7687539777b5bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5B2DDDF6CABA447D95802E607AED8035 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:19Z
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
652
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/x-javascript
vary
Accept-Encoding
x-powered-by
ARR/3.0
x-azure-ref
20241128T035319Z-15558cd74c9pzllkhC1DB1s58n000000087g0000000050qt
0
bat.bing.net/action/
0
120 B
Image
General
Full URL
https://bat.bing.net/action/0?ti=136027538&tm=gtm002&Ver=2&mid=41dd283e-a3e2-4038-bb6c-c323c8e99c69&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&p=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&r=&lt=2813&pt=1732765996754,,,,,180,181,235,235,464,281,464,1337,1388,1345,2222,2800,2813,,,&pn=0,0&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=353170
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DC972E1623DA49D0B31AF57AC9F1CF60 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:20Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:19 GMT
p.gif
p.typekit.net/
35 B
206 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=wpr3nqk&ht=tk&h=www.threatlocker.com&f=139.169.173.175.176.5474.5475.25136&a=95479717&js=1.21.0&app=typekit&e=js&_=1732765999871
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
public, max-age=604800
etag
"6160f9fb-23"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
35
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
image/gif
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
dnb_coretag_v6.min.js
cdn-0.d41.co/tags/
90 KB
30 KB
Script
General
Full URL
https://cdn-0.d41.co/tags/dnb_coretag_v6.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-58.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fd694d5f205277a95631270a26fadf1d73d303e9b7ff2dacac5115247c6a3dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

Content-Encoding
gzip
x-amz-version-id
o9_3Urj53BpCoFZ5.Zg.aLQGsGx2E_Pi
ETag
W/"bfc3d7cef572c18b82ab4bf5af887471"
Age
1733
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
zZuKcTujXghmNlL3m2ii_YdV8ggRKC1-VEAF5xf_YgT3X0MUGhWa1A==
Date
Thu, 28 Nov 2024 03:24:28 GMT
Content-Type
application/javascript
Vary
accept-encoding
Last-Modified
Thu, 07 Dec 2023 16:17:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Server
AmazonS3
x-amz-server-side-encryption
AES256
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
187 B
843 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3949713
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7564ef0792ba747553aa7c678003e337c81041aabc1b494fef1fb39ffc834b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-max-age
180
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AK4MD5uIB5AuJ2P%2BxZUvbwRryWHzc%2BL3n8Xvax35yX7i929zGhcex9ZwkwnRq3SXrSnfGsMVpLFotWdnbJyt7BVI%2B%2FerLcTWnbWn%2BXNaWBJBWU4%2FFcdgrowi5FVkgkYMiAd5mqV17ZgobzIe"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Thu, 28 Nov 2024 03:53:20 GMT
x-hubspot-correlation-id
066afc59-c39f-472a-85c6-a3eb83d48984
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8e97690cb98fd2a5-FRA
access-control-allow-origin
https://www.threatlocker.com
server
cloudflare
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qh4hz/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/normal/auto/ Frame E804
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/qh4hz/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://www.threatlocker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e97690cbb5eaca9-TXL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 03:53:20 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/972f6/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/normal/auto/ Frame 3A7E
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/972f6/0x4AAAAAAAQTptj2So4dx43e/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://www.threatlocker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e97690cbb5faca9-TXL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 03:53:20 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
0.7.56
bat.bing.com/p/insights/s/
36 KB
16 KB
Script
General
Full URL
https://bat.bing.com/p/insights/s/0.7.56
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/136027538
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d774b2e366f7646b50c74578d4ce3218cedba5898a2e53e874dd7cbc06d31a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
x-ms-version
2018-03-28
etag
W/"0x8DD0EDC506F6F30"
x-fd-int-roxy-purgeid
79034942
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:19 GMT
content-type
application/javascript;charset=utf-8
last-modified
Wed, 27 Nov 2024 12:09:16 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7A6BADC4EF4D4FFFB80944679D19EA37 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:20Z
x-ms-request-id
47ea72cb-a01e-0002-07c9-409063000000
access-control-allow-origin
*
content-length
15751
x-azure-ref
20241128T035320Z-15558cd74c9sg7hghC1DB1q7f800000008k0000000002wz9
collect
k.clarity.ms/
0
284 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.threatlocker.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.threatlocker.com
Date
Thu, 28 Nov 2024 03:53:20 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
api
paapi1411.d41.co/
1 KB
2 KB
Fetch
General
Full URL
https://paapi1411.d41.co/api?ctver=6&req=paapi1411&form=json
Requested by
Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/dnb_coretag_v6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.44.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-44-33.compute-1.amazonaws.com
Software
/
Resource Hash
acf29a66a4b7dedb37fc5bc073cb5d50194de48d4b2e9afff9c928cb54947764
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
cache-control
no-store
pragma
no-cache
expect-ct
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://www.threatlocker.com
content-length
1380
date
Thu, 28 Nov 2024 03:53:20 GMT
x-xss-protection
1; mode=block
content-type
application/json
x-frame-options
SAMEORIGIN
bframe
www.google.com/recaptcha/api2/ Frame BCDA
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcbJwMpAAAAAGu0MJHvjIzZby3niJ0Lrv7VDXvH
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eMgVOlOe2tzdzp9t5Dlt6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.threatlocker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eMgVOlOe2tzdzp9t5Dlt6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Nov 2024 03:53:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
k.clarity.ms/
0
284 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.threatlocker.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.threatlocker.com
Date
Thu, 28 Nov 2024 03:53:20 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1GW8T9MYPR&gtm=45je4bk0v9123343682z89115913288za200zb9115913288&_p=1732765998616&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1509982349.1732765999&ecid=576117196&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1732765999&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&dt=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&en=timer_10_seconds&_et=737&tfd=3735
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.threatlocker.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:20 GMT
content-type
text/plain
server
Golfe2
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d.rageagainstthesoap.com
URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0eZE1Qzi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0eZE1Qzi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4461, tp=9, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
tztvnXTM1Fdsu0Ttfbv3QBh0uef7T2PlGIV6qNh/WvyqOVhssR6WhSNV3fXuLrBWKC6rdx7Sof0JIRzRXcPYVw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/
285 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-616220730&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NM475FN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
39bbcd507f82c53913a72c97255a2a3ff4f71b8c786085f850b6a39dc22b3674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 28 Nov 2024 03:53:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 28 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100330
x-xss-protection
0
server
Google Tag Manager
d495a58b-a731-4084-989c-7f0481e4b1a2
https://www.threatlocker.com/ Frame
0
0

0
bat.bing.net/action/
0
121 B
Image
General
Full URL
https://bat.bing.net/action/0?ti=136027538&tm=gtm002&Ver=2&mid=41dd283e-a3e2-4038-bb6c-c323c8e99c69&bo=3&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption&sw=1600&sh=1200&sc=24&evt=custom&asc=D&cdb=AQAY&rn=740094
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 04E31C6F4D7A450990897FFF2FFB27BE Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:20Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:20 GMT
/
www.google.de/pagead/1p-conversion/616220730/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx...
  • https://www.google.com/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxA...
  • https://www.google.de/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI34fLr5D-iQMVR5yDBx3sjgUMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dONquc_Nt6ZZ5t5UG9IPj-S6YrgCAmg&random=3116014925&ipr=y
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 28 Nov 2024 03:53:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/616220730/?label=vGPiCPi3pNMDELqQ66UC&guid=ON&script=0&ct_cookie_present=false&random=596307874&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI34fLr5D-iQMVR5yDBx3sjgUMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tLw&is_vtc=1&cid=CAQSGwCa7L7dONquc_Nt6ZZ5t5UG9IPj-S6YrgCAmg&random=3116014925&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 28 Nov 2024 03:53:20 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tc_imp.gif
en.rageagainstthesoap.com/tracker/
43 B
79 B
Image
General
Full URL
https://en.rageagainstthesoap.com/tracker/tc_imp.gif?e=37dfbd8ee84e001269ecc033ec478a9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c168a6b2517071a10acf9f29f671ad1808c0f2e381df6717204d3328b339606315626c150015e33005ec2e83f4c77be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63ebb2807ff7ecaa8556d8e0e3143714493d60265f560b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf62f8ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dce13e96340980af9c241810f16539a9944663ecdfff74dc57a940e7d01e904ed9d36d9a6d279c9a27d96d8cc0adb1d3fde90b72b26bf6f8f0364e73fb947dd4ec00e614025d880e01d092cfc9ccf3c821de27c2d1a58f77e36a7c7b83742a848f83582cdde42ebc17e8ae5b9167a022574842cd3cf019d7c1ea68ae8805c61fe89ddfd06282064a61ae1a0345717471c0aa68a34a8bcb8827ae9021c09a3ddd8ee8a16fdf93cb4c7066c7d47e12f89c0d6c04c3c3c63ef033cf900293b654b33edf52973aa95c89e121b01b2fb3cbe96f665c3a6378413668cba7891bb564fe3c12045f9ccc48d69f795abfb1dedec8319384f9a6d0a6f6f42b1664ac22fdb25a37c9196547a67532292fab22a2751ac7e2c36b8a62d333ceef71a2eb52c73f5a7f640f244cdbdda084213811c55858d78684e4f49f4e50c0e3ff34d68b2a2486cf577f30a7c6c41279f572d41bc345b064ce50cd8d57a5d571bddeca81cd4a3cbaa7783fd732e2d8f2b90a8e3861040f95745112e4f21cd0b206c09a98c148dfd495391c4332ac21b957b85fb39d7bd363512b40266f3db40cdbc37100fb7dcab5e729cb9c159e7e61fc49296d9ba8915948f263abdf568350604413e3653e88bd897ad74569cbf64ff88a83bbf916c857472310f27e2c5a9e930855a43de0fdc32a89d6e507546ebe78765a77934e05b8dd974c039a706cc18b950395c6b0a45a21b32cb8056c4acd4e237fd5cc05418bd6e0cae3b213e13cba6fd525c1881ec5edf82837f38740c29dbfaec5f3d6c9325e8ffa3856933c8e179e59e8f836a9cccfc96cb486d495e7542fd1b8b2ec49d35596531161106fcc95303fd57b883da9d873dc562be619069262c8cb2e66b97533541cc8e6d23f84c55f257a452bd6dad4b39b36fc73ecfd695d9ec17c6e4a1c106169b031afe93f12a7f3c2cff6a7b8adbbcc2ae5f38f16237459312f506114d94b2f7993f6929421efb5785e98d40cfa855cecf8dfdadea9e90eec14c553a67feb85d09d902c37908fd5de3c2c4639809a94f12312f5c60b7514a96caf3c7b5eb81cf366c94a37d047148d89b1ee96c48cea90629357c2de23c4bafe8626e884fe6f54c3d3d86aef35b5ca8a0a2b80893b9ed83432a40315b5105a3d5d6da29f6444ab017a3a35ba71939eb4754b8f2c6a11688fb3b1e735851a6b67bfbbf69a&cri=sDznZUeDqL&ts=685&cb=1732766000509
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
date
Thu, 28 Nov 2024 03:53:20 GMT
pragma
no-cache
content-type
image/gif
a3e9e592-f54f-4528-8110-a8362ea0797f
https://www.threatlocker.com/ Frame
0
0

0
bat.bing.net/actionp/
0
120 B
Ping
General
Full URL
https://bat.bing.net/actionp/0?ti=136027538&tm=gtm002&Ver=2&mid=41dd283e-a3e2-4038-bb6c-c323c8e99c69&bo=4&evt=dedup&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72037BA395E3496A9B7B73850D7ECC71 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:20Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:20 GMT
k
bat.bing.com/p/insights/c/
0
215 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/k
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.56
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 25E901A5EDEF4529A43E39D17AA46B9C Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:20Z
access-control-allow-credentials
true
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin
https://www.threatlocker.com
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:20 GMT
vary
Origin
x-powered-by
ARR/3.0
415880108001586
connect.facebook.net/signals/config/
68 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/415880108001586?v=2.9.176&r=stable&domain=www.threatlocker.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
a7e83ad67c071f8d590bee799dad3d5b829d9fd0407c44a27e410d4dd131b411
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-iGpzvO4r' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-iGpzvO4r' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=75, mss=1232, tbw=70381, tp=65, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
UVRIDyI3Llrgz1uInZwsG8x5giCkYWauW0bY+1gpc9ClU7usbWdYlKzVlSoh8luwj40cgGhYZVMsJ++o5tbaCw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
13435
x-xss-protection
0
origin-agent-cluster
?1
/
www.googleadservices.com/pagead/conversion/616220730/
5 KB
3 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/616220730/?random=1732766000912&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&gtm_ee=1&npa=1&pscdl=noapi&auid=1280589782.1732765999&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-616220730&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
852ece154fc264df06db9ddd52b01db0718451c48ad9e6e554bfb7b907105097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2884
date
Thu, 28 Nov 2024 03:53:20 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=415880108001586&ev=CHEQ&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&rl=&if=false&ts=1732766000938&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732766000933.730455623605680540&ler=empty&cdl=API_unavailable&it=1732766000879&coo=false&rqm=GET
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4474, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
199 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=415880108001586&ev=CHEQ&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&rl=&if=false&ts=1732766000938&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732766000933.730455623605680540&ler=empty&cdl=API_unavailable&it=1732766000879&coo=false&rqm=FGET
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442173307338237693"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
HHaXlENARAv1MQ0Fu81Ft+DuiQTq8oUFI+KuMe6YdnrcAnsJXppKOwpUm5IWLmK+uU5MrWfRCVT5JvpU02lZbg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442173307338237693", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4842, tp=13, tpl=0, uplat=157, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.google.de/pagead/1p-conversion/616220730/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1...
  • https://www.google.com/pagead/1p-conversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dm...
  • https://www.google.de/pagead/1p-conversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&gtm_ee=1&npa=1&pscdl=noapi&auid=1280589782.1732765999&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI2oPcr5D-iQMVsp6DBx2bTxD1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tL0JYQ2hFSWdLT2J1Z1lRazV6NnY5MnlxNmFlQVJJdEFFVVl1QU51V2gwcC14X3JnSFlleUItZnkyREpLd2dUNDNEbkhKdXhJUUZsT01VQmVBemtQVi1xM0M3OQ&is_vtc=1&cid=CAQSKQCa7L7dmrHY2mjynSUTGkGlNxlnfBRvBHS6-UErTiX6fF-aOF1ZuBml&random=1257550386&ipr=y
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H3
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 28 Nov 2024 03:53:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.de/pagead/1p-conversion/616220730/?random=337457964&cv=11&fst=1732766000912&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v890694919za200zb9115913288&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&label=vGPiCPi3pNMDELqQ66UC&hn=www.googleadservices.com&frm=0&tiba=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&gtm_ee=1&npa=1&pscdl=noapi&auid=1280589782.1732765999&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI2oPcr5D-iQMVsp6DBx2bTxD1MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh1odHRwczovL3d3dy50aHJlYXRsb2NrZXIuY29tL0JYQ2hFSWdLT2J1Z1lRazV6NnY5MnlxNmFlQVJJdEFFVVl1QU51V2gwcC14X3JnSFlleUItZnkyREpLd2dUNDNEbkhKdXhJUUZsT01VQmVBemtQVi1xM0M3OQ&is_vtc=1&cid=CAQSKQCa7L7dmrHY2mjynSUTGkGlNxlnfBRvBHS6-UErTiX6fF-aOF1ZuBml&random=1257550386&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 28 Nov 2024 03:53:21 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
c.6sc.co/
7 B
197 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.threatlocker.com
content-length
7
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
text/html
access-control-allow-headers
*
/
ipv6.6sc.co/
20 B
314 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:62a7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
50e126ce6f4caca8606dfda7334e0e2927cca6818e6052deb6820567f17e7eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
pragma
no-cache
6si-ipv6
2a01:4a0:1338:93::10
expires
Thu, 28 Nov 2024 03:53:21 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1732766001272_388391911_844557844_22_875_37_45_219";dur=1
access-control-allow-origin
https://www.threatlocker.com
content-length
20
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
text/html
vary
Origin
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&v=1.1.29
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"615ccf10-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:21 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/gif
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/
43 B
258 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%226c1dc6b86f1f72b05a222ca0727e59a3%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22506cb44c-866d-46a3-8f40-02bab25016ce%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&v=1.1.29
Requested by
Host: www.threatlocker.com
URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:21 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
blockedDomains.json
hubspotonwebflow.com/assets/js/
98 KB
23 KB
Fetch
General
Full URL
https://hubspotonwebflow.com/assets/js/blockedDomains.json
Requested by
Host: hubspotonwebflow.com
URL: https://hubspotonwebflow.com/assets/js/form-124.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"04708d47dd194d37b8231a65de7a66f1"
age
4092384
x-matched-path
/assets/js/blockedDomains.json
access-control-allow-origin
*
date
Thu, 28 Nov 2024 03:53:21 GMT
content-disposition
inline; filename="blockedDomains.json"
content-type
application/json; charset=utf-8
server
Vercel
last-modified
Thu, 10 Oct 2024 20:46:42 GMT
x-vercel-id
fra1::ckg8j-1732766001225-94c3944198b9
blockList
hubspotonwebflow.com/api/forms/
2 B
269 B
Fetch
General
Full URL
https://hubspotonwebflow.com/api/forms/blockList?id=stop-remote-encryption
Requested by
Host: hubspotonwebflow.com
URL: https://hubspotonwebflow.com/assets/js/form-124.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
MISS
age
0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
x-matched-path
/api/forms/blockList
access-control-allow-origin
*
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
application/json
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch
server
Vercel
x-vercel-id
fra1::iad1::4pbks-1732766001225-756adc9d115a
access-control-allow-headers
Content-Type, Authorization
blockList
hubspotonwebflow.com/api/forms/
120 KB
38 KB
Fetch
General
Full URL
https://hubspotonwebflow.com/api/forms/blockList?id=daa1eb82-0ad0-4fe7-9cd9-88f5d653b15f
Requested by
Host: hubspotonwebflow.com
URL: https://hubspotonwebflow.com/assets/js/form-124.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b91f813e04ffbe3d44692fe7a09b27e1dbded330c2f6c7294d38d412c9a4d9ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
MISS
age
0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
x-matched-path
/api/forms/blockList
access-control-allow-origin
*
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
application/json
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch
server
Vercel
x-vercel-id
fra1::iad1::bk2jc-1732766001225-1dadab0be86e
access-control-allow-headers
Content-Type, Authorization
blockList
hubspotonwebflow.com/api/forms/
121 KB
39 KB
Fetch
General
Full URL
https://hubspotonwebflow.com/api/forms/blockList?id=8e52c5dc-2337-4251-aa6d-e3c668893de1
Requested by
Host: hubspotonwebflow.com
URL: https://hubspotonwebflow.com/assets/js/form-124.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
81c470ef7aa94e61e70f07454eb29ff65de78154c60c5be56728d66f2b4696da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
MISS
age
0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
x-matched-path
/api/forms/blockList
access-control-allow-origin
*
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
application/json
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch
server
Vercel
x-vercel-id
fra1::iad1::26pvw-1732766001225-03adf3e89bfc
access-control-allow-headers
Content-Type, Authorization
157454505624324
connect.facebook.net/signals/config/
42 KB
6 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/157454505624324?v=2.9.176&r=stable&domain=www.threatlocker.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
abe204d97d39289d14b1bf2943607acb63238d95b2175a243f94c37ee8446a27
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3emTQ6iw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3emTQ6iw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=86, mss=1232, tbw=84893, tp=80, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
jgtULMNTq/7ofjGy3sOsCMIh2fhk9CPrPP18NCM7j5Ty1u8R+6G12K1kCaHJU/ro5OFHxSkR6kaHP07XKEcGwA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
6350
x-xss-protection
0
origin-agent-cluster
?1
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=930271884&v=1.1&a=3949713&rcu=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption&pu=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&t=How+to+stop+remote+encryption+using+ThreatLocker&cts=1732766001209&vi=1e63e1bf8520d806396160ec3b50ed42&nc=true&u=227254018.1e63e1bf8520d806396160ec3b50ed42.1732766001206.1732766001206.1732766001206.1&b=227254018.1.1732766001207&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

x-robots-tag
none
x-request-id
84bbfd54-8ef1-4a91-8ecb-e3670a62398b
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vPwWQbURmFiZtJnOFGLL0Vjd0lGE3VufXhozi9OVsIGEEZxrdSBymIFiu8LydNo67ME9u%2FYkJTjNB5H6lUmKnuJw6ZmT0fn%2FYiNCeJEZ%2FWn93dk8mZLKiUnvN9Cr8a9uvHaRhUGM5UBGqZYAAjp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Thu, 28 Nov 2024 03:53:21 GMT
x-hubspot-correlation-id
84bbfd54-8ef1-4a91-8ecb-e3670a62398b
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-4gh7c
x-envoy-upstream-service-time
4
access-control-allow-credentials
false
cf-ray
8e9769143e9b18e2-FRA
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
up
insight.adsrvr.org/track/ Frame DDBE
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=capjhp2&ref=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&upid=6wtct2r&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.threatlocker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Thu, 28 Nov 2024 03:53:21 GMT
server
Kestrel
66bbb21655c00565e20aee3f_ThreatLocker_favicon.png
cdn.prod.website-files.com/6356c441ce34029b327802bf/
2 KB
2 KB
Other
General
Full URL
https://cdn.prod.website-files.com/6356c441ce34029b327802bf/66bbb21655c00565e20aee3f_ThreatLocker_favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b58c3f625f15ac50f4d3c05ae59673f30ad0d4d1385f7bfb6f7de819ee6126d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cf-cache-status
HIT
etag
"d282e230c1ba4ff3904e35d30a25480f"
x-amz-version-id
KMD2XY4OivA1MNhkb0Oi.IvQ75xNC_PS
age
506
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/png
last-modified
Tue, 13 Aug 2024 19:20:55 GMT
vary
Accept-Encoding
x-amz-id-2
8ZIhRnJ3+5MGP7VPqZM0Udq30wqRfO+ouWxJY6X1LykSpkXh2PjdbdAz7KAjAOs2fy5iCm+mHrg5TjgIkZILUQJQ7YulMwXxsHvo2MHX1fw=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
41X0MG5D4E7T86AS
cf-ray
8e976913dd3a915e-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1861
server
cloudflare
x-amz-server-side-encryption
AES256
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=415880108001586&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&rl=&if=false&ts=1732766001271&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12318&fbp=fb.1.1732766000933.730455623605680540&ler=empty&cdl=API_unavailable&it=1732766000879&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=26, mss=1232, tbw=7770, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=415880108001586&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&rl=&if=false&ts=1732766001271&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=12318&fbp=fb.1.1732766000933.730455623605680540&ler=empty&cdl=API_unavailable&it=1732766000879&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442173306615202906"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
4ZX8I/LhnktWzCnFpYTU7/NwClY7S1fkPj4GChKjktRMMmt06Cw/Ine3l+QodG4aCMh27bIY5qxxpfOnaqorHw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442173306615202906", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=26, mss=1232, tbw=8202, tp=23, tpl=0, uplat=33, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=157454505624324&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&rl=&if=false&ts=1732766001273&sw=1600&sh=1200&ud[external_id]=1e63e1bf8520d806396160ec3b50ed42&v=2.9.176&r=stable&a=hubspot&ec=0&o=12318&fbp=fb.1.1732766000933.730455623605680540&ler=empty&cdl=API_unavailable&cs_est=true&it=1732766000879&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=26, mss=1232, tbw=8010, tp=21, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
189 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=157454505624324&ev=PageView&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&rl=&if=false&ts=1732766001273&sw=1600&sh=1200&ud[external_id]=1e63e1bf8520d806396160ec3b50ed42&v=2.9.176&r=stable&a=hubspot&ec=0&o=12318&fbp=fb.1.1732766000933.730455623605680540&ler=empty&cdl=API_unavailable&cs_est=true&it=1732766000879&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442173306000292721"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ViVVVH70Kf2mMoi0rgIAikiq88qU6uPf8wqIdjV17mOYpgiDeh7kF7YWTgKOifQ2FCd1l6eqeaTd/PcgANno9A==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442173306000292721", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=26, mss=1232, tbw=9082, tp=24, tpl=0, uplat=35, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A93%3A%3A10%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A10&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:21 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
mon
en.rageagainstthesoap.com/
0
151 B
XHR
General
Full URL
https://en.rageagainstthesoap.com/mon
Requested by
Host: d.rageagainstthesoap.com
URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.threatlocker.com/

Response headers

access-control-allow-origin
https://www.threatlocker.com
content-length
0
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
mon
en.rageagainstthesoap.com/
0
16 B
XHR
General
Full URL
https://en.rageagainstthesoap.com/mon
Requested by
Host: d.rageagainstthesoap.com
URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.threatlocker.com/

Response headers

access-control-allow-origin
https://www.threatlocker.com
content-length
0
date
Thu, 28 Nov 2024 03:53:21 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
k
bat.bing.com/p/insights/c/
0
123 B
XHR
General
Full URL
https://bat.bing.com/p/insights/c/k
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.56
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
Referer
https://www.threatlocker.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE0E6ED8548149D4ACAF0DFE8B582FC3 Ref B: FRA31EDGE0722 Ref C: 2024-11-28T03:53:22Z
access-control-allow-credentials
true
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
access-control-allow-origin
https://www.threatlocker.com
x-cache
CONFIG_NOCACHE
date
Thu, 28 Nov 2024 03:53:21 GMT
vary
Origin
x-powered-by
ARR/3.0
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A18%20GMT%22%2C%22timeSpent%22%3A%223226%22%2C%22totalTimeSpent%22%3A%223226%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A10&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:22 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:22 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
collect
k.clarity.ms/
0
284 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.threatlocker.com/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.threatlocker.com
Date
Thu, 28 Nov 2024 03:53:22 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
img.gif
b.6sc.co/v1/beacon/
43 B
260 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224227%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A10&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:23 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:23 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
mon
en.rageagainstthesoap.com/
0
40 B
XHR
General
Full URL
https://en.rageagainstthesoap.com/mon
Requested by
Host: d.rageagainstthesoap.com
URL: https://d.rageagainstthesoap.com/i/7f7c58ff8d6644687bb2be95293940a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.threatlocker.com/

Response headers

access-control-allow-origin
https://www.threatlocker.com
content-length
0
date
Thu, 28 Nov 2024 03:53:23 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
img.gif
b.6sc.co/v1/beacon/
43 B
259 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A23%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225227%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A10&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"615ccf10-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:24 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:24 GMT
content-type
image/gif
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/
43 B
260 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6c1dc6b86f1f72b05a222ca0727e59a3&svisitor=null&visitor=12d745bb-4072-46d7-89f9-0fd4dadc62b2&session=5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2028%20Nov%202024%2003%3A53%3A24%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%226227%22%7D&isIframe=false&m=%7B%22description%22%3A%22Schedule%20your%20free%20ThreatLocker%20demo%20today!%20Experience%20the%20premier%20zero%20trust%20enterprise%20endpoint%20protection%20platform%20for%20your%20business.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20to%20stop%20remote%20encryption%20using%20ThreatLocker%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&pageViewId=39e970e0-3f40-4246-89ee-982e8939d355&webTagId=506cb44c-866d-46a3-8f40-02bab25016ce&ipv6=2a01%3A4a0%3A1338%3A93%3A%3A10&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 03:53:25 GMT
accept-ranges
bytes
content-length
43
date
Thu, 28 Nov 2024 03:53:25 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
mon
en.rageagainstthesoap.com/
0
0

collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1GW8T9MYPR&gtm=45je4bk0v9123343682za200zb9115913288&_p=1732765998616&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1509982349.1732765999&ecid=576117196&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1732765999&sct=1&seg=0&dl=https%3A%2F%2Fwww.threatlocker.com%2Fstop-remote-encryption%3Futm_term%3Dwatch-vid%26utm_campaign%3Dln1%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA%26_hsmi%3D335928024%26utm_content%3Dhow-to-stop-remote-encryption-using-threatlocker%26utm_source%3Dnewsletter&dt=How%20to%20stop%20remote%20encryption%20using%20ThreatLocker&en=CQ&_ee=1&_et=232&up.cq_category=bots&tfd=8735
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1GW8T9MYPR&l=dataLayer&cx=c&gtm=45He4bk0v9115913288za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.threatlocker.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.threatlocker.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 03:53:25 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.threatlocker.com
URL
blob:https://www.threatlocker.com/d495a58b-a731-4084-989c-7f0481e4b1a2
Domain
www.threatlocker.com
URL
blob:https://www.threatlocker.com/a3e9e592-f54f-4528-8110-a8362ea0797f
Domain
en.rageagainstthesoap.com
URL
https://en.rageagainstthesoap.com/mon

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| WebFont object| Typekit object| _6si object| dataLayer function| storeIPAddress function| onSubmit function| isCalendlyEvent function| $ function| jQuery function| svJquery object| Calendly function| tram object| Webflow function| objectFitPolyfill function| store object| user object| userIP object| entryPath function| storeUserId object| emailInput function| insertEmail object| nextCalendlyButton object| nextButton function| calendlyQueryParam object| locationSelect function| validateEmail function| displayError function| hideError object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel object| core object| eapps function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| ldfdr object| fs object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| rdt function| getParam function| getExpiryRecord function| addGclid function| clarity function| initApollo function| spdt function| recaptcha object| closure_lm_955418 function| onYouTubeIframeAPIReady object| gaGlobal function| redditNormalizeEmail object| __gaConnectorEventsEmitted function| storeUTMs object| fsAttributes object| FsAttributes object| ogCloneArr function| getParams function| getSafe function| phoneAutoFormat function| validateURL function| disableBtn function| enableBtn function| saveLastAnswer function| saveFilledInput function| scrollTop function| updateStep function| phoneValidation function| validation function| displayErrorMessage function| resetInputErrorMessage function| increaseCurstep function| decreaseCurstep function| nextStep function| backStep function| selectionQuiz function| triggerInputAllData function| clickableIndicator function| resetFormly function| _0xce23 function| cloneRemove function| cloneRemoveInput function| andLogic function| _0x5e13 function| addClickClass function| updateCounter function| getCookie function| isElementPresent function| isScriptUrlMatch object| keywordsToCheck object| scripts object| matchedScripts string| scriptSrcs function| openNav function| closeNav number| idx function| lintrk object| ORIBILI object| _hsp function| queryForm object| influ2 function| UET function| UET_init function| UET_push function| __ctcg_ct_27762_exec function| onCheqResponse object| ueto_c7026643e0 object| uetq function| u object| trackingFunctions boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| turnstile function| webinsights object| insightsuetq object| dnbvid object| _cq function| fbq function| Ji object| GooglebQhCsO object| _uid2SdkListenerLock function| setupUid2Sdk boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

39 Cookies

Domain/Path Name / Value
.prod.website-files.com/ Name: __cf_bm
Value: GuZYQwaKIz0O88CK6x7eq1290pmzhxDZ2GZRpXkCdlQ-1732765998-1.0.1.1-s5R0IHzmB_Fri9i2y8UwCN7aLswL6gSdOnPWOFu9ZtpoCbVeXkZyPoHdNnZ5qfzPg7FxfahbSDRwygM2X7utrA
.calendly.com/ Name: _cfuvid
Value: iTv0crLNd08YH8NK_So387Jf1RfA55medR11l8KZyIc-1732765998429-0.0.1.1-604800000
.threatlocker.com/ Name: _gcl_au
Value: 1.1.1280589782.1732765999
.youtube.com/ Name: YSC
Value: B2sqQnEdLDk
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: CP_FxfiPirOuggEQkcD2rpD-iQMYkcD2rpD-iQM%3D
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: PKt1xkTNxMk
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgNw%3D%3D
.threatlocker.com/ Name: _ga
Value: GA1.1.1509982349.1732765999
.g2crowd.com/ Name: __cf_bm
Value: ZJi0CDwp30XLBeld2r8Mk3d7Vw0aJHffQUv1g_98RH8-1732765999-1.0.1.1-_tyb8gCdjLcxeY_9d_KS92Ay.DZSkaIP.mNvH6isokkHFQ3ov7XMXAtRrMR2I6gxEtBO03X8M2El1spPUomPZw
.threatlocker.com/ Name: _rdt_uuid
Value: 1732765999507.db73b009-5dfe-447d-a870-31a11286ca06
www.threatlocker.com/ Name: utm_source
Value: newsletter
www.threatlocker.com/ Name: utm_medium
Value: email
www.threatlocker.com/ Name: utm_campaign
Value: ln1
www.threatlocker.com/ Name: utm_term
Value: watch-vid
www.threatlocker.com/ Name: utm_content
Value: how-to-stop-remote-encryption-using-threatlocker
www.threatlocker.com/ Name: google_click_id
Value: undefined
www.threatlocker.com/ Name: microsoft_click_id
Value: undefined
.apollo.io/ Name: __cf_bm
Value: Jx5eRvXarZmRUn9zYTUTze.t0crwpnX2GhiaG1m3NAE-1732765999-1.0.1.1-ePTn5YRnoWpO.T2tSeL5bXsorgAwUp3mMPSJiHkQhiO4n3BkyUj0Li8e389lECkBe1jDK06AECAZ49saSLa8dw
.threatlocker.com/ Name: _lfa
Value: LF1.1.83a192e5c529ab6d.1732765999682
www.threatlocker.com/ Name: __spdt
Value: 1957052c70624901883094e459546083
.threatlocker.com/ Name: _cq_duid
Value: 1.1732765999.RPLbuAq34DhlbKua
.threatlocker.com/ Name: _cq_suid
Value: 1.1732765999.ZVgakS8sZVqmIhfc
.influ2.com/ Name: R
Value: d6d87af6b969247f66fe90f2
.linkedin.com/ Name: bcookie
Value: "v=2&e944dc96-70b8-40bd-8446-44bb66578b4d"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzI3NjU5OTk7MjswMjEwZIVbaeAwO35l8iOVPsGonR5VkFSbJT0L+Rop0FaxPw==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=3043:u=1:x=1:i=1732765999:t=1732852399:v=2:sig=AQEFBucYaOLnavBVdJ_JEiDM07KXh2iv"
en.rageagainstthesoap.com/ Name: cg_uuid
Value: cc3582768950d9daa21c5b2116414fd3
.threatlocker.com/ Name: _ga_1GW8T9MYPR
Value: GS1.1.1732765999.1.0.1732766000.59.0.576117196
www.threatlocker.com/ Name: Y291bnRlcg
Value: ==MTA=
.threatlocker.com/ Name: _fbp
Value: fb.1.1732766000933.730455623605680540
.doubleclick.net/ Name: IDE
Value: AHWqTUn2t8OUQIsFjVcLRDHf9rceQpoWcoErVikZgXYsSFD17_MxDYjOMZkgaUAn
www.threatlocker.com/ Name: _gd_visitor
Value: 12d745bb-4072-46d7-89f9-0fd4dadc62b2
www.threatlocker.com/ Name: _gd_session
Value: 5ec49bb8-f2ad-4f5a-8284-8cdf09b08b13
.threatlocker.com/ Name: __hstc
Value: 227254018.1e63e1bf8520d806396160ec3b50ed42.1732766001206.1732766001206.1732766001206.1
.threatlocker.com/ Name: hubspotutk
Value: 1e63e1bf8520d806396160ec3b50ed42
.threatlocker.com/ Name: __hssrc
Value: 1
.threatlocker.com/ Name: __hssc
Value: 227254018.1.1732766001207
.hubspot.com/ Name: __cf_bm
Value: nCINofwavc0lEdCd.8VdNWDxAhprJsOjQLGmDCzMrxk-1732766001-1.0.1.1-L3sqSVRvjLnK._8xaDuhLMlLSg7lvTOwJrG2aGm9viXpadQYosFwu4TaYengd1yZ5MCyUPu1VZQWLSgcQc.T9g
.hubspot.com/ Name: _cfuvid
Value: QybB52rpZ3ovphbjchPIlF7KizZzp6PcbYuUZDl40xM-1732766001438-0.0.1.1-604800000

2 Console Messages

Source Level URL
Text
rendering warning URL: https://www.threatlocker.com/stop-remote-encryption?utm_term=watch-vid&utm_campaign=ln1&utm_medium=email&_hsenc=p2ANqtz-_B4AIfTdUMFhd9eJnLfJ1rOS2YMxny-G18gUK9iSjPbzZOQv5GWVyIlwFTH797Qfq91TDmaY-jfni5PihgUK43izj0lA&_hsmi=335928024&utm_content=how-to-stop-remote-encryption-using-threatlocker&utm_source=newsletter
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A05084041C1E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
worker verbose URL: blob:https://www.threatlocker.com/d495a58b-a731-4084-989c-7f0481e4b1a2(Line 1)
Message:
Error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alb.reddit.com
api.hubapi.com
api.ipify.org
aplo-evnt.com
assets.apollo.io
assets.calendly.com
b.6sc.co
bat.bing.com
bat.bing.net
c.6sc.co
c.sproutvideo.com
cdn-0.d41.co
cdn-thumbnails.sproutvideo.com
cdn.embedly.com
cdn.jsdelivr.net
cdn.prod.website-files.com
challenges.cloudflare.com
code.jquery.com
connect.facebook.net
ct4vs04.na1.hubspotlinks.com
d.rageagainstthesoap.com
d3e54v103j8qbb.cloudfront.net
en.rageagainstthesoap.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hubspotonwebflow.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
k.clarity.ms
p.typekit.net
paapi1411.d41.co
pixel-config.reddit.com
pixel.byspotify.com
pixels.spotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sc.lfeeder.com
snap.licdn.com
static.elfsight.com
static.threatlocker.com
stats.g.doubleclick.net
t.influ2.com
tr.lfeeder.com
track.hubspot.com
tracking.g2crowd.com
use.typekit.net
videsigns-staging.co.uk
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.influ2.com
www.redditstatic.com
www.threatlocker.com
en.rageagainstthesoap.com
www.threatlocker.com
104.16.90.50
104.18.160.117
104.18.94.41
104.18.95.41
108.138.15.119
13.107.42.14
13.232.14.252
142.250.184.200
142.250.186.131
142.250.186.162
142.250.186.164
142.250.186.67
142.250.186.98
151.101.193.140
151.101.65.140
157.240.252.35
157.240.253.1
172.175.38.6
172.67.74.152
18.244.20.109
18.66.102.89
18.66.112.30
18.66.122.55
18.66.122.58
2001:4860:4802:34::36
216.239.34.36
216.58.206.67
2600:1901:1:7c5::
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:223c:5400:7:4902:e200:93a1
2600:9000:2250:4c00:4:d7e1:700:93a1
2600:9000:2491:1a00:7:cc21:18c0:93a1
2606:4700:10::6814:27d5
2606:4700:10::ac43:1653
2606:4700:4400::ac40:9251
2606:4700:4400::ac40:9310
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6811:80ac
2606:4700::6811:afc9
2606:4700::6812:1eb0
2606:4700::6812:ba1f
2606:4700::6812:bc9
2606:4700::6812:f36c
2620:1ec:21::14
2620:1ec:33:1::10
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:800::200a
2a00:1450:4001:811::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
2a02:26f0:3500:10::210:a99
2a02:26f0:3500:16::215:1490
2a02:26f0:480:23::1726:62a7
2a02:26f0:480:f::213:7ed3
2a04:4e42:400::649
2a04:4e42::396
34.107.133.146
34.107.254.219
34.117.110.211
34.117.162.98
35.152.119.144
52.223.40.198
52.23.44.33
76.76.21.142
95.101.111.184
01a0567df178f4841a6288926e99a3b74a974d9a94f9643893fb9f9a9e44e72f
056b586b28e729158aae42933695501bf132d36d6fddbdb91950e59c56ff58d7
07d21e4a2e9c745c835629ae31df9b47500fdb515fc70226f94a9c7a8434701c
08b3edc23cd5b96a6e98d0498a6e71b938a2e3d28a8c81699ab032b07ab8708a
0ac75b515902d4a9c871724d8da779aaf77108660db9987a1fe1ab789ac95d4b
0ca13c4b69af09a0c103bf2cf8c0e3b827a7b115cb29bd93418dfe1bc865adf7
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0def70734e71acc63e1abfbf063be6dc855f86c57336c9bbca76af81e58cb2fe
0f3ae7a6cfade0e2cc1fa7a16973b3cf7575a28e827b6480f67273f8837ac250
0fd694d5f205277a95631270a26fadf1d73d303e9b7ff2dacac5115247c6a3dc
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939
11fe6747cb5b2ab3c1cb90a2e40157fd8231b366126e65cda66d476fe7a67250
12d8216551a0974e16d1792fee6d9d9feee0b2470ed93a20b35dd0e1e9954a97
150916033af38423bed2ceec02d87a9cfa166f89fd72d5104cf2d22237a93bb4
15baf5bfb9508a79a17a3403bb340910dda9181710de3cc7b861bbb83deffcd7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2039d204f18247df88a0f132f35fe67f9e52ee7268515ead1647c611f737ba07
21f57bdd708058a426ae5b52aa1805decdbfaee2ba54b382d427c2915c1247a9
27e75bea9cadb79d6da51b077e5711d96e20af06b5fc9376da6c1b41ce07e477
337ad678562cb9e0c0cdc7f729720c7f242ca0fdf4b0162f5039ccf96cb0719d
3719936c4b46f7c13616a3788c4432737e5f4f900062e15c6c435e96026fa71e
39bbcd507f82c53913a72c97255a2a3ff4f71b8c786085f850b6a39dc22b3674
39ce82b4ceba8d24e7d6fce5422980df77d9d246a1cc7d87b1e2a35f9d4143e5
3bae710aac737ee681f8c26f2f3e85f2190030effb66046f95c6db008f46c298
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
405a7cd06553439241a451a1737af5387151199a5642fbc99dd44eb7cfa605a8
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c1addf663fde1d5e2033df73efcc1573c4b6cf71331edf966476e5ade69f849
4ec4206effe279a091df26765f1dc2aea25b84b88f443a81051db6fcc202e488
4f6e1a541ddafad69e880e9cbe06b509bc0513484219fe49fdad34ce84acf9b9
50e126ce6f4caca8606dfda7334e0e2927cca6818e6052deb6820567f17e7eca
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
561ef6a12462274fb0ac89f374525c2e3d63d58e1137543d39dc12aebcf19925
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf
5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d
5d031c0ff2571256126ff6c524d395ca2951b9a5f180d5f51f05b5e65bfb500f
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
64198eefb9fcbed2c2708d419b9d9a9e12864562abf1b5d58284be2460a7c1a9
64b9b5512f8e67dd2b9fdbcfda4e303ba6d62e473e93bd99d830cdb466da6972
6842efb6422a86912eff57b2b0b534175c9ee443bd887378557d673620a804bf
6972ba42e587284c835b1f4806efda667f41987832b382b817d00aa330385ce8
6d5336ec684c3ab573bc2677aec9563703f283a08a516116715091312f6e506c
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
6f7c08bcbe41b9d24dd74cbb2ba16e1696f855d79e13813841f49b5adae7fadb
706461e62ca1fa001c4c239f8b4de231ad4cf6ecc40fecd9ce0d6db360a40a1b
75ac005172f77cdc62355c9b52efb64a470ae2facb10f7cdbd98cd68b4ba2792
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
81c470ef7aa94e61e70f07454eb29ff65de78154c60c5be56728d66f2b4696da
852ece154fc264df06db9ddd52b01db0718451c48ad9e6e554bfb7b907105097
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d797e8fa32f31ca5cd0ab38265e89e2fd8e897aa2a78b9aa5e7fa833ebec2f7
917326a239fe3354f27b6c6a50a9636d2024096dad68bd32ab47d5ae4364772f
9177b34214c286eb177713c262cba11452713d2d31e62988b52431ca4ae91bf1
944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c
954bd2f43df10343b52ba245c6d3bafd9978bde46a691bf69921d1479203b5b9
96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ca50e012e955567701c20a079174bb733549084344d0f236b88f3eac231673
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9f9708f479402e766ee2ec58e2f5a01a312509e8894da67b864722b44095757a
a0449f4ca93bed32017f6d4885c42281392d7ec1f1dc60d55117cca802dc0f9e
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a12552ac438be15c91b005583d3c6023217c438046c1326be0cb5814d2fa471f
a21195d829e0627ea8c89902db814682c32563a1eec9d87c33bfd6ed94ed9ad0
a7e83ad67c071f8d590bee799dad3d5b829d9fd0407c44a27e410d4dd131b411
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab949277323a943806e144f96d076da2fdaca8d53c6289017ca1e933ab77227d
abe204d97d39289d14b1bf2943607acb63238d95b2175a243f94c37ee8446a27
acf29a66a4b7dedb37fc5bc073cb5d50194de48d4b2e9afff9c928cb54947764
aec1985c2e202be76f0fd0741b69a0413bccec9b28a45ee16e5f3e238c58657c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b4a1bd29b8755c8157b7e197f7aa97bb163527c2507ac86afd6b3110a4558aa6
b58c3f625f15ac50f4d3c05ae59673f30ad0d4d1385f7bfb6f7de819ee6126d4
b5a102aed533390e53f0c3da4a28fd5a0c882afb2d67abd36ae78e418f2d9e5d
b91f813e04ffbe3d44692fe7a09b27e1dbded330c2f6c7294d38d412c9a4d9ff
bae80b087e66059cb3de415d523ab7d6111ad26f88b8371e5d7a2bfe46527262
c0fd7653283e19ac86a3245bfd82feab6bc58794511975e68af222fa3800e455
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2
c874f6443d85ad84747dc55b329d1d5d6c35568e83f14b86e7c3678b223a7ce0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
d0c5f3bd0d8aaaa58b9b5c76863bd8e34a1814eda4054bc501dc42e4cc5ebd45
d5ecf2f6d5b7937dd1aa50165b89193436347d55cb130951d41e028b1f09d3af
d774b2e366f7646b50c74578d4ce3218cedba5898a2e53e874dd7cbc06d31a6d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6cff6bd6652ed8d9be9fae59c9d1b6b269464a7bcc9bbf8437668bbe0cc754
dfd666152add69ae697218ce9fd38254a063a57cffdaeb60d5b47615bcfb836f
dfdaf1ae3fe702746d6a8ef59197245a12742efb2bf34adba19f20d7779cd8b0
e0981df7a736e6b9114f636b1f7e914b3b5c2a7976da8a34a0b7a08b69882bc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7564ef0792ba747553aa7c678003e337c81041aabc1b494fef1fb39ffc834b8
eecea65c1e15819405bbec61d2ce3f746c79fd1f84e2347052856315715d2681
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab
f40c284ef78e409dea6ccda1e7aea491b071fe8f8d01c562b1585b2e6918f2a9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80ce7415f7fb5c4bf1d8eed31652b1246241e4e3cef6cbf6c853b9a7e16dde0
fc6396a406ce224d71c3e2044c8a009809602105a40c139fa7687539777b5bac
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a