www.guidepointsecurity.com Open in urlscan Pro
107.154.76.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Submission: On May 15 via api (May 15th 2023, 8:16:01 pm UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 28 domains to perform 108 HTTP transactions. The main IP is 107.154.76.199, located in District Heights, United States and belongs to INCAPSULA, US. The main domain is www.guidepointsecurity.com. The Cisco Umbrella rank of the primary domain is 677628.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on April 5th 2023. Valid for: 6 months.

This is the only time www.guidepointsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	107.154.76.199 107.154.76.199	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
6	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.110.69 13.32.110.69	16509 (AMAZON-02) (AMAZON-02)
2	143.204.214.192 143.204.214.192	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	104.77.31.43 104.77.31.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.73.0.225 52.73.0.225	14618 (AMAZON-AES) (AMAZON-AES)
21	2400:52e0:1e0... 2400:52e0:1e00::1054:1	200325 (BUNNYCDN) (BUNNYCDN)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	52.20.195.32 52.20.195.32	14618 (AMAZON-AES) (AMAZON-AES)
2	18.66.15.74 18.66.15.74	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	178.128.135.233 178.128.135.233	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
108	28

28 107.154.76.199 (District Heights, United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.199.ip.incapdns.net

www.guidepointsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.guidepointsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-69.vie50.r.cloudfront.net

static.oktopost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-192.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.77.31.43 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-31-43.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.0.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-0-225.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2400:52e0:1e00::1054:1 (Germany)

ASN200325 (BUNNYCDN, SI)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.195.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-195-32.compute-1.amazonaws.com

okt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.15.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-74.vie50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

995-mtm-359.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.135.233 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

z.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	guidepointsecurity.com www.guidepointsecurity.com — Cisco Umbrella Rank: 677628 go.guidepointsecurity.com	1 MB
24	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 5426 api.omappapi.com — Cisco Umbrella Rank: 5721 z.omappapi.com — Cisco Umbrella Rank: 13562	175 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	616 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	30 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 8653	26 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3651	7 KB
2	cloudfront.net d10lpsik1i8c69.cloudfront.net	95 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1979	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	166 KB
1	mktoresp.com 995-mtm-359.mktoresp.com	318 B
1	okt.to okt.to — Cisco Umbrella Rank: 33596	100 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 690	394 B
1	t.co t.co — Cisco Umbrella Rank: 510	376 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	357 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 8978	686 B
1	lltrck.com lltrck.com — Cisco Umbrella Rank: 34618
1	oktopost.com static.oktopost.com — Cisco Umbrella Rank: 39788	4 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 718	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 885	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 179	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
0	linkedin.com Failed www.linkedin.com Failed
0	oribi.io Failed cdn.linkedin.oribi.io Failed
0	google.de Failed www.google.de Failed
0	bizibly.com Failed cdn.bizibly.com Failed
0	googleoptimize.com Failed www.googleoptimize.com Failed
108	28

	Domain	Requested by
28	www.guidepointsecurity.com	www.guidepointsecurity.com
21	a.omappapi.com	www.guidepointsecurity.com a.omappapi.com cdn.bizible.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	go.guidepointsecurity.com	www.guidepointsecurity.com go.guidepointsecurity.com
5	www.google.com	www.guidepointsecurity.com www.gstatic.com www.google.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.guidepointsecurity.com
3	cdn.bizible.com	www.guidepointsecurity.com cdn.bizible.com
2	api.omappapi.com	cdn.bizible.com
2	munchkin.marketo.net	www.guidepointsecurity.com munchkin.marketo.net
2	d10lpsik1i8c69.cloudfront.net	www.guidepointsecurity.com d10lpsik1i8c69.cloudfront.net
2	www.google-analytics.com	www.googletagmanager.com cdn.bizible.com
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	www.googletagmanager.com	www.guidepointsecurity.com www.googletagmanager.com
1	z.omappapi.com	cdn.bizible.com
1	995-mtm-359.mktoresp.com	munchkin.marketo.net
1	okt.to	static.oktopost.com
1	analytics.twitter.com	www.guidepointsecurity.com
1	t.co	www.guidepointsecurity.com
1	stats.g.doubleclick.net	cdn.bizible.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	lltrck.com	www.guidepointsecurity.com
1	static.oktopost.com	www.guidepointsecurity.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	www.guidepointsecurity.com
0	www.linkedin.com Failed	www.guidepointsecurity.com
0	cdn.linkedin.oribi.io Failed	cdn.bizible.com
0	www.google.de Failed	www.guidepointsecurity.com
0	cdn.bizibly.com Failed	www.guidepointsecurity.com
0	www.googleoptimize.com Failed	www.googletagmanager.com
108	32

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
www.linkedin.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-04-05` - `2023-10-02`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
go.guidepointsecurity.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.oktopost.com Amazon RSA 2048 M01	`2023-02-28` - `2023-10-27`	8 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2022-07-25` - `2023-08-26`	a year	crt.sh
a.omappapi.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
okt.to R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
api.opmnstr.com Amazon RSA 2048 M01	`2023-03-01` - `2024-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
z.omappapi.com R3	`2023-05-05` - `2023-08-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Frame ID: 2D624AC075417FF51A8BD07145CFE65B
Requests: 107 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0110/3028/site/www.guidepointsecurity.com.json?t=1
Frame ID: C3126E51237AF4485076D759471ACB62
Requests: 1 HTTP requests in this frame

Frame: https://go.guidepointsecurity.com/index.php/form/XDFrame
Frame ID: A8FAE1391CD8D5081516CD4FC51553DF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu&co=aHR0cHM6Ly93d3cuZ3VpZGVwb2ludHNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=xtgfty8ag0j3
Frame ID: 0DFEA4505903D98D9EFD80F93B79CA6F
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu
Frame ID: C670BE41912AA7C628C05F7DF1DCE37D
Requests: 3 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: FEE752F0CCA2DE01AABAE6D09A1D5B5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GRIT Ransomware Report: April 2023 | GuidePoint SecurityIcon - Application Security IconIcon - Application Security IconCloud Security IconCloud Security IconData Security IconData Security IconEmail Security IconEmail Security IconEndpoint Security IconEndpoint Security IconCompliance IconCompliance IconIdentity Management IconIdentity Management IconSecurity Response IconSecurity Response IconManaged Security IconManaged Security IconNetwork Security IconNetwork Security IconSecurity Education IconSecurity Education IconSecurity Operations IconSecurity Operations IconStaff Augmentation IconStaff Augmentation IconStaff Augmentation IconPenetration Test IconPenetration Test IconStaff Augmentation IconStaff Augmentation IconStaff Augmentation IconManaged Security IconManaged Security IconGuidepoint Security Government Solutions EmblemGuidepoint Security Government Solutions Emblem

Page URL History Show full URLs

https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Page URL
https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

108
Requests

94 %
HTTPS

41 %
IPv6

28
Domains

32
Subdomains

28
IPs

5
Countries

2364 kB
Transfer

5383 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet/?url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&text=GRIT+Ransomware+Report%3A+April+2023&via=GuidePointSec
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&title=GRIT+Ransomware+Report%3A+April+2023&summary=Additional+contributors+to+this+GRIT+report%3A+Grayson+North%2C+Nic+Finn%2C+and+Drew+Schmitt+Following+a+relatively+active+March%E2%80%93resulting+in+451+%5B%26hellip%3B%5D&source=GuidePoint+Security
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/guidepointsec
Title: linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/GuidePointSec
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GuidePointSec
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCkajuS7JqEN3UGy6SXVhnfg
Title: youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Page URL
https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&label=evMjCOqv_OMBEMyJzqEC&hn=www.googleadservices.com&frm=0&tiba=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&value=0&auid=1064463536.1684181755&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=-pJiZM2nONbD7_UPiLu70AY&sscte=1&crd=&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTX-KIETP6d1XD38ptjn0wY0vc4mDj-LKhw&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPellhbFhIelpuX2hQR0RndV9VMnJ1SFlYX2VrejRjUms3c2t6TjRBTzBwZXhNM2caWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMFhmY0p3RUJkeEs1V1NuV28zNGQ2OVhtam5pVE9zM2xmMXl0eGd4eVhybW8ySDVsU0NuOXdQOWU HTTP 302
https://www.google.com/pagead/1p-conversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&label=evMjCOqv_OMBEMyJzqEC&hn=www.googleadservices.com&frm=0&tiba=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&value=0&auid=1064463536.1684181755&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPellhbFhIelpuX2hQR0RndV9VMnJ1SFlYX2VrejRjUms3c2t6TjRBTzBwZXhNM2caWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMFhmY0p3RUJkeEs1V1NuV28zNGQ2OVhtam5pVE9zM2xmMXl0eGd4eVhybW8ySDVsU0NuOXdQOWU&is_vtc=1&ocp_id=-pJiZM2nONbD7_UPiLu70AY&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTYuoq1Af9ZqqtNYfm-HMsGA9abkd0eLPew&random=753934369 HTTP 0
https://www.google.de/pagead/1p-conversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&label=evMjCOqv_OMBEMyJzqEC&hn=www.googleadservices.com&frm=0&tiba=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&value=0&auid=1064463536.1684181755&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPellhbFhIelpuX2hQR0RndV9VMnJ1SFlYX2VrejRjUms3c2t6TjRBTzBwZXhNM2caWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMFhmY0p3RUJkeEs1V1NuV28zNGQ2OVhtam5pVE9zM2xmMXl0eGd4eVhybW8ySDVsU0NuOXdQOWU&is_vtc=1&ocp_id=-pJiZM2nONbD7_UPiLu70AY&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTYuoq1Af9ZqqtNYfm-HMsGA9abkd0eLPew&random=753934369&ipr=y

Request Chain 69

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2739593&time=1684181755134&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F HTTP 0
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2739593%26time%3D1684181755134%26url%3Dhttps%253A%252F%252Fwww.guidepointsecurity.com%252Fblog%252Fgrit-ransomware-report-april-2023%252F%26liSync%3Dtrue

108 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ 212 B
856 B 56ms
10ms Document
text/html 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: close
Content-Length: 212
Content-Type: text/html
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Iinfo: 7-55015729-0 0NNN RT(1684181753293 9) q(0 -1 -1 2) r(0 -1) B10(4,314,0) U18

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.guidepointsecurity.com/ 178 KB
26 KB 29ms
16ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

21ccaafd8698f93edc0f9d71669b4f5fb9ca620ca873fd52838aa0210e0882a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 26191
Content-Type: application/javascript

GET
H/1.1 200
OK _Incapsula_Resource
www.guidepointsecurity.com/ 29 B
237 B 7ms
6ms XHR
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/_Incapsula_Resource?SWHANEDL=7029479894593840869,1564341207574811704,10311533064782491111,1114289

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 29
Content-Type: application/javascript

GET
H/1.1 200
OK Primary Request / Show response
www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ 261 KB
58 KB 709ms
709ms Document
text/html 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

nginx /

Resource Hash

267258b4cb17fda013f45259776175fe5f9a10178877c187709d9c4dd5de7813

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; child-src 'self' blob:;frame-src 'self' fast.wistia.com fast.wistia.net .hotjar.com .marketo.com .marketo.net go.guidepointsecurity.com optimize.google.com .youtube.com cdn.bizible.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;default-src 'self' .wistia.com .wistia.net;connect-src 'self' .mktoresp.com .mktoutil.com www.google-analytics.com optimize.google.com .omappapi.com .omwpapi.com .hotjar.com .hotjar.io wss://.hotjar.com .litix.io .wistia.com embedwistia-a.akamaihd.net guidepointsecurity.okta.com go.guidepointsecurity.com yoast.com .doubleclick.net ws://127.0.0.1:35729/livereload https://settings.luckyorange.net wss://.visitors.live https://pubsub.googleapis.com https://api.luckyorange.com my.yoast.com wss://visitors.live script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com cdn.bizible.com;font-src 'self' data: .wistia.com fonts.gstatic.com .typekit.net .omappapi.com cdn.bizible.com;media-src 'self' blob: data: .wistia.com .wistia.net embedwistia-a.akamaihd.net d10lpsik1i8c69.cloudfront.net cdn.bizible.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' .wistia.com .wistia.net src.litix.io lltrck.com .marketo.com .marketo.net .hotjar.com www.googleadservices.com www.googletagmanager.com www.google-analytics.com optimize.google.com okt.to static.oktopost.com cdn.callrail.com global.oktacdn.com .typekit.net .omwpapi.com .omappapi.com .atlassian.net go.guidepointsecurity.com www.google.com https://d10lpsik1i8c69.cloudfront.net snap.licdn.com static.ads-twitter.com script.crazyegg.com bat.bing.com cdn.bizible.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;style-src 'self' blob: 'unsafe-inline' .marketo.com fonts.googleapis.com global.oktacdn.com go.guidepointsecurity.com optimize.google.com .omappapi.com yoast.com d10lpsik1i8c69.cloudfront.net cdn.bizible.com;img-src 'self' data: embedwistia-a.akamaihd.net .wistia.com .wistia.net lltrck.com www.google-analytics.com optimize.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net www.google.com global.oktacdn.com .googleusercontent.com .typekit.net .omwpapi.com .omappapi.com go.guidepointsecurity.com www.guidepointsecurity.com .gravatar.com https://d10lpsik1i8c69.cloudfront.net t.co analytics.twitter.com px.ads.linkedin.com bat.bing.com cdn.bizible.com;worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: https://www.guidepointsecurity.com
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests; child-src 'self' blob:;frame-src 'self' fast.wistia.com fast.wistia.net *.hotjar.com *.marketo.com *.marketo.net go.guidepointsecurity.com optimize.google.com *.youtube.com cdn.bizible.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;default-src 'self' *.wistia.com *.wistia.net;connect-src 'self' *.mktoresp.com *.mktoutil.com www.google-analytics.com optimize.google.com *.omappapi.com *.omwpapi.com *.hotjar.com *.hotjar.io wss://*.hotjar.com *.litix.io *.wistia.com embedwistia-a.akamaihd.net guidepointsecurity.okta.com go.guidepointsecurity.com yoast.com *.doubleclick.net ws://127.0.0.1:35729/livereload https://settings.luckyorange.net wss://*.visitors.live https://pubsub.googleapis.com https://api.luckyorange.com my.yoast.com wss://visitors.live script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com cdn.bizible.com;font-src 'self' data: *.wistia.com fonts.gstatic.com *.typekit.net *.omappapi.com cdn.bizible.com;media-src 'self' blob: data: *.wistia.com *.wistia.net embedwistia-a.akamaihd.net d10lpsik1i8c69.cloudfront.net cdn.bizible.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.wistia.com *.wistia.net src.litix.io lltrck.com *.marketo.com *.marketo.net *.hotjar.com www.googleadservices.com www.googletagmanager.com www.google-analytics.com optimize.google.com okt.to static.oktopost.com cdn.callrail.com global.oktacdn.com *.typekit.net *.omwpapi.com *.omappapi.com *.atlassian.net go.guidepointsecurity.com www.google.com https://d10lpsik1i8c69.cloudfront.net snap.licdn.com static.ads-twitter.com script.crazyegg.com bat.bing.com cdn.bizible.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/;style-src 'self' blob: 'unsafe-inline' *.marketo.com fonts.googleapis.com global.oktacdn.com go.guidepointsecurity.com optimize.google.com *.omappapi.com yoast.com d10lpsik1i8c69.cloudfront.net cdn.bizible.com;img-src 'self' data: embedwistia-a.akamaihd.net *.wistia.com *.wistia.net lltrck.com www.google-analytics.com optimize.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net www.google.com global.oktacdn.com *.googleusercontent.com *.typekit.net *.omwpapi.com *.omappapi.com go.guidepointsecurity.com www.guidepointsecurity.com *.gravatar.com https://d10lpsik1i8c69.cloudfront.net t.co analytics.twitter.com px.ads.linkedin.com bat.bing.com cdn.bizible.com;worker-src 'self' blob:;
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 May 2023 20:15:54 GMT
Keep-Alive: timeout=20
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Iinfo: 9-91552829-91552833 NNNN CT(118 118 0) RT(1684181753325 88) q(0 0 2 -1) r(3 7) U12
X-Pass-Why: custom-path
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK _Incapsula_Resource
www.guidepointsecurity.com/ 1 B
278 B 22ms
6ms Image
text/plain 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guidepointsecurity.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4569384045892597

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET _Incapsula_Resource
www.guidepointsecurity.com/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 43ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans%3Awght%40300%3B400%3B500%3B700&ver=6.1.1&display=swap

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fca3e7d61309cbb18f93b4c7855ca2059fa0ddbd3e1413f82610adc6af533a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 20:15:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:15:54 GMT

GET
H/1.1 200
OK classic-themes.min.css
www.guidepointsecurity.com/wp-includes/css/ 217 B
570 B 19ms
10ms Stylesheet
text/css 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Oct 2022 13:45:16 GMT
X-CDN: Imperva
Etag: "6357e86c-d9"
Content-Type: text/css
X-Iinfo: 13-221143271-0 0CNN RT(1684181753442 696) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 189

GET
H/1.1 200
OK cookieconsent.css
www.guidepointsecurity.com/wp-content/plugins/vital-privacy-controls/assets/css/ 5 KB
2 KB 22ms
9ms Stylesheet
text/css 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/vital-privacy-controls/assets/css/cookieconsent.css?ver=1.0

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

697467addf929b3b02e9bbe5ac795ef23fed6b7eb7c734d7127ad6d59246bb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 21 Oct 2020 14:03:27 GMT
X-CDN: Imperva
Etag: W/"5f903faf-1579"
Content-Type: text/css
X-Iinfo: 10-124361862-0 0CNN RT(1684181754134 7) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 1813

GET
H/1.1 200
OK frontend.min.css
www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/css/ 101 KB
16 KB 23ms
10ms Stylesheet
text/css 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.10.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

80a2d7122993ca65b09a265a92ab7275d283afa3edeca1c735f37b0b05490fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:12:35 GMT
X-CDN: Imperva
Etag: W/"64484243-19578"
Content-Type: text/css
X-Iinfo: 7-55015775-0 0CNN RT(1684181754135 7) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 15713

GET
H/1.1 200
OK flatpickr.min.css
www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 14 KB
3 KB 23ms
8ms Stylesheet
text/css 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.10.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:12:35 GMT
X-CDN: Imperva
Etag: W/"64484243-3601"
Content-Type: text/css
X-Iinfo: 8-62854311-0 0CNN RT(1684181754136 8) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 2800

GET
H/1.1 200
OK select2.min.css
www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 25ms
10ms Stylesheet
text/css 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:12:35 GMT
X-CDN: Imperva
Etag: W/"64484243-3a75"
Content-Type: text/css
X-Iinfo: 10-124361864-0 0CNN RT(1684181754136 9) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 2043

GET
H/1.1 200
OK main.css
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/dist/styles/ 228 KB
37 KB 26ms
8ms Stylesheet
text/css 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/dist/styles/main.css?ver=1678126990

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

f947d66bef67ba2d9dc2f4ef3ebb1325ba781ee0a118cfad87789c6db6b7a11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 06 Mar 2023 18:23:10 GMT
X-CDN: Imperva
Etag: W/"64062f8e-38f40"
Content-Type: text/css
X-Iinfo: 13-221143271-0 0CNN RT(1684181753442 706) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 37355

GET
H/1.1 200
OK jquery.min.js Show response
www.guidepointsecurity.com/wp-includes/js/jquery/ 88 KB
31 KB 30ms
9ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 19 Sep 2022 14:16:24 GMT
X-CDN: Imperva
Etag: W/"632879b8-15e54"
Content-Type: application/javascript
X-Iinfo: 10-124361862-0 0CNN RT(1684181754134 17) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 31228

GET
H/1.1 200
OK cher-frontend.min.js Show response
www.guidepointsecurity.com/wp-content/plugins/cher/assets/js/ 621 B
775 B 32ms
8ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/cher/assets/js/cher-frontend.min.js?ver=1.0.0

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

6f0440e8eed47b274a5757b906ef7e8ba5679f84c5ef0a5ebb9b71ee954452df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 21 Oct 2020 14:03:27 GMT
X-CDN: Imperva
Etag: W/"5f903faf-26d"
Content-Type: application/javascript
X-Iinfo: 8-62854311-0 0CNN RT(1684181754136 17) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 380

GET
H/1.1 200
OK flatpickr.min.js Show response
www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 49 KB
15 KB 35ms
9ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.10.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:12:35 GMT
X-CDN: Imperva
Etag: W/"64484243-c5a4"
Content-Type: application/javascript
X-Iinfo: 10-124361864-0 0CNN RT(1684181754136 19) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 14616

GET
H/1.1 200
OK select2.min.js Show response
www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 38ms
10ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.10.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:12:35 GMT
X-CDN: Imperva
Etag: W/"64484243-114c3"
Content-Type: application/javascript
X-Iinfo: 7-55015775-0 0CNN RT(1684181754135 23) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 20065

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 86ms
15ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: 2b7ee3fafd5878a1aeda3fb3f439057fb78130388be09b5f15a751ef466f28f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 21:45:15 GMT
server: ECS (amb/6BA7)
age: 67725
etag: "33a91df5184d91:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25471

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
85 KB 70ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18a6c44e1786128bba5ba47d43281db5454df181410e3a05774b8f54264bd238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86780
x-xss-protection: 0
last-modified: Mon, 15 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 20:15:54 GMT

GET
DATA 200
OK truncated
/ 131 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 443600e1753faafac64408af3fb60266f1be5f79e8d941a6ee251bfb3f029d32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 41ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans%3Awght%40300%3B400%3B500%3B700&ver=6.1.1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.guidepointsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 13:31:49 GMT
x-content-type-options: nosniff
age: 197045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 13:31:49 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 41ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans%3Awght%40300%3B400%3B500%3B700&ver=6.1.1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.guidepointsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 23:15:07 GMT
x-content-type-options: nosniff
age: 248447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 23:15:07 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f07f68ba3bc012a67505250ceb0199b7830960ac28b051854fb82acc94646624

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3e41cf5c938a2943d23015b72c9ad0330be97ee83603641046d0920851e6ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5ab1771420f6a7d3fdd1fac48673be45c88b47efcc519c9f562feb8eecf0f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 forms2.min.js Show response
go.guidepointsecurity.com/js/forms2/js/ 208 KB
69 KB 122ms
33ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.guidepointsecurity.com/js/forms2/js/forms2.min.js

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 17:50:04 GMT
server: cloudflare
age: 5632
etag: "4a12de-33e51-5faf5eb3b0b00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7c7e0e3f8b1b046a-FRA
expires: Tue, 16 May 2023 00:15:54 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
898 B 46ms
16ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6caf24ef0c82fe050f16d1d04629d10d61eae365f6f31bc27f2107aab89c4fa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578
x-xss-protection: 1; mode=block
expires: Mon, 15 May 2023 20:15:54 GMT

GET
H/1.1 200
OK rot13-encode-decode.js Show response
www.guidepointsecurity.com/wp-content/mu-plugins/vital-core/public/rot13-encode-decode/ 633 B
774 B 10ms
9ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/mu-plugins/vital-core/public/rot13-encode-decode/rot13-encode-decode.js?ver=1.0

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

35ad1262c83146129e7b19b7c304932da742fdcebb127d54a6f166981148ae3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 21 Oct 2020 14:03:27 GMT
X-CDN: Imperva
Etag: W/"5f903faf-279"
Content-Type: application/javascript
X-Iinfo: 9-91552829-0 0CNN RT(1684181753325 925) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 378

GET
H/1.1 200
OK cookieconsent.min.js Show response
www.guidepointsecurity.com/wp-content/plugins/vital-privacy-controls/assets/js/ 19 KB
7 KB 11ms
9ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/vital-privacy-controls/assets/js/cookieconsent.min.js?ver=1.0

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 21 Oct 2020 14:03:27 GMT
X-CDN: Imperva
Etag: W/"5f903faf-4d5a"
Content-Type: application/javascript
X-Iinfo: 10-124361864-0 0CNN RT(1684181754136 115) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 6529

GET
H/1.1 200
OK vital-privacy-cookie-notice.js Show response
www.guidepointsecurity.com/wp-content/plugins/vital-privacy-controls/assets/js/ 2 KB
1 KB 9ms
8ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/vital-privacy-controls/assets/js/vital-privacy-cookie-notice.js?ver=1.0

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

09b819e3b2665b818246670fb017f4eea3f19657d823ba9c22722cf19d7fdb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 21 Oct 2020 14:03:27 GMT
X-CDN: Imperva
Etag: W/"5f903faf-893"
Content-Type: application/javascript
X-Iinfo: 7-55015775-0 0CNN RT(1684181754135 116) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 666

GET
H/1.1 200
OK frontend.min.js Show response
www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/js/ 18 KB
4 KB 12ms
10ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.10.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

b17fe7091c0ec8e16acb022f3de1fe6f3ddaf4822eff6010a2c7563e34da7789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:12:35 GMT
X-CDN: Imperva
Etag: W/"64484243-46cc"
Content-Type: application/javascript
X-Iinfo: 13-221143271-0 0CNN RT(1684181753442 809) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 4135

GET
H/1.1 200
OK slick.min.js Show response
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/slick/ 42 KB
11 KB 13ms
11ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/slick/slick.min.js?ver=1.8.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 24 Mar 2022 21:40:37 GMT
X-CDN: Imperva
Etag: W/"623ce555-a76f"
Content-Type: application/javascript
X-Iinfo: 10-124361862-0 0CNN RT(1684181754134 119) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 10564

GET
H/1.1 200
OK lottie.min.js Show response
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/lottie-web/ 250 KB
64 KB 13ms
12ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/lottie-web/lottie.min.js?ver=5.7.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

4c65e73bfbb0312929232d4b0b255f3a954418db0ee428912979f5cba0b48c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 24 Mar 2022 21:40:37 GMT
X-CDN: Imperva
Etag: W/"623ce555-3e812"
Content-Type: application/javascript
X-Iinfo: 8-62854311-0 0CNN RT(1684181754136 116) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 65097

GET
H/1.1 200
OK in-view.min.js Show response
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/in-view/ 5 KB
2 KB 11ms
10ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/in-view/in-view.min.js?ver=0.6.1

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 24 Mar 2022 21:40:37 GMT
X-CDN: Imperva
Etag: W/"623ce555-14be"
Content-Type: application/javascript
X-Iinfo: 9-91552829-0 0CNN RT(1684181753325 942) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 2129

GET
H/1.1 200
OK jquery.dcd.doubletaptogo.min.js Show response
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/doubletaptogo/ 2 KB
1 KB 11ms
10ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/lib/doubletaptogo/jquery.dcd.doubletaptogo.min.js?ver=3.0.2

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

985a329121413ae5b9c3c31c166120e8b61de392e68bdeb61f6f926074044db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 24 Mar 2022 21:40:37 GMT
X-CDN: Imperva
Etag: W/"623ce555-771"
Content-Type: application/javascript
X-Iinfo: 10-124361862-0 0CNN RT(1684181754134 132) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 913

GET
H/1.1 200
OK main.js Show response
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/dist/scripts/ 29 KB
9 KB 17ms
17ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/dist/scripts/main.js?ver=1678126990

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

2311ef1c9800076c5753b0406d16babb1502a0cbed7fbe0faf0c88b3eb9442ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 06 Mar 2023 18:23:10 GMT
X-CDN: Imperva
Etag: W/"64062f8e-7331"
Content-Type: application/javascript
X-Iinfo: 13-221143271-0 0CNN RT(1684181753442 833) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 8411

GET
H/1.1 200
OK lazyload.min.js Show response
www.guidepointsecurity.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 13ms
13ms Script
application/javascript 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guidepointsecurity.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 25 Apr 2023 21:14:41 GMT
X-CDN: Imperva
Etag: W/"644842c1-22bc"
Content-Type: application/javascript
X-Iinfo: 10-124361864-0 0CNN RT(1684181754136 133) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 3055

GET
DATA 200
OK truncated
/ 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f4d6089a819413a6df005ef35e976c1ec04db1b44fc71971d3a6af75c684

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf8951c00321b669d333bf06a42c090702b764df217743f0e8b192d2f2de2662

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2902b7e86b4a656228ad1b646d19cda7720f890f8f5ba3b5eceb2dd23633355d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c3abba85eab04f7b402cb6dafeabc5b3ceb52b4325a09dbd0297835afdfb379

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 194 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7ef2b53caf99b02f91d8ed9125d4bd86a642677a0427b411f083352cf5d6139

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c168e252dcd59b98c43fa6c14f3ecd0b29ce6a38f57ea48a162a1a329ad7425d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK footer-background.png
www.guidepointsecurity.com/wp-content/uploads/2020/08/ 62 KB
62 KB 9ms
8ms Image
image/png 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guidepointsecurity.com/wp-content/uploads/2020/08/footer-background.png

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

23f1841184dfb5d74d4766c0f6d2fe916e73f3e28bc15dbb2c7e599f2b570d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 May 2023 21:38:49 GMT
X-CDN: Imperva
Etag: "6452d469-f786"
Content-Type: image/png
X-Iinfo: 7-55015775-0 0CNN RT(1684181754135 131) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 63366

GET
DATA 200
OK truncated
/ 481 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed088b2afc95ccc0304edf02bb1b0c074d201e2f21259e3f8dc5e3fb6af1dc41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans%3Awght%40300%3B400%3B500%3B700&ver=6.1.1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.guidepointsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:47:49 GMT
x-content-type-options: nosniff
age: 239285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 01:47:49 GMT

GET optimize.js
www.googleoptimize.com/ 0
0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/607356108/ 3 KB
2 KB 65ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/607356108/?random=1684181754865&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&label=evMjCOqv_OMBEMyJzqEC&hn=www.googleadservices.com&frm=0&tiba=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&value=0&bttype=purchase&auid=1064463536.1684181755&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

52b23c80484dd86abcecd8638752fd131be0902593688ea227fb8ae3c523e2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 69ms
16ms Script
application/x-javascript 2a02:26f0:3500:16::215:1490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=41261
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 58ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230043-FRA

GET
H2 200 3028.js Show response
script.crazyegg.com/pages/scripts/0110/ 6 KB
2 KB 62ms
20ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0110/3028.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1010b2c38342d9f245cac48a5129aca5b00085b2b198b153a6886702686812d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13225
cf-polished: origSize=6063
ce-version: 11.5.75
cf-bgj: minify
last-modified: Mon, 15 May 2023 16:35:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 7c7e0e404d9390d7-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 66ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 15 May 2023 20:15:54 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FE3F37C064C421FAAD2B607F381E33D Ref B: FRAEDGE1517 Ref C: 2023-05-15T20:15:54Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12195

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 18:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6015
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 20:35:39 GMT

GET
H2 200 oktrk.js Show response
static.oktopost.com/ 9 KB
4 KB 86ms
19ms Script
application/javascript 13.32.110.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.oktopost.com/oktrk.js
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-69.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 23:53:53 GMT
content-encoding: gzip
via: 1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 09:47:41 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 73322
etag: W/"57315c24d6fec75c4d46a8cc3fa6e0d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yTxme1uBcDOxPv1zcT-BT72mMW89r0NC5AZ5lV1xAW7srV3wK-4yUw==

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 41ms
13ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:50:01 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1554
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: RmNMe-1khSUTBsTEUMjOuhs0nBsxUQ2SkvtYzgomciJ_OnBlNaUkPA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVDYN94XH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f94602960fa1ff233cc32d346a38abf2ca94b34eddccd907b9f35f00f30d216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 20:15:54 GMT

GET
H2 200 getForm Show response
go.guidepointsecurity.com/index.php/form/ 6 KB
2 KB 62ms
61ms Script
application/javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.guidepointsecurity.com/index.php/form/getForm?munchkinId=995-MTM-359&form=3179&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&callback=jQuery1124018922688446508196_1684181754893&_=1684181754894
Requested by: Host: go.guidepointsecurity.com
URL: https://go.guidepointsecurity.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 228f0f0898b1da4778ec8018cb4eed7b1f9d8453361c44be2a2c999f0a31e695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:54 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7c7e0e403c01046a-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 411 KB
165 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guidepointsecurity.com/
Origin: https://www.guidepointsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 18:15:25 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 196ms
34ms Script
application/x-javascript 104.77.31.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/dist/scripts/main.js?ver=1678126990
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.31.43 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-31-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 403 lt-v2.min.js
lltrck.com/ 0
0 326ms
103ms Script
text/html 52.73.0.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/lt-v2.min.js
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/dist/scripts/main.js?ver=1678126990
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.0.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-0-225.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 50 KB
19 KB 73ms
14ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: d7c20247857c9627b5552e890b46e76d22ae989102eeffb9ab5f62df6b1c9002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 05/08/2023 15:04:44
cdn-pullzone: 293267
last-modified: Tue, 02 May 2023 20:35:19 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 370
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64517407-c83b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 06bc95b77968a6645b0b0c103ea25830
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
327 B 13ms
13ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=f4389d8b842e48eb81c0c3bd498c427f&_biz_s=8523d&_biz_l=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&_biz_t=1684181754830&_biz_i=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&_biz_n=0&rnd=905408&cdn_o=a&_biz_z=1684181755008
Requested by: Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:15:55 GMT
last-modified: Wed, 10 May 2023 18:20:29 GMT
server: ECS (amb/6B75)
age: 438926
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET u
cdn.bizibly.com/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
217 B 19ms
18ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=876486812&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&ul=en-us&de=UTF-8&dt=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=1650433308&gjid=656705506&cid=685027152.1684181755&tid=UA-146819107-1&_gid=1389567852.1684181755&_r=1&_slc=1&gtm=45He35a0n81M3WXW77&z=1245028544

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guidepointsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:15:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guidepointsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 25 B
686 B 713ms
680ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&s=326682

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c7954754ee5cde5d9c8ba7781b4a0f4427ca8fa7c1d54123c3a16320a653aa6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.guidepointsecurity.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf%2Fno1ETDpZAJr3RkYXWVk28vGkKWEx%2Fdz5udfYfIBLQNYvX20u3F6VK2ZPKEC%2F9aVJXrdBE%2F1x2shpcX7%2Bt0buBWg%2Bay%2Bdz%2FXnOrcp6HsBy39wDDyrHlHaF%2FIIA55rg9YHungoYH35%2F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7c7e0e417d0b927a-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET

/
www.google.de/pagead/1p-conversion/607356108/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.co...
https://www.google.de/pagead/1p-conversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com...

0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 69ms
29ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-146819107-1&cid=685027152.1684181755&jid=1650433308&gjid=656705506&_gid=1389567852.1684181755&_u=YEBAAEAAQAAAACAAI~&z=1260129820

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guidepointsecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 15 May 2023 20:15:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guidepointsecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.guidepointsecurity.com.json Show response
script.crazyegg.com/pages/data-scripts/0110/3028/site/ Frame C312 961 B
711 B 152ms
136ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0110/3028/site/www.guidepointsecurity.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0110/3028.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73919457241a7b05c38b9d9288009df461f837d8227600007502229e21ae780f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 15 May 2023 20:15:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.75
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c7e0e41aed73a84-FRA
content-length: 442

GET token
cdn.linkedin.oribi.io/partner/2739593/domain/guidepointsecurity.com/ 0
0

GET

li_sync
www.linkedin.com/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2739593&time=1684181755134&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2739593%26time%3D1684181755134%26url%3Dhttps%253A%252F%252Fwww.guidepointsecurity...

0
0

GET
H2 200 adsct
t.co/i/ 43 B
376 B 226ms
142ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=06b625ce-9a71-493e-9615-489ec8059e63&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5cf6457-f5ed-43e4-b518-01fc0b9bb676&tw_document_href=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5dds&type=javascript&version=2.3.29

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 115
date: Mon, 15 May 2023 20:15:54 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1410e34274dfd837
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 4f7e3e51c3b68fb50a34166434cc0a3a02cdff4e4a36c7c9e09b56eb9e0dd122
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 231ms
137ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=06b625ce-9a71-493e-9615-489ec8059e63&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f5cf6457-f5ed-43e4-b518-01fc0b9bb676&tw_document_href=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5dds&type=javascript&version=2.3.29

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 15 May 2023 20:15:55 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c2b3c3897c7fece8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7c078e6c76d5b54b7310d0ef5894266f64a5aa7ac2d2df9ffaac29a124d44058
content-length: 43

GET
H2 200 ping Show response
okt.to/ 0
100 B 333ms
115ms Script
text/javascript 52.20.195.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://okt.to/ping?uri=%2Fblog%2Fgrit-ransomware-report-april-2023%2F&aid=00175Xcc9w9A9fd&ts=1684181755144

Requested by

Host: static.oktopost.com
URL: https://static.oktopost.com/oktrk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.20.195.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-195-32.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
strict-transport-security: max-age=31536000;
content-type: text/javascript;charset=UTF-8

GET
H2 200 forms2.css
go.guidepointsecurity.com/js/forms2/css/ 13 KB
3 KB 19ms
19ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.guidepointsecurity.com/js/forms2/css/forms2.css

Requested by

Host: go.guidepointsecurity.com
URL: https://go.guidepointsecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 17:50:03 GMT
server: cloudflare
age: 5633
etag: "4a131e-3437-5faf5eb2bc8c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c7e0e41be32046a-FRA
content-length: 2623
expires: Tue, 16 May 2023 00:15:55 GMT

GET
H2 200 forms2-theme-simple.css
go.guidepointsecurity.com/js/forms2/css/ 826 B
326 B 48ms
48ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.guidepointsecurity.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: go.guidepointsecurity.com
URL: https://go.guidepointsecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 17:50:03 GMT
server: cloudflare
age: 5633
etag: "4a131d-33a-5faf5eb2bc8c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7c7e0e41be35046a-FRA
content-length: 242
expires: Tue, 16 May 2023 00:15:55 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
525 B 123ms
123ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=f4389d8b842e48eb81c0c3bd498c427f&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.05.11
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: 834829e48d33bea1487a7e85a6fcd79a29d5f1534da84334f6d7adf137668d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
server: ECS (amb/6BBB)
etag: F61B6F4A
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 218

GET
H2 204 148019897.js Show response
bat.bing.com/p/action/ 0
116 B 112ms
112ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/148019897.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 15 May 2023 20:15:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DE2E131169449E7BE60E12F250EA231 Ref B: FRAEDGE1517 Ref C: 2023-05-15T20:15:55Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 38ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=148019897&tm=gtm002&Ver=2&mid=da90a7a6-8b48-4f07-950c-c6ea459eb4aa&sid=4c0ba1b0f35d11ed94271bb05429dbc9&vid=4c0bc950f35d11eda84309cb68de2c5d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&p=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&r=&lt=1140&evt=pageLoad&sv=1&rn=374601

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 15 May 2023 20:15:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6230583893D84AA8BA8B1AAE180D648B Ref B: FRAEDGE1517 Ref C: 2023-05-15T20:15:55Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 19ms
19ms Stylesheet
text/css 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 863
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/08/2023 15:04:44
cdn-pullzone: 293267
last-modified: Tue, 02 May 2023 20:35:20 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 370
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64517408-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9c49534132cb90cde60b4c0a4a2fee07
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 82125 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 249ms
175ms XHR
application/json 18.66.15.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/82125?d=guidepointsecurity.com
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-74.vie50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 1d3ee8d803dafbee4a2f9cd13c930d34cd6f487df3e5ad42c062606bde17b6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: VIE50-P1
x-cache-status: EXPIRED
x-cache: Miss from cloudfront
x-optinmonster-account: 92405
x-user-agent: standard--
last-modified: Fri, 05 May 2023 14:38:54 GMT
server: Pagely Gateway/1.5.1
etag: W/"6f0bbe0c732f43c49f4317a7b2f78568"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: hPpSb71Oh2hWDkdBD0wNxlJs8gQXwOu2h1k6RBWxqbi0DOGvM0oVyw==
expires: Mon, 15 May 2023 20:16:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-146819107-1&cid=685027152.1684181755&jid=1650433308&_u=YEBAAEAAQAAAACAAI~&z=1616307480

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:15:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK GRIT_background_2000x675.png
www.guidepointsecurity.com/wp-content/uploads/2022/07/ 476 KB
476 KB 192ms
191ms Image
image/png 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guidepointsecurity.com/wp-content/uploads/2022/07/GRIT_background_2000x675.png

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

b585dbde8dc50f0110777f99110d7639b612351d58880f57ae937c402151f7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 03 May 2023 21:14:53 GMT
X-CDN: Imperva
Etag: "6452cecd-76f9b"
Content-Type: image/png
X-Iinfo: 13-221143271-0 0CNN RT(1684181753442 1490) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=0
Content-Length: 487323

GET
H/1.1 200
OK grit-blog-tag.png
www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/src/images/ 185 KB
185 KB 16ms
15ms Image
image/png 107.154.76.199
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.guidepointsecurity.com/wp-content/themes/guidepointsecurity/assets/src/images/grit-blog-tag.png

Requested by

Host: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.199 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.199.ip.incapdns.net

Software

Resource Hash

ed8cc11914d7655c3518ff072a6223f6987b7e75367a005b82c54f538be34a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Mon, 03 Oct 2022 17:11:25 GMT
X-CDN: Imperva
Etag: "633b17bd-2e72d"
Content-Type: image/png
X-Iinfo: 7-55015775-55011145 2CNN RT(1684181754135 617) q(0 0 0 -1) r(0 0) U18
Cache-Control: max-age=0
Content-Length: 189153

GET
H2 404 nfzzoxtovsmgz3i3stqa Show response
api.omappapi.com/v2/embed/82125/ 126 B
569 B 204ms
145ms XHR
application/json 18.66.15.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/82125/nfzzoxtovsmgz3i3stqa
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-74.vie50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
x-user-agent: standard--
via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: VIE50-P1
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
content-length: 126
x-amz-cf-id: mOoUdO5SVu7EhIgmYlOzoDr5Smn8yoSizBkEgptHmx31V_lhKY5peA==
expires: Mon, 15 May 2023 20:16:22 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 35ms
35ms Script
application/x-javascript 104.77.31.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.31.43 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-31-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Wed, 23 Aug 2023 20:15:55 GMT

GET
H2 200 XDFrame Show response
go.guidepointsecurity.com/index.php/form/ Frame A8FA 2 KB
871 B 382ms
381ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.guidepointsecurity.com/index.php/form/XDFrame

Requested by

Host: go.guidepointsecurity.com
URL: https://go.guidepointsecurity.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a87e0628d30dbd78780e03c1fb95a4c033c71365633056cc0d173eaf46687cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guidepointsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7c7e0e428f4a046a-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 15 May 2023 20:15:55 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0DFE 51 KB
28 KB 45ms
34ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu&co=aHR0cHM6Ly93d3cuZ3VpZGVwb2ludHNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=xtgfty8ag0j3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21aec9ae85864f0e78a7cf9eb2ac785e6eae2ecc10247bd3c87e3899f369afd6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qPo3hPqgcuPaNM7lb8b9hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guidepointsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28401
content-security-policy: script-src 'report-sample' 'nonce-qPo3hPqgcuPaNM7lb8b9hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:15:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK visitWebPage
995-mtm-359.mktoresp.com/webevents/ 2 B
318 B 975ms
102ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://995-mtm-359.mktoresp.com/webevents/visitWebPage?_mchNc=1684181755321&_mchCn=&_mchId=995-MTM-359&_mchTk=_mch-guidepointsecurity.com-1684181755320-55232&_mchHo=www.guidepointsecurity.com&_mchPo=&_mchRu=%2Fblog%2Fgrit-ransomware-report-april-2023%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 20:15:56 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: ade19216-d23c-4c3c-800a-56bbe2e9f0ff

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 0DFE 55 KB
24 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu&co=aHR0cHM6Ly93d3cuZ3VpZGVwb2ludHNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=xtgfty8ag0j3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 19:52:20 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 0DFE 411 KB
164 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 18:15:25 GMT

GET
DATA 200
OK truncated
/ Frame 0DFE 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0DFE 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0DFE 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:52:14 GMT
x-content-type-options: nosniff
age: 159821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 20 May 2023 23:52:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0DFE 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 161240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:28:35 GMT

GET
H2 200 5.112e6dc7.min.js Show response
a.omappapi.com/app/js/ 16 KB
6 KB 19ms
19ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/5.112e6dc7.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1075
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/08/2023 15:04:47
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:03 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 567
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ab-3f86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 7233428d30d3a5117aa2bd4ec841fd08
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0DFE 102 B
132 B 16ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu&co=aHR0cHM6Ly93d3cuZ3VpZGVwb2ludHNlY3VyaXR5LmNvbTo0NDM.&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=xtgfty8ag0j3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 15 May 2023 20:15:55 GMT

GET
H2 200 4.297302bd.min.js Show response
a.omappapi.com/app/js/ 41 KB
13 KB 14ms
13ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/4.297302bd.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 2abc2cacef3c741b579ebe45e2531323ffa8d8a7f40d73dff4c36bc732b9ae98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1076
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 05/08/2023 15:04:44
cdn-pullzone: 293267
last-modified: Tue, 02 May 2023 19:12:44 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 376
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"645160ac-a570"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4c3619374f4845fe078f2ed202e6bf4b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C670 7 KB
1 KB 32ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82548f664ede7c6648a8d38d40c01ec58237624a52d8547220714ec3c5034725

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-buUuq_r9AIdulZ9Ec4gNGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guidepointsecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1150
content-security-policy: script-src 'report-sample' 'nonce-buUuq_r9AIdulZ9Ec4gNGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:15:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 26.541fc4ba.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 15ms
15ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/26.541fc4ba.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 2d7b5cdc9eb18ab6290ed16d3ed4f8b99a03ff7824f421b1929a7161ea74443c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1077
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:22:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 568
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485290-b1f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0ca4981da2ade9c86d16ffde15833874
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 20.e40ad1db.min.js Show response
a.omappapi.com/app/js/ 4 KB
2 KB 15ms
15ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/20.e40ad1db.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 8df63939e87e03d5f16d0890511315ab0aa86bf66e64dfffb9d637b1d4c85741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1078
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 05/08/2023 15:04:44
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:22:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 621
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485290-ee0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 229024be36a94859b41fd210ed8c2347
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 28.37593e59.min.js Show response
a.omappapi.com/app/js/ 6 KB
3 KB 16ms
15ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/28.37593e59.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: d08aa5fe6131891425c044dd702f43f2ecf647100e35173a102fe03fe49b0270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1076
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:21:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 590
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485254-1761"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5bdcea7dc15779920c4c3124d3a958d4
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 34.01aeaad3.min.js Show response
a.omappapi.com/app/js/ 8 KB
3 KB 17ms
16ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/34.01aeaad3.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 0cf67a42bb48fba065918fca80854ed3117be8fe739d0b19492331f529e868d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:05 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 566
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ad-203b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d791cafe68dcc8647012734c0cb3c319
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10.70f770b5.min.js Show response
a.omappapi.com/app/js/ 20 KB
7 KB 17ms
17ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/10.70f770b5.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: ef6d64d5a48a5bb376669ef86426e511b9d6d13b461d48b9b850c29fa107c77f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 755
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:22:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 606
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485290-4ea5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 57e8c39a9e788dc0771c38383c990d3d
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 0.d1b2acf1.min.js Show response
a.omappapi.com/app/js/ 7 KB
3 KB 22ms
22ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/0.d1b2acf1.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 0b22415e4dbc33efb82827aec6c16cc04b481b84ba903d19c76543dc671f939b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1048
perma-cache: HIT
cdn-storageserver: DE-199
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:22:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 566
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485290-1afd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 752fd40c0595de9bd92866247b12d211
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 9.4e528b17.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 25ms
24ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/9.4e528b17.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: f678e256584e843feb8b927123eac8bbd5d98c4906eb713edcd04105ff063259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1049
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:22:08 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 596
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485290-687"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bf18da3a13e48c5ed50deff9c391e120
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 11.eec3051a.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 17ms
17ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/11.eec3051a.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 26d9b6c44230968d81776300834750358ab5bdf35e7239385af3d503a4b584ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1048
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:05 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 566
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ad-7cb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 60a767cfea30e0956794b94222da22c6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 29.3ede5745.min.js Show response
a.omappapi.com/app/js/ 3 KB
2 KB 18ms
18ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/29.3ede5745.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 9b9030ba856ef3a2628973bbd256c5d8d42f92f8685c87998a3d8d4e3e35f4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 865
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:06 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 570
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ae-ade"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 0ad683113f90f239fb90dabb5e41b24e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 27.36eab21e.min.js Show response
a.omappapi.com/app/js/ 1 KB
1 KB 20ms
17ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/27.36eab21e.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: daa80cefbd2fdeeb84087c2dc6addc813e460e2f1529ec56f52ee56f152e3ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1053
perma-cache: HIT
cdn-storageserver: DE-198
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:22:11 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 621
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64485293-4f4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1027379fba1730be8f26d08478d8f7ff
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 16.ee4b7ea4.min.js Show response
a.omappapi.com/app/js/ 855 B
1 KB 23ms
22ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/16.ee4b7ea4.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 31d7ec8dcd3d069ea9f87486f661754c6b51a44e1cb994a8b19352a02572cf41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 05/08/2023 15:04:47
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:03 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 574
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ab-357"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 9a99656caa30bcd89d589a681d73b259
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.ed4cabc5.min.js Show response
a.omappapi.com/app/js/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/1.ed4cabc5.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: fc1f2449d3b12b8c18ddea07d8e73b87b2e1dc39c767d81c1278f1563a175ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 1078
perma-cache: HIT
cdn-storageserver: DE-167
cdn-cachedat: 05/08/2023 15:04:45
cdn-pullzone: 293267
last-modified: Tue, 02 May 2023 19:12:45 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 176
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"645160ad-240b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f9fad4398a4270bbeda64465cfb99ec7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 22.3cb73615.min.js Show response
a.omappapi.com/app/js/ 2 KB
2 KB 24ms
24ms Script
application/javascript 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/22.3cb73615.min.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 157acb48f0d2c4dc8d0b950af08fcf796e986d66d462f8face3d2244fb5eda18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: br
cdn-edgestorageid: 723
perma-cache: HIT
cdn-storageserver: DE-200
cdn-cachedat: 05/08/2023 15:04:46
cdn-pullzone: 293267
last-modified: Tue, 25 Apr 2023 22:14:06 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 567
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644850ae-616"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 72810190e15db5527816d1911f1b74bb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame C670 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 19:52:20 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame C670 411 KB
164 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LcxligjAAAAAO_xtJUWEPDjSEGOmpg1U2oZFOxu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168053
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 18:15:25 GMT

GET
H2 200 forms2.min.js Show response
go.guidepointsecurity.com/js/forms2/js/ Frame A8FA 208 KB
69 KB 38ms
38ms Script
application/x-javascript 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.guidepointsecurity.com/js/forms2/js/forms2.min.js

Requested by

Host: go.guidepointsecurity.com
URL: https://go.guidepointsecurity.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.guidepointsecurity.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 17:50:04 GMT
server: cloudflare
age: 5633
etag: "4a12de-33e51-5faf5eb3b0b00"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7c7e0e450ada046a-FRA
expires: Tue, 16 May 2023 00:15:55 GMT

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame FEE7 287 KB
93 KB 29ms
12ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin: https://www.guidepointsecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 12:24:51 GMT
content-encoding: gzip
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9964265
x-cache: Hit from cloudfront
last-modified: Fri, 02 Sep 2022 19:59:47 GMT
server: AmazonS3
etag: W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: H5ypgLH2N4GJVPNk-cmBKr-Uak98RQFDL9WWdgzxs1TRnaiJIj7fiA==

GET
H2 200 7f8ce6fbdf55c970fd1fd55d20476c88-optin.json Show response
a.omappapi.com/app/campaign-views/9d7e390b056e/nrhtodbdo3mw26yarxkq/ 25 KB
6 KB 71ms
14ms XHR
application/json 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/campaign-views/9d7e390b056e/nrhtodbdo3mw26yarxkq/7f8ce6fbdf55c970fd1fd55d20476c88-optin.json
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: d3003009e0a48d7c6eb2a881f20b4b0032b5426b70d9fc7fe3cecd6034a47047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:56 GMT
content-encoding: br
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-168
cdn-cachedat: 05/08/2023 15:24:04
cdn-pullzone: 293267
last-modified: Fri, 05 May 2023 14:40:21 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 147
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64551555-63fa"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6d262c67763b64b8dfca997f6916b58b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 46d120508f411683297291-The-Brick-House-05.16.2023-OptinMonster-1400-%C3%97-896-px.png
a.omappapi.com/users/9d7e390b056e/images/ 14 KB
15 KB 23ms
23ms Image
image/webp 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/9d7e390b056e/images/46d120508f411683297291-The-Brick-House-05.16.2023-OptinMonster-1400-%C3%97-896-px.png?width=360
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: cab760a9cc0b1f44cb21c6553b1c36c3c20e56128dae49a93f1dea98c54395dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:56 GMT
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 05/08/2023 16:44:05
cdn-pullzone: 293267
content-length: 14254
last-modified: Fri, 05 May 2023 14:41:59 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 337
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "645515b7-37ae"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 43ffb4a1925bd71b8fb3bd7c6bb532d4
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 46d120508f411683297291-The-Brick-House-05.16.2023-OptinMonster-1400-%C3%97-896-px.png
a.omappapi.com/users/9d7e390b056e/images/ 14 KB
15 KB 21ms
20ms Image
image/webp 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/9d7e390b056e/images/46d120508f411683297291-The-Brick-House-05.16.2023-OptinMonster-1400-%C3%97-896-px.png?width=360
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.297302bd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: cab760a9cc0b1f44cb21c6553b1c36c3c20e56128dae49a93f1dea98c54395dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:56 GMT
cdn-edgestorageid: 722
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 05/08/2023 16:44:05
cdn-pullzone: 293267
content-length: 14254
last-modified: Fri, 05 May 2023 14:41:59 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 337
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "645515b7-37ae"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5b00bb1dd7570f334583e4ab256cf01d
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 b8fc7478bedc1644194929-Cloud-Security-eBook-OptinMonster.png
a.omappapi.com/users/9d7e390b056e/images/ 62 KB
63 KB 17ms
16ms Image
image/webp 2400:52e0:1e00::1054:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/9d7e390b056e/images/b8fc7478bedc1644194929-Cloud-Security-eBook-OptinMonster.png?width=3840&height=3840
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 164a29951fd15f4fee44e4d04b1cded9d65d475c5fe732b8bd0a99e8f4c2c59e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:15:56 GMT
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 05/08/2023 15:24:04
cdn-pullzone: 293267
content-length: 63986
last-modified: Fri, 05 May 2023 14:30:58 GMT
server: BunnyCDN-DE1-1054
cdn-fileserver: 187
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "64551322-f9f2"
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 8343ba9e454e1d05788b182190e5ae59
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content i Show response
z.omappapi.com/v3/ 0
214 B 306ms
110ms XHR
text/plain 178.128.135.233
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://z.omappapi.com/v3/i?aid=82125&cid=nrhtodbdo3mw26yarxkq&sid=5fb58baa2355a&rt=false&dv=desktop&cty=slide&url=blog%2Fgrit-ransomware-report-april-2023&v=5
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.128.135.233 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: kong/0.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.guidepointsecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.guidepointsecurity.com
Date: Mon, 15 May 2023 20:15:57 GMT
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.guidepointsecurity.com
URL: https://www.guidepointsecurity.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A11%2Cr%3A726)

Domain: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NN6Q5WQ

Domain: cdn.bizibly.com
URL: https://cdn.bizibly.com/u?_biz_u=f4389d8b842e48eb81c0c3bd498c427f&_biz_s=8523d&_biz_l=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&_biz_t=1684181755012&_biz_i=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&rnd=6987&cdn_o=a&_biz_z=1684181755012

Domain: www.google.de
URL: https://www.google.de/pagead/1p-conversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&label=evMjCOqv_OMBEMyJzqEC&hn=www.googleadservices.com&frm=0&tiba=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&value=0&auid=1064463536.1684181755&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPellhbFhIelpuX2hQR0RndV9VMnJ1SFlYX2VrejRjUms3c2t6TjRBTzBwZXhNM2caWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMFhmY0p3RUJkeEs1V1NuV28zNGQ2OVhtam5pVE9zM2xmMXl0eGd4eVhybW8ySDVsU0NuOXdQOWU&is_vtc=1&ocp_id=-pJiZM2nONbD7_UPiLu70AY&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTYuoq1Af9ZqqtNYfm-HMsGA9abkd0eLPew&random=753934369&ipr=y

Domain: cdn.linkedin.oribi.io
URL: https://cdn.linkedin.oribi.io/partner/2739593/domain/guidepointsecurity.com/token

Domain: www.linkedin.com
URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2739593%26time%3D1684181755134%26url%3Dhttps%253A%252F%252Fwww.guidepointsecurity.com%252Fblog%252Fgrit-ransomware-report-april-2023%252F%26liSync%3Dtrue

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-146819107-1&cid=685027152.1684181755&jid=1650433308&_u=YEBAAEAAQAAAACAAI~&z=1616307480

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.guidepointsecurity.com/	1970-01-20 20:34:00	Name: visid_incap_2146071 Value: cHFGWAdSRKeQxl52oyqkdvmSYmQAAAAAQUIPAAAAAAB/yCXi7DliUve7GVbWLsm8
.guidepointsecurity.com/	1969-12-31 23:59:59	Name: incap_ses_1515_2146071 Value: u+vfJIRGIE3MyXRO61wGFfmSYmQAAAAAOacN0dtoDLXmyftmUIYq0w==
.guidepointsecurity.com/	1969-12-31 23:59:59	Name: nlbi_2146071 Value: 3bIQeETAEzLyBPjOISt1bQAAAADdTRE3ybcWCvUJh0BG3GNw
.guidepointsecurity.com/	1970-01-20 20:35:17	Name: _biz_uid Value: f4389d8b842e48eb81c0c3bd498c427f
.guidepointsecurity.com/	1970-01-20 11:49:43	Name: _biz_sid Value: 8523d
.guidepointsecurity.com/	1970-01-20 20:35:17	Name: _biz_nA Value: 1
.go.guidepointsecurity.com/	1970-01-20 11:49:43	Name: __cf_bm Value: GD2GxHi0nfILma4F1FZrGwUzo1pT8KnJ.gSTewhl6qo-1684181754-0-ATMKiFAfRFH7s/OTTTh65clTA2sngcKn6J1VKMnb7G0iAmjez2l+TVVALUY2NFSswxk74CoLwnn01Bm8z4G6krA=
.guidepointsecurity.com/	1970-01-20 13:59:17	Name: _gcl_au Value: 1.1.1064463536.1684181755
.bizible.com/	1970-01-20 20:35:17	Name: _BUID Value: f4389d8b842e48eb81c0c3bd498c427f
.guidepointsecurity.com/	1970-01-20 21:25:41	Name: _ga Value: GA1.2.685027152.1684181755
.guidepointsecurity.com/	1970-01-20 11:51:08	Name: _gid Value: GA1.2.1389567852.1684181755
.guidepointsecurity.com/	1970-01-20 11:49:41	Name: _gat_UA-146819107-1 Value: 1
.guidepointsecurity.com/	1970-01-20 20:35:17	Name: _biz_pendingA Value: %5B%5D
.doubleclick.net/	1970-01-20 11:49:42	Name: test_cookie Value: CheckForPermission
.guidepointsecurity.com/	1970-01-20 11:51:08	Name: _uetsid Value: 4c0ba1b0f35d11ed94271bb05429dbc9
.guidepointsecurity.com/	1970-01-20 21:11:17	Name: _uetvid Value: 4c0bc950f35d11eda84309cb68de2c5d
www.guidepointsecurity.com/	1970-01-20 21:25:41	Name: _omappvp Value: 8EjaecFTmq8MEu5B3IN9pk2jfVa6csbXnJ8bLlney7mDLN85trzKvr7YhCwLVnw3RPgsALGkLZD5Zqjbm2vLzUvBIjwZ5cKK
.bing.com/	1970-01-20 21:11:17	Name: MUID Value: 2C03D5B82C72678609C5C6AA2D196642
www.guidepointsecurity.com/	1970-01-20 11:49:42	Name: _omappvs Value: 1684181755224
.linkedin.com/	1970-01-20 12:32:53	Name: UserMatchHistory Value: AQJbMCyXhJuoWgAAAYghDiV4ZkN99T7TdLwU3b0doCcIFlkTvWys-OqZhKBlHBGUfLMHRRXeFtTb6Q
.linkedin.com/	1970-01-20 12:32:53	Name: AnalyticsSyncHistory Value: AQKMEYL0QH8uQAAAAYghDiV4lbXc0pmVsnDBa4rzKnnz0NglFhXfUotmpqbw6aSOGoQ5rLUCvoevwTaXlyAsTg
.linkedin.com/	1970-01-20 20:35:17	Name: bcookie Value: "v=2&9fb670cb-3c3b-4af5-8bca-9b3e1800b57e"
.linkedin.com/	1970-01-20 11:51:08	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2925:u=1:x=1:i=1684181755:t=1684268155:v=2:sig=AQGvYZZSFNXDrhcdab8T9zxgadJ5aYlu"
.guidepointsecurity.com/	1970-01-20 21:25:41	Name: _mkto_trk Value: id:995-MTM-359&token:_mch-guidepointsecurity.com-1684181755320-55232
.guidepointsecurity.com/	1970-01-20 20:35:17	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22XDomain%22%3A%221%22%7D
.t.co/	1970-01-20 21:25:41	Name: muc_ads Value: be79ef1b-a1be-4804-9e40-52e9facc782c
.twitter.com/	1970-01-20 21:25:41	Name: personalization_id Value: "v1_s5MMSh3/Ip9QeyXMB2iDgw=="
go.guidepointsecurity.com/	1969-12-31 23:59:59	Name: BIGipServerab01web-nginx-app_https Value: !ggxfLp5MywqvfdakCIQPm+cqSAXSEVr/yGiV5eQvoKG0n83R7d1V/yxIn2w+iifwxOLhnyo9Mj2TLZA=
www.guidepointsecurity.com/	1970-01-20 12:32:53	Name: omSeen-nrhtodbdo3mw26yarxkq Value: 1684181756779

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3WXW77(Line 107) Message: Refused to load the script 'https://www.googleoptimize.com/optimize.js?id=OPT-NN6Q5WQ' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .wistia.com .wistia.net src.litix.io lltrck.com .marketo.com .marketo.net .hotjar.com www.googleadservices.com www.googletagmanager.com www.google-analytics.com optimize.google.com okt.to static.oktopost.com cdn.callrail.com global.oktacdn.com .typekit.net .omwpapi.com .omappapi.com *.atlassian.net go.guidepointsecurity.com www.google.com https://d10lpsik1i8c69.cloudfront.net snap.licdn.com static.ads-twitter.com script.crazyegg.com bat.bing.com cdn.bizible.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Message: Refused to load the image 'https://cdn.bizibly.com/u?_biz_u=f4389d8b842e48eb81c0c3bd498c427f&_biz_s=8523d&_biz_l=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&_biz_t=1684181755012&_biz_i=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&rnd=6987&cdn_o=a&_biz_z=1684181755012' because it violates the following Content Security Policy directive: "img-src 'self' data: embedwistia-a.akamaihd.net .wistia.com .wistia.net lltrck.com www.google-analytics.com optimize.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net www.google.com global.oktacdn.com .googleusercontent.com .typekit.net .omwpapi.com .omappapi.com go.guidepointsecurity.com www.guidepointsecurity.com *.gravatar.com https://d10lpsik1i8c69.cloudfront.net t.co analytics.twitter.com px.ads.linkedin.com bat.bing.com cdn.bizible.com".
security	error	URL: https://cdn.bizible.com/scripts/bizible.js(Line 93) Message: Refused to connect to 'https://cdn.linkedin.oribi.io/partner/2739593/domain/guidepointsecurity.com/token' because it violates the following Content Security Policy directive: "connect-src 'self' .mktoresp.com .mktoutil.com www.google-analytics.com optimize.google.com .omappapi.com .omwpapi.com .hotjar.com .hotjar.io wss://.hotjar.com .litix.io .wistia.com embedwistia-a.akamaihd.net guidepointsecurity.okta.com go.guidepointsecurity.com yoast.com .doubleclick.net ws://127.0.0.1:35729/livereload https://settings.luckyorange.net wss://*.visitors.live https://pubsub.googleapis.com https://api.luckyorange.com my.yoast.com wss://visitors.live script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com cdn.bizible.com".
security	error	URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-146819107-1&cid=685027152.1684181755&jid=1650433308&_u=YEBAAEAAQAAAACAAI~&z=1616307480' because it violates the following Content Security Policy directive: "img-src 'self' data: embedwistia-a.akamaihd.net .wistia.com .wistia.net lltrck.com www.google-analytics.com optimize.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net www.google.com global.oktacdn.com .googleusercontent.com .typekit.net .omwpapi.com .omappapi.com go.guidepointsecurity.com www.guidepointsecurity.com *.gravatar.com https://d10lpsik1i8c69.cloudfront.net t.co analytics.twitter.com px.ads.linkedin.com bat.bing.com cdn.bizible.com".
security	error	URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Message: Refused to load the image 'https://www.google.de/pagead/1p-conversion/607356108/?random=1340801751&cv=11&fst=1684181754865&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.guidepointsecurity.com%2Fblog%2Fgrit-ransomware-report-april-2023%2F&label=evMjCOqv_OMBEMyJzqEC&hn=www.googleadservices.com&frm=0&tiba=GRIT%20Ransomware%20Report%3A%20April%202023%20%7C%20GuidePoint%20Security&value=0&auid=1064463536.1684181755&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVlBRmtPellhbFhIelpuX2hQR0RndV9VMnJ1SFlYX2VrejRjUms3c2t6TjRBTzBwZXhNM2caWENoQUk4TENIb3dZUWlJTzMzdnZENkpadEVpNEFHMU5XMFhmY0p3RUJkeEs1V1NuV28zNGQ2OVhtam5pVE9zM2xmMXl0eGd4eVhybW8ySDVsU0NuOXdQOWU&is_vtc=1&ocp_id=-pJiZM2nONbD7_UPiLu70AY&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTYuoq1Af9ZqqtNYfm-HMsGA9abkd0eLPew&random=753934369&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: embedwistia-a.akamaihd.net .wistia.com .wistia.net lltrck.com www.google-analytics.com optimize.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net www.google.com global.oktacdn.com .googleusercontent.com .typekit.net .omwpapi.com .omappapi.com go.guidepointsecurity.com www.guidepointsecurity.com *.gravatar.com https://d10lpsik1i8c69.cloudfront.net t.co analytics.twitter.com px.ads.linkedin.com bat.bing.com cdn.bizible.com".
security	error	URL: https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2023/ Message: Refused to load the image 'https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2739593%26time%3D1684181755134%26url%3Dhttps%253A%252F%252Fwww.guidepointsecurity.com%252Fblog%252Fgrit-ransomware-report-april-2023%252F%26liSync%3Dtrue' because it violates the following Content Security Policy directive: "img-src 'self' data: embedwistia-a.akamaihd.net .wistia.com .wistia.net lltrck.com www.google-analytics.com optimize.google.com www.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net www.google.com global.oktacdn.com .googleusercontent.com .typekit.net .omwpapi.com .omappapi.com go.guidepointsecurity.com www.guidepointsecurity.com *.gravatar.com https://d10lpsik1i8c69.cloudfront.net t.co analytics.twitter.com px.ads.linkedin.com bat.bing.com cdn.bizible.com".
network	error	URL: https://lltrck.com/lt-v2.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.omappapi.com/v2/embed/82125/nfzzoxtovsmgz3i3stqa Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

995-mtm-359.mktoresp.com
a.omappapi.com
analytics.twitter.com
api.omappapi.com
bat.bing.com
cdn.bizible.com
cdn.bizibly.com
cdn.linkedin.oribi.io
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
go.guidepointsecurity.com
lltrck.com
munchkin.marketo.net
okt.to
script.crazyegg.com
settings.luckyorange.net
snap.licdn.com
static.ads-twitter.com
static.oktopost.com
stats.g.doubleclick.net
t.co
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.guidepointsecurity.com
www.linkedin.com
z.omappapi.com
cdn.bizibly.com
cdn.linkedin.oribi.io
www.google.de
www.googleoptimize.com
www.guidepointsecurity.com
www.linkedin.com
104.17.71.206
104.244.42.3
104.244.42.69
104.77.31.43
107.154.76.199
13.32.110.69
142.250.181.226
143.204.214.192
146.75.116.157
152.195.15.58
172.67.75.100
178.128.135.233
18.66.15.74
192.28.144.124
2400:52e0:1e00::1054:1
2606:4700::6813:9408
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:809::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9a
2a02:26f0:3500:16::215:1490
52.20.195.32
52.73.0.225
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
09016600a13dd4825b72516765a8da53d1ab896f7582c4619d014e8ee147ea84
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09b819e3b2665b818246670fb017f4eea3f19657d823ba9c22722cf19d7fdb98
0b22415e4dbc33efb82827aec6c16cc04b481b84ba903d19c76543dc671f939b
0c3abba85eab04f7b402cb6dafeabc5b3ceb52b4325a09dbd0297835afdfb379
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cf67a42bb48fba065918fca80854ed3117be8fe739d0b19492331f529e868d8
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
157acb48f0d2c4dc8d0b950af08fcf796e986d66d462f8face3d2244fb5eda18
164a29951fd15f4fee44e4d04b1cded9d65d475c5fe732b8bd0a99e8f4c2c59e
18a6c44e1786128bba5ba47d43281db5454df181410e3a05774b8f54264bd238
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d3ee8d803dafbee4a2f9cd13c930d34cd6f487df3e5ad42c062606bde17b6a6
21aec9ae85864f0e78a7cf9eb2ac785e6eae2ecc10247bd3c87e3899f369afd6
21ccaafd8698f93edc0f9d71669b4f5fb9ca620ca873fd52838aa0210e0882a5
228f0f0898b1da4778ec8018cb4eed7b1f9d8453361c44be2a2c999f0a31e695
2311ef1c9800076c5753b0406d16babb1502a0cbed7fbe0faf0c88b3eb9442ad
23f1841184dfb5d74d4766c0f6d2fe916e73f3e28bc15dbb2c7e599f2b570d22
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
267258b4cb17fda013f45259776175fe5f9a10178877c187709d9c4dd5de7813
26d9b6c44230968d81776300834750358ab5bdf35e7239385af3d503a4b584ca
2902b7e86b4a656228ad1b646d19cda7720f890f8f5ba3b5eceb2dd23633355d
2abc2cacef3c741b579ebe45e2531323ffa8d8a7f40d73dff4c36bc732b9ae98
2b7ee3fafd5878a1aeda3fb3f439057fb78130388be09b5f15a751ef466f28f8
2d7b5cdc9eb18ab6290ed16d3ed4f8b99a03ff7824f421b1929a7161ea74443c
2fca3e7d61309cbb18f93b4c7855ca2059fa0ddbd3e1413f82610adc6af533a4
31d7ec8dcd3d069ea9f87486f661754c6b51a44e1cb994a8b19352a02572cf41
35ad1262c83146129e7b19b7c304932da742fdcebb127d54a6f166981148ae3e
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4299f4d6089a819413a6df005ef35e976c1ec04db1b44fc71971d3a6af75c684
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
443600e1753faafac64408af3fb60266f1be5f79e8d941a6ee251bfb3f029d32
4c65e73bfbb0312929232d4b0b255f3a954418db0ee428912979f5cba0b48c5f
4c7954754ee5cde5d9c8ba7781b4a0f4427ca8fa7c1d54123c3a16320a653aa6
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
52b23c80484dd86abcecd8638752fd131be0902593688ea227fb8ae3c523e2f1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
697467addf929b3b02e9bbe5ac795ef23fed6b7eb7c734d7127ad6d59246bb43
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
6caf24ef0c82fe050f16d1d04629d10d61eae365f6f31bc27f2107aab89c4fa6
6f0440e8eed47b274a5757b906ef7e8ba5679f84c5ef0a5ebb9b71ee954452df
6f94602960fa1ff233cc32d346a38abf2ca94b34eddccd907b9f35f00f30d216
73919457241a7b05c38b9d9288009df461f837d8227600007502229e21ae780f
7a87e0628d30dbd78780e03c1fb95a4c033c71365633056cc0d173eaf46687cb
80a2d7122993ca65b09a265a92ab7275d283afa3edeca1c735f37b0b05490fad
82548f664ede7c6648a8d38d40c01ec58237624a52d8547220714ec3c5034725
834829e48d33bea1487a7e85a6fcd79a29d5f1534da84334f6d7adf137668d84
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8df63939e87e03d5f16d0890511315ab0aa86bf66e64dfffb9d637b1d4c85741
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
985a329121413ae5b9c3c31c166120e8b61de392e68bdeb61f6f926074044db6
9b9030ba856ef3a2628973bbd256c5d8d42f92f8685c87998a3d8d4e3e35f4bf
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b17fe7091c0ec8e16acb022f3de1fe6f3ddaf4822eff6010a2c7563e34da7789
b585dbde8dc50f0110777f99110d7639b612351d58880f57ae937c402151f7cb
b5ab1771420f6a7d3fdd1fac48673be45c88b47efcc519c9f562feb8eecf0f6f
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
c1010b2c38342d9f245cac48a5129aca5b00085b2b198b153a6886702686812d
c168e252dcd59b98c43fa6c14f3ecd0b29ce6a38f57ea48a162a1a329ad7425d
cab760a9cc0b1f44cb21c6553b1c36c3c20e56128dae49a93f1dea98c54395dc
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf8951c00321b669d333bf06a42c090702b764df217743f0e8b192d2f2de2662
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d08aa5fe6131891425c044dd702f43f2ecf647100e35173a102fe03fe49b0270
d3003009e0a48d7c6eb2a881f20b4b0032b5426b70d9fc7fe3cecd6034a47047
d3e41cf5c938a2943d23015b72c9ad0330be97ee83603641046d0920851e6ed5
d7c20247857c9627b5552e890b46e76d22ae989102eeffb9ab5f62df6b1c9002
d7ef2b53caf99b02f91d8ed9125d4bd86a642677a0427b411f083352cf5d6139
daa80cefbd2fdeeb84087c2dc6addc813e460e2f1529ec56f52ee56f152e3ed9
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ed088b2afc95ccc0304edf02bb1b0c074d201e2f21259e3f8dc5e3fb6af1dc41
ed8cc11914d7655c3518ff072a6223f6987b7e75367a005b82c54f538be34a33
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d64d5a48a5bb376669ef86426e511b9d6d13b461d48b9b850c29fa107c77f
f07f68ba3bc012a67505250ceb0199b7830960ac28b051854fb82acc94646624
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f678e256584e843feb8b927123eac8bbd5d98c4906eb713edcd04105ff063259
f77582bed375bcc38f36c2b1a15e9deb97f387905b0c087a77448add795cd0c2
f947d66bef67ba2d9dc2f4ef3ebb1325ba781ee0a118cfad87789c6db6b7a11e
fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190
fc1f2449d3b12b8c18ddea07d8e73b87b2e1dc39c767d81c1278f1563a175ba1
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678

www.guidepointsecurity.com Open in urlscan Pro 107.154.76.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

41 %IPv6

28 Domains

32 Subdomains

28 IPs

5 Countries

2364 kBTransfer

5383 kBSize

29 Cookies

7 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.guidepointsecurity.com Open in urlscan Pro
107.154.76.199 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

41 %
IPv6

28
Domains

32
Subdomains

28
IPs

5
Countries

2364 kB
Transfer

5383 kB
Size

29
Cookies

108 HTTP transactions
14 data transactions