URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Submission: On March 22 via api from DE — Scanned from DE

Summary

This website contacted 50 IPs in 6 countries across 42 domains to perform 289 HTTP transactions. The main IP is 23.206.208.181, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.trendmicro.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 20th 2023. Valid for: a year.
This is the only time www.trendmicro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 23.206.208.181 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
19 2600:9000:225... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 143.204.98.120 16509 (AMAZON-02)
29 150.70.178.131 16880 (AS2-TREND...)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 88.221.60.75 16625 (AKAMAI-AS)
1 3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 142.250.186.130 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 104.17.74.206 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 99.81.144.187 16509 (AMAZON-02)
66 18.245.86.14 16509 (AMAZON-02)
11 2.17.100.184 20940 (AKAMAI-ASN1)
33 99.86.91.108 16509 (AMAZON-02)
1 199.232.188.157 54113 (FASTLY)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 18.172.103.101 16509 (AMAZON-02)
1 1 68.67.153.60 29990 (ASN-APPNEX)
2 3 37.252.171.21 29990 (ASN-APPNEX)
1 2600:9000:267... ()
3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 4 142.250.185.70 15169 (GOOGLE)
1 192.28.144.124 15224 (OMNITURE)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 13.248.142.121 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 44.220.110.46 14618 (AMAZON-AES)
1 15.197.193.217 16509 (AMAZON-02)
1 1 184.86.251.89 20940 (AKAMAI-ASN1)
1 184.86.251.90 20940 (AKAMAI-ASN1)
2 18.172.112.118 16509 (AMAZON-02)
4 50.16.7.188 14618 (AMAZON-AES)
289 50
Apex Domain
Subdomains
Transfer
66 driftt.com
js.driftt.com — Cisco Umbrella Rank: 15218
771 KB
66 trendmicro.com
www.trendmicro.com
documents.trendmicro.com
resources.trendmicro.com
3 MB
37 equally.ai
widget.equally.ai — Cisco Umbrella Rank: 143850
api.equally.ai — Cisco Umbrella Rank: 170762
437 KB
19 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1332
61 KB
12 6sc.co
j.6sc.co — Cisco Umbrella Rank: 12527
c.6sc.co — Cisco Umbrella Rank: 17614
ipv6.6sc.co — Cisco Umbrella Rank: 12937
b.6sc.co — Cisco Umbrella Rank: 6975
22 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
ssl.google-analytics.com — Cisco Umbrella Rank: 699
region1.google-analytics.com — Cisco Umbrella Rank: 1728
41 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
763 KB
9 scene7.com
trendmicro.scene7.com
220 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 734
www.linkedin.com — Cisco Umbrella Rank: 882
px4.ads.linkedin.com — Cisco Umbrella Rank: 7517
3 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
5427711.fls.doubleclick.net
9572106.fls.doubleclick.net
4 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 716
79 KB
4 drift.com
metrics.api.drift.com — Cisco Umbrella Rank: 18210
event.api.drift.com — Cisco Umbrella Rank: 19688
1 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 3603
yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 3605
fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
adservice.google.com — Cisco Umbrella Rank: 190
2 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 813
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 643
14 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 5328
28 KB
3 gstatic.com
fonts.gstatic.com
112 KB
2 driftapi.com
bootstrap.driftapi.com — Cisco Umbrella Rank: 18701
14 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 19281
710 B
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2307
insight.adsrvr.org — Cisco Umbrella Rank: 985
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 251
72 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2182
pixel.quantserve.com — Cisco Umbrella Rank: 1792
10 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 168
20 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 8080
6 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
69 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 2051
c.go-mpulse.net — Cisco Umbrella Rank: 841
41 KB
2 cludo.com
customer.cludo.com — Cisco Umbrella Rank: 25935
77 KB
1 akstat.io
0217991b.akstat.io — Cisco Umbrella Rank: 84337
228 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
274 B
1 mktoresp.com
945-cxd-062.mktoresp.com
318 B
1 google.de
www.google.de — Cisco Umbrella Rank: 4233
455 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1224
723 B
1 t.co
t.co — Cisco Umbrella Rank: 766
376 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1988
447 B
1 ml-api.io
attr.ml-api.io — Cisco Umbrella Rank: 50605
235 B
1 ml-attr.com
s.ml-attr.com — Cisco Umbrella Rank: 42028
283 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1208
15 KB
1 xg4ken.com
resources.xg4ken.com — Cisco Umbrella Rank: 8508
4 KB
1 bizographics.com
sjs.bizographics.com — Cisco Umbrella Rank: 96631
17 KB
1 vicone.com
documents.vicone.com
995 B
1 datatables.net
cdn.datatables.net — Cisco Umbrella Rank: 9323
2 KB
289 42
Domain Requested by
66 js.driftt.com tags.tiqcdn.com
www.trendmicro.com
js.driftt.com
36 www.trendmicro.com www.trendmicro.com
33 widget.equally.ai tags.tiqcdn.com
www.trendmicro.com
widget.equally.ai
29 documents.trendmicro.com www.trendmicro.com
19 tags.tiqcdn.com www.trendmicro.com
9 b.6sc.co www.trendmicro.com
9 www.googletagmanager.com www.trendmicro.com
tags.tiqcdn.com
www.googletagmanager.com
www.google-analytics.com
9 trendmicro.scene7.com www.trendmicro.com
5 www.google-analytics.com www.trendmicro.com
www.google-analytics.com
4 api.equally.ai www.trendmicro.com
4 px.ads.linkedin.com 3 redirects www.trendmicro.com
3 region1.google-analytics.com www.googletagmanager.com
3 secure.adnxs.com 2 redirects www.trendmicro.com
3 bat.bing.com www.googletagmanager.com
www.trendmicro.com
3 static.addtoany.com tags.tiqcdn.com
static.addtoany.com
www.trendmicro.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.trendmicro.com
2 event.api.drift.com js.driftt.com
2 metrics.api.drift.com js.driftt.com
2 bootstrap.driftapi.com js.driftt.com
2 adservice.google.com 5427711.fls.doubleclick.net
9572106.fls.doubleclick.net
2 epsilon.6sense.com www.trendmicro.com
2 9572106.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 5427711.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 www.googleadservices.com www.trendmicro.com
2 munchkin.marketo.net tags.tiqcdn.com
munchkin.marketo.net
2 ssl.google-analytics.com tags.tiqcdn.com
www.trendmicro.com
2 www.youtube.com tags.tiqcdn.com
www.youtube.com
2 ajax.googleapis.com www.trendmicro.com
2 customer.cludo.com www.trendmicro.com
1 0217991b.akstat.io s.go-mpulse.net
1 fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 insight.adsrvr.org www.trendmicro.com
1 pixel.quantserve.com www.trendmicro.com
1 www.facebook.com www.trendmicro.com
1 945-cxd-062.mktoresp.com munchkin.marketo.net
1 c.go-mpulse.net www.trendmicro.com
1 www.google.de www.trendmicro.com
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 analytics.twitter.com www.trendmicro.com
1 t.co www.trendmicro.com
1 ipv6.6sc.co www.trendmicro.com
1 c.6sc.co www.trendmicro.com
1 px4.ads.linkedin.com www.trendmicro.com
1 www.linkedin.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 attr.ml-api.io www.trendmicro.com
1 s.ml-attr.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 stats.g.doubleclick.net www.trendmicro.com
1 static.ads-twitter.com tags.tiqcdn.com
1 j.6sc.co tags.tiqcdn.com
1 resources.xg4ken.com www.trendmicro.com
1 resources.trendmicro.com tags.tiqcdn.com
1 secure.quantserve.com tags.tiqcdn.com
1 sjs.bizographics.com tags.tiqcdn.com
1 s.go-mpulse.net www.trendmicro.com
1 documents.vicone.com www.trendmicro.com
1 cdn.datatables.net www.trendmicro.com
289 64
Subject Issuer Validity Valid
www.trendmicro.com
Entrust Certification Authority - L1M
2023-05-20 -
2024-06-19
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-28 -
2024-04-27
a year crt.sh
*.cludo.com
AlphaSSL CA - SHA256 - G4
2023-06-01 -
2024-07-02
a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02
2024-03-19 -
2025-04-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
vicone.com
Entrust Certification Authority - L1K
2023-04-17 -
2024-05-16
a year crt.sh
documents.trendmicro.com
Entrust Certification Authority - L1K
2024-02-15 -
2025-03-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2024-03-06 -
2025-03-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-08 -
2024-12-11
a year crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA
2023-08-10 -
2024-08-09
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
quantserve.com
R3
2024-02-25 -
2024-05-25
3 months crt.sh
resources.trendmicro.com
Cloudflare Inc ECC CA-3
2023-05-18 -
2024-05-17
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-12-30 -
2024-03-29
3 months crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2
2023-10-29 -
2024-11-29
a year crt.sh
drift.com
Amazon RSA 2048 M02
2023-08-15 -
2024-09-11
a year crt.sh
6sc.co
R3
2024-01-29 -
2024-04-28
3 months crt.sh
equally.ai
Amazon RSA 2048 M01
2023-05-06 -
2024-06-03
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-07-19
a year crt.sh
static.addtoany.com
E1
2024-02-24 -
2024-05-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02
2024-01-21 -
2024-06-27
5 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-07 -
2025-01-06
a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-31 -
2024-10-29
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-07 -
2024-10-07
a year crt.sh
*.6sense.com
Amazon RSA 2048 M01
2023-05-01 -
2024-05-29
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-01-30 -
2024-07-30
6 months crt.sh
driftapi.com
Amazon RSA 2048 M02
2023-12-25 -
2025-01-21
a year crt.sh

This page contains 8 frames:

Primary Page: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Frame ID: 58A5C65BF36A98511A16775A0EE8E3E0
Requests: 179 HTTP requests in this frame

Frame: https://5427711.fls.doubleclick.net/activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Frame ID: 560DD7E6E78948961AEC4057C92DCF6F
Requests: 2 HTTP requests in this frame

Frame: https://9572106.fls.doubleclick.net/activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Frame ID: 5387DC1486D0AF39F38084060500F023
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 01D14A24CBAAD37FBB4BDF7EE9C97A0A
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Frame ID: 3D041D365CC697C23235BC1BBF9C38B9
Requests: 36 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Frame ID: 25E41B05AC0A37150CDD204BAB4C498E
Requests: 34 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=g2lzvow&ref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&upid=803df29&upv=1.1.0
Frame ID: 8C0948FB8EBB489200349D7067A77929
Requests: 1 HTTP requests in this frame

Frame: https://widget.equally.ai/equallyai-widget.css
Frame ID: 9B20999B638536889C0917EFD0DC8950
Requests: 30 HTTP requests in this frame

Screenshot

Page Title

Ransomware Spotlight: Magniber - Security News

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

289
Requests

98 %
HTTPS

52 %
IPv6

42
Domains

64
Subdomains

50
IPs

6
Countries

6278 kB
Transfer

13678 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.trendmicro.com%26pId%3d%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.trendmicro.com%26pId%3d%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.trendmicro.com%2526pId%253d%2524UID HTTP 302
  • https://attr.ml-api.io/?domain=www.trendmicro.com&pId=138656349698548073
Request Chain 142
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D8866%26time%3D1711108279496%26li_adsId%3D7e6616df-b04a-4968-80ce-eeb51a79c97e%26url%3Dhttps%253A%252F%252Fwww.trendmicro.com%252Fvinfo%252Fus%252Fsecurity%252Fnews%252Fransomware-spotlight%252Fransomware-spotlight-magniber%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&cookiesTest=true&liSync=true&e_ipv6=AQJqa2_6QeO5BQAAAY5mAFC6IHXG_yUjPgOi1K-7oQg6Ov7FLMJOybx_HY6EXqKm6sAycY76
Request Chain 152
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tiba=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4IO0ieeHhQMVZj0GAB1qdgCJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjobaHR0cHM6Ly93d3cudHJlbmRtaWNyby5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tiba=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4IO0ieeHhQMVZj0GAB1qdgCJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjobaHR0cHM6Ly93d3cudHJlbmRtaWNyby5jb20v&is_vtc=1&cid=CAQSGwB7FLtq6m8kxkRmoYOD2d6AmmN2ZUKqHEB9GA&random=1589656336&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tiba=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4IO0ieeHhQMVZj0GAB1qdgCJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjobaHR0cHM6Ly93d3cudHJlbmRtaWNyby5jb20v&is_vtc=1&cid=CAQSGwB7FLtq6m8kxkRmoYOD2d6AmmN2ZUKqHEB9GA&random=1589656336&resp=GooglemKTybQhCsO&ipr=y
Request Chain 154
  • https://5427711.fls.doubleclick.net/activityi;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber HTTP 302
  • https://5427711.fls.doubleclick.net/activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Request Chain 155
  • https://9572106.fls.doubleclick.net/activityi;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber HTTP 302
  • https://9572106.fls.doubleclick.net/activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Request Chain 258
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvkijt88r HTTP 302
  • https://yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 259
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvkijt88r HTTP 302
  • https://fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net/eum/results.txt

289 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ransomware-spotlight-magniber
www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/
259 KB
44 KB
Document
General
Full URL
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
05507806d4c7fc4e0fc28623957aee3e0e0a98ad3816ec06e9b111a02705f93b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=892
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 11:51:18 GMT
server
nginx
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1711108278677_399431111_693546087_36_10503_35_72_255";dur=1
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-prod-n-02
Yes
x-xss-protection
1;mode=block
TEx-v23-1-1.css
www.trendmicro.com/vinfo/css/
92 KB
14 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/vinfo/css/TEx-v23-1-1.css?v1.0
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c941a6979bbb1fce9ffa2a04a483436d1d8d3a0990556772d83af7c333ac43cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546335_34_7887_37_0_255";dur=1
x-prod-n-01
Yes
content-length
14067
x-xss-protection
1;mode=block
last-modified
Thu, 07 Mar 2024 19:50:17 GMT
server
Akamai Resource Optimizer
etag
W/"3aa139cc2d3cd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800
expires
Sun, 24 Mar 2024 11:51:18 GMT
jquery.min.js
www.trendmicro.com/etc.clientlibs/clientlibs/granite/
111 KB
34 KB
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1b973667ceb759e49f2982721f36e4d20a2f8b5dce8c47ccf3039d6ab748143e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Thu, 07 Mar 2024 19:49:32 GMT
server
Akamai Resource Optimizer
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278836_399431111_693546339_464_7075_38_0_219";dur=1
content-length
34051
x-xss-protection
1;mode=block
utils.min.js
www.trendmicro.com/etc.clientlibs/clientlibs/granite/
10 KB
4 KB
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/utils.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Thu, 07 Mar 2024 19:55:09 GMT
server
Akamai Resource Optimizer
date
Fri, 22 Mar 2024 11:51:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546340_41_7716_37_0_219";dur=1
x-prod-n-01
Yes
content-length
3224
x-xss-protection
1;mode=block
granite.min.js
www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/
4 KB
2 KB
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Thu, 07 Mar 2024 20:21:57 GMT
server
Akamai Resource Optimizer
date
Fri, 22 Mar 2024 11:51:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546341_55_7764_37_0_219";dur=1
x-prod-n-01
Yes
content-length
1422
x-xss-protection
1;mode=block
font-awesome.min.css
www.trendmicro.com/vinfo/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/vinfo/css/font-awesome.min.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546336_32_7860_37_0_255";dur=1
x-prod-n-01
Yes
content-length
5627
x-xss-protection
1;mode=block
last-modified
Thu, 15 Feb 2024 01:27:17 GMT
server
Akamai Resource Optimizer
etag
W/"0c15513285cd21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800
expires
Sun, 24 Mar 2024 11:51:18 GMT
jquery.dataTables.min.css
cdn.datatables.net/1.10.16/css/
14 KB
2 KB
Stylesheet
General
Full URL
https://cdn.datatables.net/1.10.16/css/jquery.dataTables.min.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1215401
content-length
2109
last-modified
Fri, 08 Mar 2024 10:01:42 GMT
server
cloudflare
etag
"112040a-364c-613234759d66d-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8685f8170a0a7363-CPH
access-control-allow-headers
origin, x-requested-with, content-type
expires
Sat, 08 Mar 2025 10:14:37 GMT
cludo-search.min.css
customer.cludo.com/css/296/1798/
16 KB
3 KB
Stylesheet
General
Full URL
https://customer.cludo.com/css/296/1798/cludo-search.min.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
676e66eeb5e721df2e68029d518067cece19d56d7e0b4a1c9a2e3c449a232bca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Apr 2022 10:55:26 GMT
server
cloudflare
age
80237
etag
W/"0238c4e6e55d81:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
8685f8170f7292b0-CPH
alt-svc
h3=":443"; ma=86400
x-lb
4
vendor.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/
127 KB
12 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fef370402b314ce080b2510417aafb94eccdec8852c1b06826e30b154f890197
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Tue, 19 Mar 2024 17:17:41 GMT
server
Akamai Resource Optimizer
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546337_39_8069_37_0_255";dur=1
content-length
11969
x-xss-protection
1;mode=block
clientlibs.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/
281 KB
25 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c7136392bf9f673d795e66234b6b2bbcdb1ceaae76e7979b4bfa642ad59cf7a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Tue, 19 Mar 2024 17:17:01 GMT
server
Akamai Resource Optimizer
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546338_38_7852_37_0_255";dur=1
content-length
25442
x-xss-protection
1;mode=block
customSiteStyle-v23-1-1.css
www.trendmicro.com/vinfo/css/
126 KB
18 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/vinfo/css/customSiteStyle-v23-1-1.css?v1.1
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
086e621cfcac0a3d8f7d05e33fefd1b09cd8837c443f89c8a9bee2928cfed62d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278833_399431111_693546342_158_6684_37_0_255";dur=1
x-prod-n-01
Yes
content-length
18105
x-xss-protection
1;mode=block
last-modified
Fri, 08 Mar 2024 03:00:38 GMT
server
Akamai Resource Optimizer
etag
W/"d896e7f5e8cd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800
expires
Sun, 24 Mar 2024 11:51:18 GMT
navigation-darkmode.css
www.trendmicro.com/vinfo/css/
6 KB
1 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/vinfo/css/navigation-darkmode.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5e5a43dfafa6b7448ffd7bac65fbc5d143ae7bc1ec9104c16900e9f294a46e0d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546343_72_7378_37_0_255";dur=1
content-length
797
x-xss-protection
1;mode=block
last-modified
Fri, 08 Mar 2024 13:13:38 GMT
server
Akamai Resource Optimizer
etag
W/"6797a627223cd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800
expires
Sun, 24 Mar 2024 11:51:18 GMT
header-footer.min.css
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/
60 KB
6 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
14c7ed6b9b540b42d3ec969bbe0cb8d4ea30965c15f5669b4fffddd405c0b3c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Thu, 07 Mar 2024 19:49:13 GMT
server
Akamai Resource Optimizer
date
Fri, 22 Mar 2024 11:51:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278840_399431111_693546344_906_8804_37_0_255";dur=1
x-prod-n-01
Yes
content-length
5477
x-xss-protection
1;mode=block
icon-font.css
www.trendmicro.com/vinfo/css/tm-icons/
22 KB
3 KB
Stylesheet
General
Full URL
https://www.trendmicro.com/vinfo/css/tm-icons/icon-font.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b4585d273cb4bfd228dfaede65217a0a8918615301c89a0f80fc4c4787215c53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278851_399431111_693546345_1945_9134_37_0_255";dur=1
x-prod-n-01
Yes
content-length
3019
x-xss-protection
1;mode=block
last-modified
Thu, 07 Mar 2024 19:55:12 GMT
server
Akamai Resource Optimizer
etag
W/"0cf1ffe7edbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=172800
expires
Sun, 24 Mar 2024 11:51:18 GMT
analytics.js
www.trendmicro.com/vinfo/js/
451 B
660 B
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/analytics.js?v1
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3807e44914c34f9e293702693b49039f774b1eef7798a0fa8dfbb3c1992e32dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278839_399431111_693546347_766_8202_37_0_219";dur=1
x-prod-n-01
Yes
content-length
240
x-xss-protection
1;mode=block
last-modified
Wed, 21 Feb 2024 10:21:19 GMT
server
Akamai Resource Optimizer
etag
"cee15a297c86d21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464504
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
utag.sync.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1012 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.sync.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e5e4c08328b8f76c190b4b611e40b7bf437b2b6c2578679b7cf1780d6b22d5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
7k6QqOJgn8D3OPkfqyscuJ6y9ydaYWRZ
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:48:01 GMT
last-modified
Tue, 05 Mar 2024 20:05:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
199
x-amz-server-side-encryption
AES256
etag
W/"1bbc46f50898da53c70f41f5a980a29a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
I0cuW_b3OT6HmOa-mss6G2mWj07uU0auZL7AXsZPWjYId8qwBJny6g==
css
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90b024f2bb6ac5bf0a8a77160406044bc6e6549fbf7717a88af8e82023d9fa62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 11:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 11:51:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 11:51:18 GMT
rssfeedgetter2017.js
www.trendmicro.com/vinfo/js/
5 KB
2 KB
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/rssfeedgetter2017.js?v=1.0
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
aa0fb12210395609982a73f34b179f54280417eb48f18497e9b6a964569c27a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546845_154_8589_35_0_146";dur=1
content-length
1748
x-xss-protection
1;mode=block
last-modified
Wed, 07 Feb 2024 13:47:17 GMT
server
Akamai Resource Optimizer
etag
"cde5f7f753b7d21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464503
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
tm-logo-red-white-t.svg
www.trendmicro.com/content/dam/trendmicro/global/en/core/images/logos/
5 KB
3 KB
Image
General
Full URL
https://www.trendmicro.com/content/dam/trendmicro/global/en/core/images/logos/tm-logo-red-white-t.svg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4c38452d4117e2bb77829601aca27ac6584ebdf4d42ce505c0f7b1ae0f933147
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
gzip
x-prod-a-01
Yes
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546348_54_7754_37_0_182";dur=1
x-prod-n-01
Yes
content-length
2173
x-xss-protection
1;mode=block
last-modified
Wed, 20 Mar 2024 14:25:57 GMT
server
nginx
etag
W/"154e-614185e7e51af"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=861
accept-ranges
bytes
expires
Fri, 22 Mar 2024 12:05:39 GMT
trend-vision-one-laptop-console-nav.svg
www.trendmicro.com/content/dam/trendmicro/global/en/core/images/console-images/navigation/
529 KB
381 KB
Image
General
Full URL
https://www.trendmicro.com/content/dam/trendmicro/global/en/core/images/console-images/navigation/trend-vision-one-laptop-console-nav.svg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d50a796a476b1fcf5c96954fd3576ff056c278490683dce6f1504a9ded73edc1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
gzip
x-prod-a-01
Yes
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:18 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108278832_399431111_693546349_72_7740_37_0_182";dur=1
x-prod-n-01
Yes
content-length
389784
x-xss-protection
1;mode=block
last-modified
Wed, 20 Mar 2024 16:27:04 GMT
server
nginx
etag
"8428e-6141a0fa05c46"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=462
accept-ranges
bytes
expires
Fri, 22 Mar 2024 11:59:00 GMT
asrm-console-shot
trendmicro.scene7.com/is/image/trendmicro/
14 KB
15 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/asrm-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
84f657435e631a1442815def2faa66eb24833b1047908ebd71275bfbef9690ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
-x-adobe-smart-imaging
0
akamai-grn
0.a3163017.1711108279.330c4aab
x-adobe-assetlist
QlpoOTFBWSZTWXWqKgQAAAGTgAACgAouZ5wAIAAih6jTRg1ChppgAZYQojzNFvCnA3RgB2Kn4u5IpwoSDrVFQIA=
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
14534
-x-adobe-assetlist
[trendmicro/asrm-console-shot]
last-modified
Wed, 04 Jan 2023 02:43:26 GMT
server
Unknown
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"1ac209128f661abb8a982d1bdb20d08e"
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 22 Mar 2024 13:29:46 GMT
xdr-product-console-shot
trendmicro.scene7.com/is/image/trendmicro/
18 KB
18 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/xdr-product-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
74f5da663574c88f8694494adf45161949674fcfff783f3306b0644dc2a84adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
last-modified
Wed, 04 Jan 2023 02:43:22 GMT
server
Unknown
akamai-grn
0.a3163017.1711108279.330c4aac
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"b3ffdce154f5ac33f90bafd0b8f52ddf"
x-adobe-assetlist
QlpoOTFBWSZTWSzIeOkAAAITgAACgAoOZ95AIAAxTJiZBkYUGTQMGpD6ZCPsuEfgkoW50OJVGIEuNhB8XckU4UJAsyHjpA==
access-control-allow-origin
*
content-type
image/webp
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
18350
expires
Fri, 22 Mar 2024 19:38:26 GMT
cloud-one-workload-security-console-shot
trendmicro.scene7.com/is/image/trendmicro/
20 KB
21 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-workload-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
da316d75d41c92dac17387c6c4e18d457cbbecb0587ed53081bb21afcb4e0e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
last-modified
Wed, 04 Jan 2023 02:50:40 GMT
server
Unknown
akamai-grn
0.a3163017.1711108279.330c4aae
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"fd80448de919134c924f18226b59ecd2"
x-adobe-assetlist
QlpoOTFBWSZTWVD58OwAAAMTgAACgAoub56gIABIaptRnqJ6hmnpQoGmhkZMSSLjJ2xPlk8aolRMHW9P0K4v6ZmsZxYj7mYYAH4u5IpwoSCh8+HY
access-control-allow-origin
*
content-type
image/webp
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
20734
expires
Fri, 22 Mar 2024 20:31:02 GMT
cloud-one-container-console-shot
trendmicro.scene7.com/is/image/trendmicro/
22 KB
23 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-container-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
cd1eef6ba8780ec4e408014498fe98f8691792cc00168d4b115f1500d502a3fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
-x-adobe-smart-imaging
0
akamai-grn
0.a3163017.1711108279.330c4aad
x-adobe-assetlist
QlpoOTFBWSZTWc9xaQ0AAAKTgAACgAouZ54AIAAxTTIxMTEGqekZkm0empyIbj0HcSqB1ZIzRPumGYlwpg/X3llbou5IpwoSGe4tIaA=
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
22816
-x-adobe-assetlist
[trendmicro/cloud-one-container-console-shot]
last-modified
Wed, 04 Jan 2023 02:43:25 GMT
server
Unknown
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"0bd7f96f29e779fac6dc954866b8de36"
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 22 Mar 2024 16:55:28 GMT
cloud-one-file-storage-console-shot
trendmicro.scene7.com/is/image/trendmicro/
10 KB
11 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/cloud-one-file-storage-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
3f95c868390ea2426ee26d756867a51141df402ab30ccc73404c16450fc10f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
-x-adobe-smart-imaging
0
akamai-grn
0.a3163017.1711108279.330c4ab0
x-adobe-assetlist
QlpoOTFBWSZTWaHvYKkAAAMTgAACgAov554AIAAiJpPU9qjRtGahTCaaA0xAgVNPUgQa0soHgmo+qZZMeYfZyOm7hWBvwXckU4UJCh72CpA=
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
10478
-x-adobe-assetlist
[trendmicro/cloud-one-file-storage-console-shot]
last-modified
Wed, 04 Jan 2023 02:50:40 GMT
server
Unknown
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"81b7f638d5ac80cfde194124da99cc5e"
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 22 Mar 2024 17:03:50 GMT
sps-mobile-security-enterprise-console-shot
trendmicro.scene7.com/is/image/trendmicro/
20 KB
20 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/sps-mobile-security-enterprise-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
68c21f3bfefc064bc07808b48bba6165dfc210d152ba4a6a35a567ed49151877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
-x-adobe-smart-imaging
0
akamai-grn
0.a3163017.1711108279.330c4aaf
x-adobe-assetlist
QlpoOTFBWSZTWXsmWcsAAAMTgAACgAoeZ94gIABUUwmmgNMQinpphTajYQvKwELeE/OVgBtGKtmHupZyE1aayT3xGL5wi+DNlz8XckU4UJB7JlnL
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
19998
-x-adobe-assetlist
[trendmicro/sps-mobile-security-enterprise-console-shot]
last-modified
Wed, 04 Jan 2023 02:50:40 GMT
server
Unknown
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"183303c0127c38a2849f7046d6cccef2"
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 22 Mar 2024 13:32:41 GMT
zero-trust-access-console-shot
trendmicro.scene7.com/is/image/trendmicro/
24 KB
24 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/zero-trust-access-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
1c580985c46f2d69e9d251c3275a031da27d8219e702677f7285ddad9134c562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
last-modified
Wed, 04 Jan 2023 02:43:22 GMT
server
Unknown
akamai-grn
0.a3163017.1711108279.330c4ab5
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"54553bd846274282dee4b07c8fd3198b"
x-adobe-assetlist
QlpoOTFBWSZTWRRgqYoAAAKTgAACgAouZ54QIAAxTJiZBkYRGmI0aaYkQvgyR6UW88UjS0OOQNJdMCXWOiWk3XxdyRThQkBRgqYo
access-control-allow-origin
*
content-type
image/webp
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
24410
expires
Fri, 22 Mar 2024 14:32:14 GMT
email-security-console-shot
trendmicro.scene7.com/is/image/trendmicro/
24 KB
25 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/email-security-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
3a3abfe7b0630828bff7d1f3a6e29c316f1a432e1909877d8c713abf14e43c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
last-modified
Wed, 04 Jan 2023 02:50:40 GMT
server
Unknown
akamai-grn
0.a3163017.1711108279.330c4ab6
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"adeabd4b80e2b5f6ab0d131473fa84c3"
x-adobe-assetlist
QlpoOTFBWSZTWRAIvj0AAAITgAACgAouZ54gIAAxTJiZBkYUNDIaegk92DgGNMkdi6AkXb2vg3gSTUZJXJ/F3JFOFCQEAi+PQA==
access-control-allow-origin
*
content-type
image/webp
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
24906
expires
Fri, 22 Mar 2024 15:24:37 GMT
all-products-console-shot
trendmicro.scene7.com/is/image/trendmicro/
64 KB
64 KB
Image
General
Full URL
https://trendmicro.scene7.com/is/image/trendmicro/all-products-console-shot?scl=1.0&qlt=95&fmt=webp-alpha
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
293ceaa480bda1594e9f61f6a52858999cd0aad1ef4f5d3eafe7cc559727e41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
-x-adobe-smart-imaging
0
akamai-grn
0.a3163017.1711108279.330c4ad3
x-adobe-assetlist
QlpoOTFBWSZTWQAjRP8AAAITgAACgAouZ94AIAAxTJiZBkYUND1NNMmI6GwgBZcHKQWGdiFA8L4puS7nSfF3JFOFCQACNE/w
x-adobe-smart-imaging
0
x-akamai-cache
Hit
content-length
65306
-x-adobe-assetlist
[trendmicro/all-products-console-shot]
last-modified
Mon, 27 Mar 2023 00:57:09 GMT
server
Unknown
x-adobe-modifierlist
QlpoOTFBWSZTWeZ00K0AAAADgAAKCQYsBCAAMQAwIDRiUC9RI5OPF3JFOFCQ5nTQrQ==
etag
"891ae1c6af5064a7f40d8b2f96a4ea68"
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 22 Mar 2024 21:40:29 GMT
search-script.js
customer.cludo.com/scripts/bundles/
419 KB
74 KB
Script
General
Full URL
https://customer.cludo.com/scripts/bundles/search-script.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dba583880106c1d132324a73e774c64efc449671a5dbc701130713a31dca708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Mar 2024 16:54:28 GMT
server
cloudflare
age
133
etag
W/"0faf41db070da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
8685f817c8bd92b0-CPH
alt-svc
h3=":443"; ma=86400
x-lb
4
twitter-X-logo-01ITqorvT.svg
documents.vicone.com/images/icons/
502 B
995 B
Image
General
Full URL
https://documents.vicone.com/images/icons/twitter-X-logo-01ITqorvT.svg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-120.fra50.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36dddcbd8045ce061726b0f8194e1a582de23d473ed771928caeb0ec85ecb93d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 04:10:11 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA50-C1
age
27711
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-length
502
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Sep 2023 05:42:07 GMT
server
Microsoft-IIS/10.0
etag
"90747de3be5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
sT76rV0w3CA2z2VqBRV4CXBogQHpvQ2uNhitTgnXiGBmmMVgpVV3Bg==
css2
fonts.googleapis.com/
2 KB
595 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400&display=swap
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5deb6f9cade54812153e467832fe3c01d0e81b8ae0a4039e9c234b161b9025c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 11:49:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 11:51:19 GMT
css2
fonts.googleapis.com/
2 KB
722 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Cairo:wght@900&display=swap
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e3cad8e5b56efa52cdff5b6f68e15bebba0adb0fabc1c290fade72df119a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 11:46:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Mar 2024 11:51:19 GMT
Ransomware-spotlight-logo-01ywrGnbZ.svg
documents.trendmicro.com/images/TEx/svg/
72 KB
72 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/svg/Ransomware-spotlight-logo-01ywrGnbZ.svg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f337adbe68c49f832f3a8c224fa5d9028e678deba5e21de873847667bbb7dee8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:18 GMT
Last-Modified
Fri, 26 Nov 2021 01:42:41 GMT
Server
Microsoft-IIS/10.0
ETag
"5192e4e666e2d71:0"
X-Powered-By
ASP.NET
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
73365
rs-magniber-infographic-thumb-9H9dFGq.jpg
documents.trendmicro.com/images/TEx/articles/
40 KB
40 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/rs-magniber-infographic-thumb-9H9dFGq.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5916cb7ad857884f3b9fa566c013f3b65902249c8647f4f8c0f2992ca13fbe0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:18 GMT
Last-Modified
Thu, 19 Jan 2023 11:35:13 GMT
Server
Microsoft-IIS/10.0
ETag
"365b4818fa2bd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
41171
RS-Magniber-fig-05-K0arWuH.jpg
documents.trendmicro.com/images/TEx/articles/
27 KB
27 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/RS-Magniber-fig-05-K0arWuH.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06e5a8795add5d26b3b5052e429398731a7baf5f2a70641c7d671daa37456316

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Thu, 19 Jan 2023 14:16:10 GMT
Server
Microsoft-IIS/10.0
ETag
"4549094102cd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
27389
RS-Magniber-fig-06-6dnFC3D.jpg
documents.trendmicro.com/images/TEx/articles/
38 KB
38 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/RS-Magniber-fig-06-6dnFC3D.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bec2aa10816e33504b9dbfd2b31c3f0c5a9b873877b85f44b2b9ced02271e60c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Thu, 19 Jan 2023 14:16:16 GMT
Server
Microsoft-IIS/10.0
ETag
"b5a4e797102cd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
38872
RS-Magniber-fig-07-VTD3CAw.jpg
documents.trendmicro.com/images/TEx/articles/
31 KB
31 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/RS-Magniber-fig-07-VTD3CAw.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d43c03312a10d4a0e0e57627a1211dcac46680ba78f9eeafe34418961014df19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Mon, 23 Jan 2023 09:58:11 GMT
Server
Microsoft-IIS/10.0
ETag
"51e0ca33112fd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
31637
20220905094136707-867-qQdpKfL-2000.jpg
documents.trendmicro.com/images/TEx/articles/
223 KB
223 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/20220905094136707-867-qQdpKfL-2000.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
89f5e612d1be23c76c63b9047ca4b649eaca252c5303d6ac4d15b63573330c71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Mon, 05 Sep 2022 09:41:38 GMT
Server
Microsoft-IIS/10.0
ETag
"c059fcb1bc1d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
228075
2024-Security-Predictions-Cloud-main-yhZ8gPz.jpg
documents.trendmicro.com/images/TEx/articles/
150 KB
150 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/2024-Security-Predictions-Cloud-main-yhZ8gPz.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3cae7d681dcd847a5d999ab12240d855a6565de774cc0b2bb0ae74d1cf800bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Tue, 19 Mar 2024 06:40:01 GMT
Server
Microsoft-IIS/10.0
ETag
"1329dd44c879da1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
153290
calibrating-expansion-thumb-page-8kEbIjt.jpg
documents.trendmicro.com/images/TEx/articles/
386 KB
387 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/calibrating-expansion-thumb-page-8kEbIjt.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0b3ba85c9f4fccaffb5b7a5f00f607495024b6ce7433dadb762531bbec0215d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Tue, 19 Mar 2024 06:49:48 GMT
Server
Microsoft-IIS/10.0
ETag
"8ed3a3a2c979da1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
395583
Quantum-Computing-Attacks-thumb-main-YOwvzFT.jpg
documents.trendmicro.com/images/TEx/articles/
316 KB
316 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/Quantum-Computing-Attacks-thumb-main-YOwvzFT.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c7d78d7d70a1daee30f3ddfcba1e58b12a5a985d87d63f7902e8f3cab806cbc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Tue, 19 Mar 2024 06:45:00 GMT
Server
Microsoft-IIS/10.0
ETag
"169af7c879da1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
323447
Predictions-2024-banner-1000-wTiPPcH.webp
documents.trendmicro.com/images/TEx/articles/
91 KB
91 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/Predictions-2024-banner-1000-wTiPPcH.webp
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
350b392ec44d00b6b789b546ce78ee429e6ea703c701fa916d3652cf315b6614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Tue, 28 Nov 2023 09:21:09 GMT
Server
Microsoft-IIS/10.0
ETag
"3580de38dc21da1:0"
X-Powered-By
ASP.NET
Content-Type
image/webp
Accept-Ranges
bytes
Content-Length
93122
calibrating-expansion-thumb-main-MDMlRXK.jpg
documents.trendmicro.com/images/TEx/articles/
235 KB
236 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/calibrating-expansion-thumb-main-MDMlRXK.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a1b21f08b61e062f9814fda28c782d6b354fdf5f85d9686395c312d93e7ffe13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Last-Modified
Tue, 19 Mar 2024 06:33:36 GMT
Server
Microsoft-IIS/10.0
ETag
"3b8f755fc779da1:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
241033
clientLibs.min.js
www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/
646 B
630 B
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/editableTemplateComponents/content/footer/v1/footer/clientLibs.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
db05d4267dfa54efcffce5353b6b16959137d2387075f61974be55c6d3d6413c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Thu, 07 Mar 2024 21:58:07 GMT
server
Akamai Resource Optimizer
date
Fri, 22 Mar 2024 11:51:19 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279005_399431111_693546807_28_8328_35_0_182";dur=1
x-prod-n-01
Yes
content-length
251
x-xss-protection
1;mode=block
vendor.min.js
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/
420 KB
119 KB
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4fde85fa8e2580ffdb174ac656dbb16213865510e97058a8a5c8ca08b0ce8878
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Wed, 13 Mar 2024 14:33:57 GMT
server
Akamai Resource Optimizer
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546840_148_8545_35_0_182";dur=1
content-length
121357
x-xss-protection
1;mode=block
clientlibs.min.js
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/
116 KB
23 KB
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9b7a6d6bbb991c1f914650b31aba23630c0316ac9968340b1d09af39ca4aa178
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Tue, 19 Mar 2024 17:29:28 GMT
server
Akamai Resource Optimizer
date
Fri, 22 Mar 2024 11:51:19 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546841_148_8431_35_0_182";dur=1
x-prod-n-01
Yes
content-length
22671
x-xss-protection
1;mode=block
header-footer.min.js
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/
36 KB
6 KB
Script
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/header-footer.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
523e8e412693994fe6b7c57035ee70d6d0981da58428747101852ac0710fbded
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-a-01
Yes
last-modified
Thu, 14 Mar 2024 03:09:25 GMT
server
Akamai Resource Optimizer
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279027_399431111_693546842_1200_8130_35_0_182";dur=1
content-length
5336
x-xss-protection
1;mode=block
customPageScripts.js
www.trendmicro.com/vinfo/js/
19 KB
4 KB
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/customPageScripts.js?Ver3.1
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
bc40f55dc0399b99382412b3f312bd466bf2b0c3d1b227edc7bf2152ad7f43ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546843_152_8555_35_0_182";dur=1
x-prod-n-01
Yes
content-length
3694
x-xss-protection
1;mode=block
last-modified
Mon, 11 Mar 2024 08:11:10 GMT
server
Akamai Resource Optimizer
etag
"c79e7ea5329d61:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464503
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
share.js
www.trendmicro.com/vinfo/js/
2 KB
1020 B
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/share.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
d1d326206efc842a8035a2d3a1d53aa66176de9d45039389d090c0ee72a39a48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546846_151_8399_35_0_146";dur=1
content-length
599
x-xss-protection
1;mode=block
last-modified
Thu, 07 Mar 2024 19:50:32 GMT
server
Akamai Resource Optimizer
etag
"3ddd4e9ebe81d21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464503
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
TEX.tooltip.js
www.trendmicro.com/vinfo/js/
3 KB
1 KB
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/TEX.tooltip.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
6f2adcf50cdc9374afa8b93818776ca2f36eef0f27b356df715d4d98aa6b5e19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546847_157_8314_35_0_146";dur=1
content-length
739
x-xss-protection
1;mode=block
last-modified
Mon, 26 Feb 2024 04:11:24 GMT
server
Akamai Resource Optimizer
etag
"b0101fb31d89d31:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=59079
accept-ranges
bytes
expires
Sat, 23 Mar 2024 04:15:58 GMT
eqlcolList.js
www.trendmicro.com/vinfo/js/
1 KB
778 B
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/eqlcolList.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
563772f765890f5c4e868355b1c9755deae8e886e1281cec1c15ee708543eb79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279031_399431111_693546844_1583_8374_35_0_182";dur=1
content-length
356
x-xss-protection
1;mode=block
last-modified
Thu, 07 Mar 2024 19:50:34 GMT
server
Akamai Resource Optimizer
etag
"57233c6f5283d21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464503
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
viewportchecker.js
www.trendmicro.com/vinfo/js/
3 KB
1 KB
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/viewportchecker.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
42e1111a0ebc79d1aa68af2ccac42031123c6a60fcdcc893c1452c9a76ef33da
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546848_159_8291_35_0_146";dur=1
x-prod-n-01
Yes
content-length
948
x-xss-protection
1;mode=block
last-modified
Thu, 07 Mar 2024 19:52:28 GMT
server
Akamai Resource Optimizer
etag
"fdd9636cb085d21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464503
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
scroller.js
www.trendmicro.com/vinfo/js/
8 KB
1 KB
Script
General
Full URL
https://www.trendmicro.com/vinfo/js/scroller.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7f57ae8c90a70d08a93990e3a24863fb52ad58e46587ebb3cbb93a0ad030d65a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546849_160_8282_35_0_146";dur=1
x-prod-n-01
Yes
content-length
1038
x-xss-protection
1;mode=block
last-modified
Thu, 07 Mar 2024 19:52:54 GMT
server
Akamai Resource Optimizer
etag
"5d6699c8be85d21:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=464503
accept-ranges
bytes
expires
Wed, 27 Mar 2024 20:53:02 GMT
jquery.dataTables.min.js
www.trendmicro.com/vinfo/cloudlink/datatables/
80 KB
25 KB
Script
General
Full URL
https://www.trendmicro.com/vinfo/cloudlink/datatables/jquery.dataTables.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
a9c575c2bf9b9f836806dc58aa0866cb558806fc5ea1ef2f4250a8c0b1be7278
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-prod-n-02
Yes
date
Fri, 22 Mar 2024 11:51:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279016_399431111_693546850_163_8408_35_0_146";dur=1
content-length
24837
x-xss-protection
1;mode=block
last-modified
Sat, 09 Mar 2024 06:08:09 GMT
server
Akamai Resource Optimizer
etag
"71114878daabd31:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=434912
accept-ranges
bytes
expires
Wed, 27 Mar 2024 12:39:51 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/
36 KB
9 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8422
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:41:51 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/
248 KB
66 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 16:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 16:13:47 GMT
gtm.js
www.googletagmanager.com/
155 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MT6DHL8
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8921e3e5e26f923941ba4627de5403ab77ba7215ef566b4fa66ca6dab2b0907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59893
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 11:51:19 GMT
token.json
www.trendmicro.com/libs/granite/csrf/
245 B
461 B
XHR
General
Full URL
https://www.trendmicro.com/libs/granite/csrf/token.json
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ddb3a051562457ce3d69a677341ad2cccad3a6c7dc6ca563c3a0c7a69ea181e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:18 GMT
content-encoding
gzip
x-prod-a-01
Yes
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1711108278960_399431111_693546695_601_8269_35_0_219";dur=1
content-length
206
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/js/analytics.js?v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 11:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
757
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 22 Mar 2024 13:38:42 GMT
LJA84-589LU-SVNVV-WKPLQ-NBTC7
s.go-mpulse.net/boomerang/
159 KB
40 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Tue, 19 Dec 2023 08:14:27 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
41190
utag.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
110 KB
22 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08987cd468fb89df63ff92df457ce691ce10e7f5c5c9cd5e56287f6dc3b1573c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
TP4ZB3LZRrHKPvicsfEuA72BKcYf2.aH
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:34 GMT
last-modified
Tue, 05 Mar 2024 20:05:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
46
x-amz-server-side-encryption
AES256
etag
W/"a67deca15d8c890607a64d882d4d9144"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
0N3Ao2emr_lcALHkgOZ3KkVwQqZWpZl2E6zmAaf5BCmlalR4-kxdnA==
OpenSans.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/OpenSans/
58 KB
58 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/OpenSans/OpenSans.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 17:04:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=588
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279017_399431111_693546851_165_8402_35_0_255";dur=1
x-prod-n-01
Yes
content-length
59444
x-xss-protection
1;mode=block
material-symbols-outlined.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/
225 KB
226 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/material-symbols-outlined.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ad514bcb3f2e982a190a5e963a29655f37824683a85f6b9ebe942ebd735e18ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/vendor.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 07 Sep 2023 17:07:37 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=1455
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279025_399431111_693546852_982_10784_35_0_255";dur=1
x-prod-n-01
Yes
content-length
230732
x-xss-protection
1;mode=block
Interstate.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate/
41 KB
41 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate/Interstate.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5bfa00cf23b38ea03bdcf0c04fabb32c8b1fb36b62f7bdabb5071ed6676701b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 17:04:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=346
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279017_399431111_693546853_164_8276_35_0_255";dur=1
x-prod-n-01
Yes
content-length
41508
x-xss-protection
1;mode=block
rs-magniber-banner-1500-foI1mlf.jpg
documents.trendmicro.com/images/TEx/articles/
37 KB
38 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/rs-magniber-banner-1500-foI1mlf.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
78fb3ddd8f59a195a9cd97e710fb315ee4a8fddebffe0d27bd9bc5a338440044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:18 GMT
Last-Modified
Thu, 19 Jan 2023 11:25:02 GMT
Server
Microsoft-IIS/10.0
ETag
"b6ad70acf82bd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
38187
20210127030345675-536-2OfrpDh.png
documents.trendmicro.com/images/TEx/icons/
31 KB
31 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20210127030345675-536-2OfrpDh.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e2338b763b58c3cc358441c594610101e429b8bc36790bc301151d6cb3fdade9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Wed, 27 Jan 2021 11:03:45 GMT
Server
Microsoft-IIS/10.0
ETag
"5131e9149cf4d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
31634
20201113013620138-994-t7wdxoU.png
documents.trendmicro.com/images/TEx/icons/
10 KB
10 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113013620138-994-t7wdxoU.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
239fdb6730e9f234b8b39d72ee99af8a762b69ed075c7cbbaf2751dceec1a0ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 09:36:20 GMT
Server
Microsoft-IIS/10.0
ETag
"971e5671a0b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
9810
20201113014000875-23-MX3tvAI.png
documents.trendmicro.com/images/TEx/icons/
4 KB
4 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113014000875-23-MX3tvAI.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2cb0fcc3874f38cf31a9c8a905e51d08f200dfaa7f5b59d1fc5d887679ec7b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 09:40:00 GMT
Server
Microsoft-IIS/10.0
ETag
"d753eaf4a0b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4153
20201113020615192-628-PEcXcTY.png
documents.trendmicro.com/images/TEx/icons/
10 KB
11 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113020615192-628-PEcXcTY.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
983b01fb791009138c45c8f0b4bb23acf47b0fc5944ddeb211679ded611994b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 10:06:15 GMT
Server
Microsoft-IIS/10.0
ETag
"4fa8459fa4b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10728
20201113015839499-682-4nEusQz.png
documents.trendmicro.com/images/TEx/icons/
6 KB
6 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113015839499-682-4nEusQz.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
828782f2fa51485871df9fbd53155d47fd41b38907a74d8f8af328a9df49c81d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 09:58:39 GMT
Server
Microsoft-IIS/10.0
ETag
"dbc1aa8fa3b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6046
2020111302061438-896-rx5T8Dg.png
documents.trendmicro.com/images/TEx/icons/
4 KB
5 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/2020111302061438-896-rx5T8Dg.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ddbc291be48759beda4bab9103ff67aad956b6eeca7a9432215047e1c571149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 10:06:14 GMT
Server
Microsoft-IIS/10.0
ETag
"fbfcc9ea4b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4556
20201113020606708-849-kKYgaik.png
documents.trendmicro.com/images/TEx/icons/
7 KB
7 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113020606708-849-kKYgaik.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3600b030ef76b6efd7cb2388789614afac27fc1f83c814a701daaa227cef44d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 10:06:06 GMT
Server
Microsoft-IIS/10.0
ETag
"2b7379aa4b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7219
20201113020620395-807-44AcVio.png
documents.trendmicro.com/images/TEx/icons/
10 KB
10 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113020620395-807-44AcVio.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa688df996d472fb14d08bc17f7fe64c2b2e3ac38ae257f82cb0f4ca3fdcbe9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 10:06:20 GMT
Server
Microsoft-IIS/10.0
ETag
"fb995fa2a4b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10413
202011130152229-965-fo7X4P9.png
documents.trendmicro.com/images/TEx/icons/
6 KB
7 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/202011130152229-965-fo7X4P9.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9c5b1a13a2f7df690eba5f5562a012c8287e104e75f3844158b759611b495a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:21 GMT
Last-Modified
Fri, 13 Nov 2020 09:52:22 GMT
Server
Microsoft-IIS/10.0
ETag
"d7fd2fafa2b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6531
20201125001604841-231-eFY5xS3.png
documents.trendmicro.com/images/TEx/icons/
47 KB
47 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201125001604841-231-eFY5xS3.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d82b1a9a2cc1e98aab345965c63e6cdc6d5782d5ab2ddccc99edb4fa28058202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:21 GMT
Last-Modified
Wed, 25 Nov 2020 08:16:04 GMT
Server
Microsoft-IIS/10.0
ETag
"968429383c3d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
47992
20201113014002-752-StBo3Eg.png
documents.trendmicro.com/images/TEx/icons/
5 KB
5 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113014002-752-StBo3Eg.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
165e3a9b29dd3c7cfc6eb330ace9284d6f8a4de52f34b78e4d84f6faa28206a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 09:40:02 GMT
Server
Microsoft-IIS/10.0
ETag
"5b9b93f5a0b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4958
20201113020612458-795-uVriV2R.png
documents.trendmicro.com/images/TEx/icons/
3 KB
3 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113020612458-795-uVriV2R.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2a4e748b01ca6bb2a1bc3e344a815e2b1a3e7f9a7de1be6ff0959f0e83f45d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 10:06:12 GMT
Server
Microsoft-IIS/10.0
ETag
"6b6ba49da4b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3176
20201113014001625-842-Qm8VLCY.png
documents.trendmicro.com/images/TEx/icons/
7 KB
7 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113014001625-842-Qm8VLCY.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2b094f33d25173f475f41a0526bbcb2acebf727a5239decda05553375d2920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 09:40:01 GMT
Server
Microsoft-IIS/10.0
ETag
"bb625af5a0b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7381
20201113021244244-629-2PxiwaM.png
documents.trendmicro.com/images/TEx/icons/
10 KB
10 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/icons/20201113021244244-629-2PxiwaM.png
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cd934d18b2a48ed04d6fe7f97745ab75bcf32cacfcef4c2b6bd21c8b624542d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Fri, 13 Nov 2020 10:12:44 GMT
Server
Microsoft-IIS/10.0
ETag
"63422a87a5b9d61:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
10127
OpenSans-SemiBold.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/OpenSans-SemiBold/
58 KB
58 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/OpenSans-SemiBold/OpenSans-SemiBold.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5c30d00dbb97ec4c05d6b41e850ea8ffab1c1623692de4193bcb235639be1d8d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 17:04:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=954
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279106_399431111_693547135_31_7907_36_0_255";dur=1
x-prod-n-01
Yes
content-length
59480
x-xss-protection
1;mode=block
Interstate-ExtraLight.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-ExtraLight/
23 KB
24 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-ExtraLight/Interstate-ExtraLight.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f3deafdceca8489bc6713e7ff9c3869c17177783edf1b56a39c20fc301dbfaaf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 17:04:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=1465
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279106_399431111_693547136_38_7907_36_0_255";dur=1
x-prod-n-01
Yes
content-length
23728
x-xss-protection
1;mode=block
Interstate-Bold.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-Bold/
50 KB
51 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-Bold/Interstate-Bold.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1203817a41844d7b3fb01f6ebdef78975b98e96e09719b60fecc368afde2fc6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 17:04:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=1430
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279109_399431111_693547137_326_9364_36_0_255";dur=1
x-prod-n-01
Yes
content-length
51664
x-xss-protection
1;mode=block
Interstate-Light.woff2
www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-Light/
54 KB
55 KB
Font
General
Full URL
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs/resources/fonts/Interstate-Light/Interstate-Light.woff2
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fa308959966462d3ef5890122526efbfe12e868a30803cfaec0d4786d9ff54a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/etc.clientlibs/trendmicro/clientlibs/trendmicro-core-2/clientlibs.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-prod-n-02
Yes
x-prod-a-01
Yes
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 17:04:23 GMT
server
nginx
date
Fri, 22 Mar 2024 11:51:19 GMT
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
public, max-age=1446
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279106_399431111_693547138_31_7958_36_0_255";dur=1
content-length
55608
x-xss-protection
1;mode=block
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hEk5a1PiLA.woff2
fonts.gstatic.com/s/cairo/v28/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hEk5a1PiLA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b592cbd3146f76d70e35b1cb5807a0df441c83c29a5bc70d7b68c4269cc8444d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:58:26 GMT
x-content-type-options
nosniff
age
273173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15168
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:53:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:58:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:10:53 GMT
x-content-type-options
nosniff
age
272426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 08:10:53 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/
49 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:00:56 GMT
x-content-type-options
nosniff
age
539423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50668
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:13:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Mar 2025 06:00:56 GMT
RS-Magniber-fig-03-cLDL02q.jpg
documents.trendmicro.com/images/TEx/articles/
26 KB
27 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/RS-Magniber-fig-03-cLDL02q.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2dc6739f1427a93aa71d5a7910e6f2f6f2f51774b49d52eba46f5dd1453f6aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:21 GMT
Last-Modified
Thu, 19 Jan 2023 13:48:17 GMT
Server
Microsoft-IIS/10.0
ETag
"60ba31afc2cd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
26916
RS-Magniber-fig-02-CV5f2UW.jpg
documents.trendmicro.com/images/TEx/articles/
101 KB
101 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/RS-Magniber-fig-02-CV5f2UW.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8e18319c572478ece9f57f741f31d4effa2412d58d44e746e4611a275cd9bd47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:21 GMT
Last-Modified
Tue, 24 Jan 2023 10:32:44 GMT
Server
Microsoft-IIS/10.0
ETag
"b53ce531df2fd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
103414
RS-Magniber-fig-03-r9r7y4z.jpg
documents.trendmicro.com/images/TEx/articles/
99 KB
100 KB
Image
General
Full URL
https://documents.trendmicro.com/images/TEx/articles/RS-Magniber-fig-03-r9r7y4z.jpg
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.70.178.131 , Japan, ASN16880 (AS2-TRENDMICRO-COM, US),
Reverse DNS
sjc1-te-ftp.trendmicro.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2b87675000aa06854dc6ec4958fa571b618221569949a88c3c407ccc41d1cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Last-Modified
Tue, 24 Jan 2023 10:33:49 GMT
Server
Microsoft-IIS/10.0
ETag
"7173d058df2fd91:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
101673
fontawesome-webfont.woff2
www.trendmicro.com/vinfo/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.trendmicro.com/vinfo/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-181.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.trendmicro.com/vinfo/css/font-awesome.min.css
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Dec 2016 07:50:34 GMT
server
nginx
etag
"0c15513285cd21:0"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279174_399431111_693547353_28_8942_35_0_255";dur=1
accept-ranges
bytes
x-prod-n-01
Yes
content-length
77160
x-xss-protection
1;mode=block
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bb22e81453d6b69b10d640ba35b9a6ff3cc402d23e8b034bb3a1f1cee362084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 22 Mar 2024 11:51:19 GMT
utag.69.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.69.js?utv=ut4.49.202006041752
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13a39b6b34bdb7d7241423cbdad82caa9f71894b432ee86ac5ae46a783ff8a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
x9v.kN8M1sPaQ3HaIF0RbvnEolFY8ON8
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:34 GMT
last-modified
Tue, 05 Mar 2024 20:05:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
46
x-amz-server-side-encryption
AES256
etag
W/"75d0e0e6873d97c7e99f9a91a3728727"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
uSwtvE5kTPqQh8ZCblWH2ZZUmeTTbrHW5NrPG3-xOcGqDkfUybpYtA==
utag.81.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
24 KB
6 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.81.js?utv=ut4.49.202305162129
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0726b52bd1cd916bfc197208c2ddb17c4373cc6238ba53bf671ab11803ea741b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
FiCQJkrauOjmIT6xP8vHwR1s.kVvBMc_
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:34 GMT
last-modified
Tue, 05 Mar 2024 20:05:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
46
x-amz-server-side-encryption
AES256
etag
W/"901889998cc4f0c69e7d76ea588f9d42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
JSMqe9okJGmqa9HsoDFi3elIK7G4QgxNjEcaIzLbDYNYNh0oECo-Wg==
utag.29.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
4 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.29.js?utv=ut4.49.201510262117
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c6bb7a62f5c16d0e7e323cd1e3be9c5d47d2ae5fb9ea8e12f3754a03d0b1c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
kWOgKNcCel2dbNOSo9RR73n7y56tI0Lb
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"3a258843de60fdb09f28523275d3ef2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
TXV4Tn_Pv3NQ4RTfYWALO9pfeR7R1NmMZYWtcgrLD1cUSktUdeXHrg==
utag.18.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.18.js?utv=ut4.49.201510262117
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dc4bded97472d2f4cf36308b7996200cc08db4379f15fc0a3116b7d225338e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
WouNkl6eF60Bqm2p1v3DgUFwAy6u3yjK
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"ad1ac8a183375d07aae6cdba783cffa3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
M-DShMN3R8OawKXhYEWssFf59eopaGMUo1jjzDJ6SCcWjtAIkOeGxQ==
utag.22.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.22.js?utv=ut4.49.201510262117
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa0071a54f3622eeddd8f2c70e370c4e63cc39cb8abdb9b6b8b0222c7dfa473b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
aPI7JTvYIEZBsUMmz8KMOMiBl_S27u.M
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"649e2050b121e2eba734c431d161f754"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
GO1ImoC5MzwjeSHmFgUe0ixG50HWvEVBwG8gltbHBSZ6XjHbDdxhiQ==
utag.9.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.9.js?utv=ut4.49.201510262117
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa53da5dee5c2a1f9c907460752ac2d99020d3848090bf3940cccb39fba01dd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
4NBth8yytsgLgMY2LDhzmgjur1rd8i7V
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"e34cdda1c35b36f348a55f4ea85e2d2a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
s_jsYfaOJz7ktPF5_tgGFGOFuDJoBGnXyeet5kPC14fhhIokHa6PtQ==
utag.43.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.43.js?utv=ut4.49.201510262117
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
963ed4d34c87a19eb2653d018fe871c7262c9bda9aa5d13a384d42f22c800f0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
Md1CINT.MQJu.dsE1jGUp4vN58gVqYDQ
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:49:31 GMT
last-modified
Tue, 05 Mar 2024 20:05:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
108
x-amz-server-side-encryption
AES256
etag
W/"e4138d5f399f0fd27caa4e694548d8f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
OoXXfn-qiy8Dvn6ZxyBuSsjdazXxwtTUSr5k66Ag4hqA0mS7ydhLSg==
utag.75.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.75.js?utv=ut4.49.201608171750
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc75fc8bd77a09c2c31992290e91787bb0a3b46212917c4956aa459da258b749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
a.1qqSkaTpZjmEekVV7g01.Xn3R2T7Ks
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"98a7596ef3168434e30c389bb727ae77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
RWtASy20z6tBr3QDMZxKS0tm2qXieIA4Drm_SBSlYoTve7fGZdmb7A==
utag.115.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
10 KB
3 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.115.js?utv=ut4.49.202109201636
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f82eab82cf80ff1e120ba6bbc2923615d427f558927d06826e6dab01f10a6fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
Ws7uHMAwZjZxZv808IyWGo2dXQH53Ayp
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"f455891d593242aec6d5208f2815532b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
V2Im7fTpD4GGhkzslafXIm9H_qq_Y0r5GYF3P3U6V76btGTatM7IYQ==
utag.117.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.117.js?utv=ut4.49.202109291943
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8a325613a88ea2e903acc7c63efafb7f4266ee296b6353f12aa576026c2f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
_Egz0pJaNFtpEJDPzL_eQqafsFWHgzLB
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"32be3f8ba225890bdfdaad84b2ca70f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ymXqNgO6D9P19JbFjtF_8UjzK1apOtEVFW8ooN092C0MGxverYk_MQ==
utag.145.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
4 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.145.js?utv=ut4.49.202305162129
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2ee3de5ffb3de5456eb01221fd3c64a851fbdc8cbe2edeefd8a01cef1902a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
5mk5Pes7ABKwJ0sT3QmV9LGt_erNPsvg
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"7ce1e4884587bb362f8bcd5e928ef2fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
JWIrM0cqr4CgGElZi7DedNpMNTMjonOeqs8wZb1Z2j1nDxNjmUKB4g==
utag.151.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.151.js?utv=ut4.49.202109071517
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eece5709f828182a567f2e576195fbac03f6d0f076fd97a81ebfebf5a1348df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
uAQKDj98eh9t4ap5n3YkrG457c4lo02Y
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"1df78161d58d660ea6ad6604655d4682"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
3A1qPFXPk7d8gkH2A0MiNtcVwQ9s-2_Oc7mRruVIMdbiuMVtwSI24g==
utag.171.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
14 KB
4 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.171.js?utv=ut4.49.202308081722
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b2a07be2961576f0b4077074d640cec8d4c5892109741bd0c2b013046f505a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
UhQ7zZy4u2dcCNm5NWWLrwdrRaEAO3.J
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:34 GMT
last-modified
Tue, 05 Mar 2024 20:05:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
46
x-amz-server-side-encryption
AES256
etag
W/"3d9d548509f226e3b2a3449e26898bd9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
0lE0VGQ8kN0xvUntTRIuBs8GxUAkDJOl29ByzXvFfpQgOmcLiaY6Xg==
utag.187.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.187.js?utv=ut4.49.202402161940
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03252b877e1f233841ea078f705feff1e0a3713ae9d78d50dfed534c3e242008

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
wuzIX5gsVaKHg26o0XZCo8Pua4RXVAHD
content-encoding
br
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"01f78881a94f51fce7849f134a0d4b83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
4wLuy9hbZcS8vS2Op0sG1ljSuu9ONfFeVaIxKsWOp9P_1MbTr670VQ==
utag.189.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
12 KB
5 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.189.js?utv=ut4.49.202305082144
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aac964c3413f7f6db878d130df58f7c6b03473345294f3cf82013a619ff07091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
I8r5VLNsyVg8e3qlni9wcKj3tGrigu01
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"762ef52a428b2bd46aa1431509b6b6d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
pQm4WKVJan33QmtEcRDVyImBRjH0e8HZQUOvdF9o3kdQrhlz_4Yyug==
utag.205.js
tags.tiqcdn.com/utag/trendmicro/nabucms/prod/
4 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.205.js?utv=ut4.49.202402222121
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c32c72305e58e3885f42d3f29a702393a4f07a44caba3a91e2b1eb4ae8161a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
ZJ.nKsYrWfu7w5aSHDik2_cdduJufKS0
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 11:50:33 GMT
last-modified
Tue, 05 Mar 2024 20:05:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48
x-amz-server-side-encryption
AES256
etag
W/"996aa20ba69a532ec4c3a074f0f4e8aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Y4sJ-B97yvnMbjYELPiZM5AQKZmUQgowD62N-D97PKSIhBCHf88Tyw==
gtm.js
www.googletagmanager.com/
429 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXGNM2&l=dataLayer
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9b0a150d864e5807481d89818b4789cf4b4398035bb32d58a816d1055bb0d72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105333
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 11:51:19 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.29.js?utv=ut4.49.201510262117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 09:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6982
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 22 Mar 2024 11:54:57 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 01:24:48 GMT
Server
AkamaiNetStorage
ETag
"cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
729
insight.min.js
sjs.bizographics.com/
48 KB
17 KB
Script
General
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.43.js?utv=ut4.49.201510262117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 16:03:53 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=20250
accept-ranges
bytes
content-length
17224
conversion_async.js
www.googleadservices.com/pagead/
49 KB
18 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
138dc998424a6f8f578ae8fe723a4c0d5cf3822795319642f4eeedb6c66a7244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17946
x-xss-protection
0
server
cafe
etag
4422050633817958575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Mar 2024 11:51:19 GMT
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 29 Mar 2024 11:51:19 GMT
revenuepulse-lib-v3.js
resources.trendmicro.com/rs/945-CXD-062/images/
2 KB
1 KB
Script
General
Full URL
https://resources.trendmicro.com/rs/945-CXD-062/images/revenuepulse-lib-v3.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8366292b6413e815888abbc34c7800df0b1d8101bff22e1f3ca1f34170a73b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 09 Mar 2024 02:50:00 GMT
server
cloudflare
age
21
etag
"300bbb-6f3-613315d5b4a78"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
8685f81a883ebfcb-WAW
content-length
695
expires
Fri, 22 Mar 2024 11:52:19 GMT
fbevents.js
connect.facebook.net/en_US/
216 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57659
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1326, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
gqAE6ibx6VLztZahC10VY1P4Vqq15PmOrWYiiGaFjpMtRIokJjmPVDI3C/m3HBcV1zRgW6ax5jZ6JMjh2XlYbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ktag.js
resources.xg4ken.com/js/v2/
9 KB
4 KB
Script
General
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EB
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.144.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-144-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1b76ba575405d509e0623aad3080e3f8d793ab95767a01fc69b6a9744c0283b3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 14:02:32 GMT
server
nginx
etag
"65b90178-dd8"
content-type
application/javascript
cache-control
max-age=86400, public
content-length
3544
x-xss-protection
1; mode=block
expires
Sat, 23 Mar 2024 11:51:19 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
2969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 22 Mar 2024 12:01:50 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
811 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
3451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 22 Mar 2024 11:53:48 GMT
collect
www.google-analytics.com/j/
16 B
224 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1257034060&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&ul=en-us&de=UTF-8&dt=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIrAAAAACAAI~&jid=720353470&gjid=168083668&cid=1568980449.1711108279&tid=UA-15678759-2&_gid=824907187.1711108279&_r=1&_slc=1&z=610869229
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
826354627bb80d8338c31b0d8752bc3c527c36eca6b6c248c28899aa61a454c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
sv2uuh4gw3ms.js
js.driftt.com/include/1711108500000/
220 KB
62 KB
Script
General
Full URL
https://js.driftt.com/include/1711108500000/sv2uuh4gw3ms.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.151.js?utv=ut4.49.202109071517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
17e70f90def9a1c940d3058eb5a92e799cce54b564b5c170eeb829810574fbb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
dkMchjetv5DIX09qjPM.nM7kdQMAmR01
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Fri, 22 Mar 2024 11:51:19 GMT
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
47
last-modified
Mon, 11 Mar 2024 20:33:52 GMT
server
istio-envoy
etag
W/"e96096360f42afc817bbb30e00c13f5f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2jSd9e9O4G2aCPoZ0yVmtDvnk_hBIGp9LsaRpRd-B1TDzZefrY3XHQ==
6si.min.js
j.6sc.co/
64 KB
18 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Feb 2024 19:00:41 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"65d799d9-101dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
17693
expires
Fri, 22 Mar 2024 11:51:19 GMT
equally-widget.min.js
widget.equally.ai/
938 KB
258 KB
Script
General
Full URL
https://widget.equally.ai/equally-widget.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.187.js?utv=ut4.49.202402161940
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ed544b374d4c02027cc0a0e43a8fee0e216939384efdc5f1e0b1ede30366f77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:02:53 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
17307
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"bf4c7d53ee8c8d1ee317a7b70423d59f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
_983rgrGRvwbpWCYJLsaGp2rrqZPl6ndUDAsubTmdFAOc1iYhsLgKw==
js
www.googletagmanager.com/gtag/
312 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4502MK3B94
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01154faffec8c1ad0c69007b28930a1b86902d1f0b469be222fc735a6ff8bc91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 11:51:19 GMT
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200169-IAD, cache-muc13950-MUC
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9424
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"257f9651f9cfd949f6dde30f51352116"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjAeCGwQg2KZHlleZNky%2FUAoVIwSMvzHeL0C3wO%2FbmJbz7t3EGplqR2y4cSByf9h%2FWDNUGI5ZqaDUq7UpULz9fhNr5njOf5QRF2glB43E3x8GilrR%2FGNjAajyErnQjr5%2BvNvSTYB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
8685f81b8fc49297-CPH
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
433 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=trendmicro/nabucms/202403052004&cb=1711108279295
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Fri, 22 Mar 2024 11:48:07 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
193
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
WHEbXgZu0ehCAFejrMnORcwQ9c6_CxlcRx_XCCMTNB2RCq554wOxEA==
collect
www.google-analytics.com/j/
15 B
83 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1257034060&t=pageview&cu=&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&ul=en-us&de=UTF-8&dt=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEIrBAAAACAMIg~&cid=1568980449.1711108279&tid=UA-44592531-1&_gid=824907187.1711108279&_slc=1&cd15=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&z=1653668562
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
045cf7fd65fd76199b79479c9bfd035d30e173ef2942f8b82360c85a811e843a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
312 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4502MK3B94&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MT6DHL8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
801a9c10c0f5df7a7beb54fb3930066c96238ce2c0cd7b71d5a2519f53a6f3c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100134
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 11:51:19 GMT
collect
stats.g.doubleclick.net/j/
1 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-15678759-2&cid=1568980449.1711108279&jid=720353470&gjid=168083668&_gid=824907187.1711108279&_u=IEBAAEIqAAAAACAAI~&z=519328124
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
246 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9RTX7DD265&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4afa2f4769d6254f58b8c3373bf4f2660041e23276754af94925f7bdee4729c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89651
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 11:51:19 GMT
munchkin.js
munchkin.marketo.net/163/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/163/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:19 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Jan 2023 02:26:40 GMT
Server
AkamaiNetStorage
ETag
"ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4741
Expires
Sun, 30 Jun 2024 11:51:19 GMT
js
www.googletagmanager.com/gtag/
293 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JSMMKXDWBS&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb16e72416ed28cf1dc29061bf4e2f388e4e29573c775b2181afa4199110cef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Mar 2024 11:51:19 GMT
www-widgetapi.js
www.youtube.com/s/player/589f1394/www-widgetapi.vflset/
216 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/589f1394/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa0d66887bc53fa2c3aae867f345f2765cd72da482bf5b297fedcdc56259f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
15377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68373
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 04:21:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 22 Mar 2025 07:35:02 GMT
destination
www.googletagmanager.com/gtag/
193 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-5427711&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXGNM2&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9de58212f20de4cd0f5f1f17e9613bab43545df94bc3c1b05dd3cb249bd8f56f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72013
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 11:51:19 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXGNM2&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 22 Mar 2024 11:51:19 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD4061C06D4647E284ED87761A052238 Ref B: CPH30EDGE0616 Ref C: 2024-03-22T11:51:19Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
destination
www.googletagmanager.com/gtag/
245 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-929919117&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXGNM2&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f800118c2b25df31bc76f8113e59f63b4ffc6a3948c903dfa09f441b0a71067f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86629
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 11:51:19 GMT
destination
www.googletagmanager.com/gtag/
193 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9572106&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXGNM2&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
812f0b037d45543ef221e7e3545b89d6839aad4a4bbbf22fe987d70a78dc6c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72013
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 11:51:19 GMT
up_loader.1.1.0.js
js.adsrvr.org/
9 KB
4 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXGNM2&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 04:57:49 GMT
Content-Encoding
gzip
Via
1.1 284574e4f15389d93bfcb84d196a92f0.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Mar 2024 19:43:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
24811
x-amz-server-side-encryption
AES256
ETag
W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
WE3MIrgDapOP9uWhqJWWgrbSmHMS3uYzlpFGQAuo_16MNT2Cg7A3rQ==
/
attr.ml-api.io/
Redirect Chain
  • https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.trendmicro.com%26pId%3d%24UID
  • https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dwww.trendmicro.com%26pId%3d%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dwww.trendmicro.com%2526pId%253d%2524UID
  • https://attr.ml-api.io/?domain=www.trendmicro.com&pId=138656349698548073
0
235 B
Image
General
Full URL
https://attr.ml-api.io/?domain=www.trendmicro.com&pId=138656349698548073
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Server
2600:9000:2670:ac00:12:3734:2a40:93a1 , United States, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
via
1.1 ca751e0315de05e656597e32136af94e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
content-type
application/json
x-amz-cf-id
UBnvH2TUjY_969f9q0qs73KWK-Mhv1Ak-r9AVvAbN1oMkmxXIN_fyQ==
content-length
0
apigw-requestid
VB6M2gNkIAMEVQQ=

Redirect headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
an-x-request-uuid
8220cd3d-99fb-4dc9-a249-8f7ad49f81b8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://attr.ml-api.io/?domain=www.trendmicro.com&pId=138656349698548073
x-proxy-origin
193.32.248.237; 193.32.248.237; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4502MK3B94&gtm=45je43k0v884954515za200&_p=1711108278885&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1568980449.1711108279&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711108279&sct=1&seg=0&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&dt=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&en=page_view&_fv=1&_ss=1&_ee=1&ep.consumer=not_consumer&tfd=834
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4502MK3B94
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-yyb3JEF9Pm8ey.js
rules.quantcount.com/
3 B
447 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-yyb3JEF9Pm8ey.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 04:12:43 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
32804
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:25:15 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
oNluWQyIek1eVppnHyMV-uln0V8wYXXaUIiM9CxxO1rgdom8W8RHkQ==
__utm.gif
ssl.google-analytics.com/r/
35 B
197 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1018594604&utmhn=www.trendmicro.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&utmhid=1257034060&utmr=-&utmp=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&utmht=1711108279481&utmac=UA-29051577-12&utmcc=__utma%3D44797537.1568980449.1711108279.1711108279.1711108279.1%3B%2B__utmz%3D44797537.1711108279.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1732060177&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransom...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransom...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D8866%26time%3D1711108279496%26li_adsId%3D7e6616df-b04a-4968-80ce-eeb51a79c97e%26u...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransom...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Franso...
0
267 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&cookiesTest=true&liSync=true&e_ipv6=AQJqa2_6QeO5BQAAAY5mAFC6IHXG_yUjPgOi1K-7oQg6Ov7FLMJOybx_HY6EXqKm6sAycY76
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 70D69D19E16B4678BF7534BB2194E8EC Ref B: CPH30EDGE0721 Ref C: 2024-03-22T11:51:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUPnE/S6ZKEGxYUHGDhw==

Redirect headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7538694D422D4178B0ABA750BC460D9F Ref B: CPH30EDGE0709 Ref C: 2024-03-22T11:51:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=8866&time=1711108279496&li_adsId=7e6616df-b04a-4968-80ce-eeb51a79c97e&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&cookiesTest=true&liSync=true&e_ipv6=AQJqa2_6QeO5BQAAAY5mAFC6IHXG_yUjPgOi1K-7oQg6Ov7FLMJOybx_HY6EXqKm6sAycY76
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUPnE7OzLXVPCMMUaASw==
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9RTX7DD265&gtm=45je43k0v9125550112za200&_p=1711108278885&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=1568980449.1711108279&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&dt=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&sid=1711108279&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=890
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9RTX7DD265&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1015287688/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/1015287688/?random=1711108279538&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tiba=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5e62e598e4d6ff2f9fc35b2c7c3cfd17f7405d07fca17f190cc2b77474695f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1503
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JSMMKXDWBS&gtm=45je43k0v9164383042za200&_p=1711108278885&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=1568980449.1711108279&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&dt=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&sid=1711108279&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_15=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tfd=940
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JSMMKXDWBS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
243552383039605
connect.facebook.net/signals/config/
64 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/243552383039605?v=2.9.150&r=stable&domain=www.trendmicro.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
726f95c0a4f34a9b0b9ff29312e5ac588ae10df3fe641d8a429f5b90a5acfbb6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13275
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=62, mss=1326, tbw=62815, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
+ODSVhqm/eaR/Cxk2jXktQaqXh9jnF0UNZ4lkodT0dcXjsR+d4jyTNGMCwbhomJmYpromPkCmEjcg7PFrrE0Eg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
getuidj
secure.adnxs.com/
11 B
704 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
an-x-request-uuid
e00b782e-8687-47cd-a981-36c7509626f0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.trendmicro.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
193.32.248.237; 193.32.248.237; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
7 B
195 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.trendmicro.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
20 B
312 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8c5692e258913269df8aa8255d877f30ce245d9ccd2c8534b204af716600e79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.trendmicro.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a03:1b20:b:f011::3e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711108279646_34901612_314033778_27_1089_28_57_219";dur=1
content-length
20
expires
Fri, 22 Mar 2024 11:51:19 GMT
adsct
t.co/1/i/
43 B
376 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=f69d636f-1966-4cd3-8cff-6e2347fc618e&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=caa6fd36-a5ca-4172-bee7-286b267f994a&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tw_iframe_status=0&txn_id=nuwoi&type=javascript&version=2.3.29
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time
110
date
Fri, 22 Mar 2024 11:51:19 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e2c818255b197c05
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
8b66c0eba1523257bc54e4d40534d8414f3e0f66f552bee9e48ca18a2008a936
content-length
43
adsct
analytics.twitter.com/1/i/
43 B
723 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=f69d636f-1966-4cd3-8cff-6e2347fc618e&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=caa6fd36-a5ca-4172-bee7-286b267f994a&tw_document_href=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tw_iframe_status=0&txn_id=nuwoi&type=javascript&version=2.3.29
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time
103
date
Fri, 22 Mar 2024 11:51:19 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f75ea9827a27c0da
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
ce26da5f70c471e7bf640341b5cf62451645e5f48edb036c1df3b7234b988747
content-length
43
/
www.google.de/pagead/1p-conversion/1015287688/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTyb...
  • https://www.google.com/pagead/1p-conversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u...
  • https://www.google.de/pagead/1p-conversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_...
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tiba=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4IO0ieeHhQMVZj0GAB1qdgCJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjobaHR0cHM6Ly93d3cudHJlbmRtaWNyby5jb20v&is_vtc=1&cid=CAQSGwB7FLtq6m8kxkRmoYOD2d6AmmN2ZUKqHEB9GA&random=1589656336&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1015287688/?random=543677639&cv=9&fst=1711108279538&num=1&value=0&label=0w45CIDC7AYQiJ-Q5AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&tiba=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIucGxAg&pscrd=IhMI4IO0ieeHhQMVZj0GAB1qdgCJMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjobaHR0cHM6Ly93d3cudHJlbmRtaWNyby5jb20v&is_vtc=1&cid=CAQSGwB7FLtq6m8kxkRmoYOD2d6AmmN2ZUKqHEB9GA&random=1589656336&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
c.go-mpulse.net/api/
2 KB
1 KB
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=LJA84-589LU-SVNVV-WKPLQ-NBTC7&d=www.trendmicro.com&t=5703694&v=1.785.70&sl=0&si=5a1f3be6-1018-4f1b-8356-021d522cdeb2-saqzlj&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Errors,Akamai,EventTiming,BFCache,LOGN&acao=&ak.ai=807181
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:59a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d761ce38299e49663f8dfc9311456c3bcb7bb3555f394cbd1bad6470eef7723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
888
activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2F...
5427711.fls.doubleclick.net/ Frame 560D
Redirect Chain
  • https://5427711.fls.doubleclick.net/activityi;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%...
  • https://5427711.fls.doubleclick.net/activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecur...
698 B
671 B
Document
General
Full URL
https://5427711.fls.doubleclick.net/activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-5427711&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
84b3c038e18ba908e0e8723123115f880b3f8bd21f5e1876edad541b424c64cc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
366
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 11:51:19 GMT
expires
Fri, 22 Mar 2024 11:51:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 11:51:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5427711.fls.doubleclick.net/activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Frans...
9572106.fls.doubleclick.net/ Frame 5387
Redirect Chain
  • https://9572106.fls.doubleclick.net/activityi;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fra...
  • https://9572106.fls.doubleclick.net/activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%...
694 B
663 B
Document
General
Full URL
https://9572106.fls.doubleclick.net/activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9572106&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
04b479f3fe89af5dc7493cfcaa218f9267a6b6d9d9e3d16c577b6c47714c09f5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 11:51:19 GMT
expires
Fri, 22 Mar 2024 11:51:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 11:51:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9572106.fls.doubleclick.net/activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
visitWebPage
945-cxd-062.mktoresp.com/webevents/
2 B
318 B
Ping
General
Full URL
https://945-cxd-062.mktoresp.com/webevents/visitWebPage?_mchNc=1711108279677&_mchCn=&_mchId=945-CXD-062&_mchTk=_mch-trendmicro.com-1711108279677-80906&_mchHo=www.trendmicro.com&_mchPo=&_mchRu=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:20 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
d4d68775-1133-4e1b-bfd8-f0936805b527
sm.25.html
static.addtoany.com/menu/ Frame 01D1
716 B
739 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
14107
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8685f81c38d59297-CPH
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 11:51:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zug0GuV8TT18l%2FvMZH%2FJnDeJHp7wf%2B1Y662Hj9%2BLzz2bUcCdNCoPp%2Fh0DEFIQdCRWhP4K%2BoKw%2FRmNo3FmNPd%2Fwhjcq0lNYxvJsnDWqwQO4JO8fVs77yEaENmOQytJ1Ua8d%2FapSMn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.Ep5bSEmr.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.trendmicro.com/
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18865
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a995aaed2cd978eb5749462d1dc3635e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cg5HQ55unrgyCFnSImedaZiRuNpzwwK%2BMo7ul9i9FjXi66AkrMxAriYlntmBVx1XLNNR98oz0vgRZjH8WB4lYi785P8Ryt%2FlkQcA3PmnWjCG4ZqHHNpak30pHmLGpaTk0u8kchKX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
8685f81c8e7cbe58-CPH
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=243552383039605&ev=PageView&dl=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&rl=&if=false&ts=1711108279705&sw=1600&sh=1200&v=2.9.150&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1711108279702.1316841011&cs_est=true&ler=empty&cdl=API_unavailable&it=1711108279595&coo=false&rqm=GET
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1326, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Mar 2024 11:51:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
img.gif
b.6sc.co/v1/beacon/
43 B
484 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
485 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22f0978075a275d14104571cd0b3e9919c9748869b%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22810eb8f4ed8abcee5cd1e233263d8d3f%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
485 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3Ab%3Af011%3A%3A3e%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
26044208.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/26044208.js
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 22 Mar 2024 11:51:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C16B06BB2D734952AA783EE1624DEB9D Ref B: CPH30EDGE0616 Ref C: 2024-03-22T11:51:19Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
286 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26044208&tm=gtm002&Ver=2&mid=8f02c28f-e84a-4587-99e3-63198c8c1d6d&sid=7f5b9940e84211ee9718a9f65fb39483&vid=7f5bbf40e84211ee8464f316402d35fa&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ransomware%20Spotlight%3A%20Magniber%20-%20Security%20News&kw=Ransomware%20Spotlight,%20Ransomware&p=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&r=&lt=545&evt=pageLoad&sv=1&rn=233274
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 22 Mar 2024 11:51:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 121E3AD875CF4432B1546F38DF09D3A1 Ref B: CPH30EDGE0616 Ref C: 2024-03-22T11:51:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=120618516;rf=0;a=p-yyb3JEF9Pm8ey;url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uht=2;fpan=1;fpa=P0-1645323638-17...
pixel.quantserve.com/
35 B
455 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=120618516;rf=0;a=p-yyb3JEF9Pm8ey;url=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uht=2;fpan=1;fpa=P0-1645323638-1711108279465;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=trendmicro.com;dst=1;et=1711108279728;tzo=-60;ogl=image.https%3A%2F%2Fdocuments%252Etrendmicro%252Ecom%2Fimages%2FTEx%2Farticles%2Frs-magniber-thumb-WkEqZQS%252Ej;ses=b2ad598e-3add-496c-bd4a-8b0627334e5e;mdl=
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:19 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
details
epsilon.6sense.com/v3/company/
721 B
710 B
XHR
General
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
082fa0c79a75af418f2646c10fd835a404e731cd00837f3b1aaf5e36e014909b

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
Authorization
Token f0978075a275d14104571cd0b3e9919c9748869b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-6s-CustomID
WebTag1.0 810eb8f4ed8abcee5cd1e233263d8d3f

Response headers

x-trace-id
6270861205264869583
date
Fri, 22 Mar 2024 11:51:19 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json
x-6si-region
eu-central-1a
access-control-allow-origin
https://www.trendmicro.com
access-control-expose-headers
X-6si-Region
access-control-allow-credentials
true
timing-allow-origin
https://6sense.com, https://www.ssga.com
content-length
388
details
epsilon.6sense.com/v3/company/ Frame
0
0
Preflight
General
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.trendmicro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.trendmicro.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
date
Fri, 22 Mar 2024 11:51:19 GMT
server
nginx
timing-allow-origin
https://6sense.com, https://www.ssga.com
x-6si-region
eu-central-1a
x-trace-id
2255846099131668799
dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=*;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber...
adservice.google.com/ddm/fls/z/ Frame 560D
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=*;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Requested by
Host: 5427711.fls.doubleclick.net
URL: https://5427711.fls.doubleclick.net/activityi;dc_pre=CNPVwYnnh4UDFYcOogMd0EQLAQ;src=5427711;type=remar0;cat=allsi0;ord=1;num=7383714939985;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5427711.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=*;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa...
adservice.google.com/ddm/fls/z/ Frame 5387
42 B
107 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=*;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Requested by
Host: 9572106.fls.doubleclick.net
URL: https://9572106.fls.doubleclick.net/activityi;dc_pre=CKj-wonnh4UDFS8OogMdzXAOEQ;src=9572106;type=trend002;cat=globa0;ord=2822916833203;npa=1;auiddc=428215653.1711108279;u1=%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;gtm=45fe43k0z872003116za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9572106.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
484 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
config
api.equally.ai/api/v1/widget/
36 KB
36 KB
XHR
General
Full URL
https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=ac0f752b202138e488ad036da63efffc
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.220.110.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-110-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3cd077a472169d94c46ff7fd76053a8440247f820d23fd9606629b60066c0062

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
X-Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Mar 2024 11:51:21 GMT
server
nginx
content-length
36941
apigw-requestid
VB6M_jtYIAMEJlg=
content-type
application/json
config
api.equally.ai/api/v1/widget/ Frame
0
0
Preflight
General
Full URL
https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=ac0f752b202138e488ad036da63efffc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.220.110.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-110-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-referer
Access-Control-Request-Method
GET
Origin
https://www.trendmicro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
VB6M-jafoAMEJYQ=
date
Fri, 22 Mar 2024 11:51:21 GMT
server
nginx
/
px.ads.linkedin.com/wa/
0
268 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Mar 2024 11:51:20 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8111985502BD4E1C9B55E90125BF76B1 Ref B: CPH30EDGE0709 Ref C: 2024-03-22T11:51:20Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://www.trendmicro.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYUPnFClz9KL38NwRh98A==
core
js.driftt.com/ Frame 3D04
2 KB
1 KB
Document
General
Full URL
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
32ac58e9211746f23be43c1a08e9fd2ea1e70894c9b346ceb2ec5b6a4d2e855c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 11:51:21 GMT
etag
W/"43f6ef3eb7cdf84d04fbe559fe20d0ca"
last-modified
Fri, 22 Mar 2024 05:26:02 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
AqLYvDl9QNkCAOLb7rFlSHTB_M7gNXCdFhBGpmYDi1zwwL-hgqVZ2w==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
.rzLi8ZJspxo.3sd269RQXsX_rFTYoch
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
14
chat
js.driftt.com/core/ Frame 25E4
2 KB
1 KB
Document
General
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1711108500000/sv2uuh4gw3ms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
32ac58e9211746f23be43c1a08e9fd2ea1e70894c9b346ceb2ec5b6a4d2e855c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 11:51:21 GMT
etag
W/"43f6ef3eb7cdf84d04fbe559fe20d0ca"
last-modified
Fri, 22 Mar 2024 05:26:02 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-id
5vPmbF27bIApz883xomEGppKzERsE9UsHBzsLs3xbecBP5qdpOJnuQ==
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
.rzLi8ZJspxo.3sd269RQXsX_rFTYoch
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
17
up
insight.adsrvr.org/track/ Frame 8C09
0
60 B
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=g2lzvow&ref=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&upid=803df29&upv=1.1.0
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.trendmicro.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Fri, 22 Mar 2024 11:51:21 GMT
server
Kestrel
config
api.equally.ai/api/v1/widget/ Frame
0
0
Preflight
General
Full URL
https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=ac0f752b202138e488ad036da63efffc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.220.110.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-110-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-referer
Access-Control-Request-Method
POST
Origin
https://www.trendmicro.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
VB6NCgmAIAMEJ_A=
date
Fri, 22 Mar 2024 11:51:21 GMT
server
nginx
OpenDyslexic-Regular.woff
widget.equally.ai/fonts/
16 KB
17 KB
Font
General
Full URL
https://widget.equally.ai/fonts/OpenDyslexic-Regular.woff
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2282dbd646a0e093b6315a3692cb2ab6c9bca68d46c01f7c6fba2f1ae924a953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.trendmicro.com/
Origin
https://www.trendmicro.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 11:52:11 GMT
via
1.1 ddcc5754acfb5d436bc0a20046a15158.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
86351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16636
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"7312cd3f9b4e0804d9051e37e97579bf"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
font/woff
access-control-allow-origin
*
vary
Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
accept-ranges
bytes
x-amz-cf-id
S3pmquBN_KICGqVYxGwvcGm6S_qPbzoEVi6T0jtwbEYTAPaIbBW8Kg==
config
api.equally.ai/api/v1/widget/
27 B
159 B
XHR
General
Full URL
https://api.equally.ai/api/v1/widget/config?apiKey=82MjGgGBc5p9X1otEipH&userID=ac0f752b202138e488ad036da63efffc
Requested by
Host: www.trendmicro.com
URL: https://www.trendmicro.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.220.110.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-220-110-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash
16270c15435abfbd1e22c9a06378d29d8823f68d61216d61422d1b0b0643e776

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
X-Referer
https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 22 Mar 2024 11:51:21 GMT
server
nginx
content-length
27
apigw-requestid
VB6NDj9ZIAMEJjA=
content-type
application/json
en.json
widget.equally.ai/locales/
10 KB
4 KB
Fetch
General
Full URL
https://widget.equally.ai/locales/en.json
Requested by
Host: widget.equally.ai
URL: https://widget.equally.ai/equally-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3d804706c6ccb7955d146f5b9a86c200ee5788031e0c8601a0d758da2ce6e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:44:07 GMT
content-encoding
gzip
via
1.1 ddcc5754acfb5d436bc0a20046a15158.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76035
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"c8654951b307d59acadb3324470b6d22"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
x-amz-cf-id
JWAac2Iod9n2ACISd0fdRU1ixRsjGWy_Jf4U2RIsgsPn4mVTFZYoxA==
runtime~main.116b73f6.js
js.driftt.com/core/assets/js/ Frame 3D04
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
83a1088237eb2a988a69f8db6a56993c1d49b151f51b557f9e0474781e574382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id
1P82BNX74XsNPu3eys_SW395jIzb0Ina
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
919076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Mon, 11 Mar 2024 20:13:32 GMT
server
istio-envoy
etag
W/"48be90169fe0ba4b6b870650832b40b6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xmCuNIGFBIM3GVpMWFUr1rdhw6X6gEwcVIok0kSenK6oWzV9oY56AQ==
9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
35 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:47 GMT
x-amz-version-id
xDLMc9.vfMRinFJv17uWwlTUqFMyHh91
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512754
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
last-modified
Tue, 19 Dec 2023 18:34:39 GMT
server
istio-envoy
etag
W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
s0oeoLAcl3wZ0rgQAcWjZLvWUZ5G-2rIeI8jAHVtOkmb5b3hJjDnWg==
main~493df0b3.9e1d5232.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
7 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.9e1d5232.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
9dcb7df984f468cee4f41f0e76ea672a02601350aefe9bccffa7bd0120782941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
rlUjojg2gTbtwdGP_pdjObQJE7FQKLQJ
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Fri, 08 Mar 2024 21:52:28 GMT
server
istio-envoy
etag
W/"73b9f4a9eb62a2176090bf9c21a639a7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
airrgMeueA5lg9Hqp99n7m5-bGw92GIgqR_wvZTygq7hOmGWwFFcAQ==
runtime~main.116b73f6.js
js.driftt.com/core/assets/js/ Frame 25E4
6 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
83a1088237eb2a988a69f8db6a56993c1d49b151f51b557f9e0474781e574382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id
1P82BNX74XsNPu3eys_SW395jIzb0Ina
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
919076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Mon, 11 Mar 2024 20:13:32 GMT
server
istio-envoy
etag
W/"48be90169fe0ba4b6b870650832b40b6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
_sL5iTuh8md-KQU0OHx1InTjDMxfVvu0to7mxb8nOTw9kyr433m-CQ==
9.4a3e9801.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
35 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:47 GMT
x-amz-version-id
xDLMc9.vfMRinFJv17uWwlTUqFMyHh91
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512754
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
14
last-modified
Tue, 19 Dec 2023 18:34:39 GMT
server
istio-envoy
etag
W/"c6f58dd3d60f07462254b842dd4f9ca1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bmYI1JCw8bC_iUPMYSQoO630V3wMchIsaQBS4q5H3CeFdnEVPy3BXA==
main~493df0b3.9e1d5232.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
7 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/main~493df0b3.9e1d5232.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
9dcb7df984f468cee4f41f0e76ea672a02601350aefe9bccffa7bd0120782941
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
Origin
https://js.driftt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
rlUjojg2gTbtwdGP_pdjObQJE7FQKLQJ
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Fri, 08 Mar 2024 21:52:28 GMT
server
istio-envoy
etag
W/"73b9f4a9eb62a2176090bf9c21a639a7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Cz-55oYsDNOf7h7Nt8FwIwfh7xJk1hFIKXuR4plPwygMcHDBHBatOA==
equallyai-widget.css
widget.equally.ai/ Frame 9B20
32 KB
7 KB
Stylesheet
General
Full URL
https://widget.equally.ai/equallyai-widget.css
Requested by
Host: widget.equally.ai
URL: https://widget.equally.ai/equally-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
652efd827c7d4bdbc5062da31da261ea6aff861b1735ab640eb5aea11e52deda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 07:03:02 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
17300
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"f36e46b286460d4bdf52555bcf3c77fc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
Kcqh2DKuekzTQwPi6jg_6ZcB7Jv1l1-ssxCIunKKDHSLfohHdZYW0A==
52.b1edaf4a.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
23 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
O2lV9BfAoMGuWCy5h2KZx1r2hHWHdRQH
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
24
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
bc_RAy6TOb0GQ2PcvX82YRdOSaCbFSz2JGAhGcNVURX1ipFIn_4bQQ==
35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
36 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
sgEYGmeR8Py6tciS9o0uWaEb0DViiRFb
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"46fa5a7bc37a22544a908e4ad950309c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
3aJ_4LwTAp73SMkxFmyoW8zBdrVoP_4TlX5VMX7hni3906-avAAr_A==
22.6b9a301a.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
32 KB
11 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
DvJ7CLlBPxNj4KV_C1b2ZR1X9H2QpJXV
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"d8739a9fe9a3a42936f5cd86c8727494"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
jDdEAr3OD1oQEy1YzBP68U6DL9ziHzvDuwXUuxw30gbEdtnYBet5sA==
19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
17 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
TS.9ApOzy..rylGKiVPdLcCX5dJ9HsBw
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iVVxYpZTeUcv9n_ff6mK2TQD8uEaUesptYLHFv1f2urn37O0nUQydg==
43.7ac85d58.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
25 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/43.7ac85d58.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
kSQfBnXe3RrQ76A7.epJ9X5L3Vb2TouI
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"48be1563378f7c36bdadc0f2eb616856"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
TeRxrXzEF1gcDyjH8YQCGMFbwPidLN6-uCaAHFq1K0uVXo6qU9mWxA==
20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
74 KB
23 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
4VyxTF9cOmpvyHPO7jaWSto1hTdtU.sl
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
45
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xXlfcmk2n1a3X9vpD0e1eZz2snO6hTwEKB6wneRB8hrjSZJJ8YWRfQ==
26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
66 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
cqsMaYjOHahH71A7EXhyHFywLOEay3sx
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
32
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
NZ1O47oYbsMXoaDPVx9AqKke6oKxHxUWowQyQTYlv68b_G9VgdamEw==
14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
91 KB
28 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
iLluOjfpMSRsML8bOSqA9V8JfTEqMP9L
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
20
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"16d7ae86e21434a32157d3226ac9bb77"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
eD54GfteEwmKqCEJkt4bK4rzsU_j_fgZVPxSWNh777zuUAycjORAvg==
11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
23 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id
fTPxsmx5We5V2pMGDl1ykjBzTcYFF2dc
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
5804391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Thu, 11 Jan 2024 23:20:32 GMT
server
istio-envoy
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6EEw42rcM0x4yg8eOLLkukMD0C9JEBjlpSfMB4urwYTqV4RbaDrJtw==
18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
62 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
q8W9FNPLIM8OX5drRDX0sp4TnKuKPMbY
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"02f09379c544befa413d22eb57ed41de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
G-E8hGI5ZEaPz6qzy--LpMo7LDPJAXO783beEES6JOb8pYCFjDJ-NQ==
50.de3b5864.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
105 KB
34 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
BecLvOdVAWkrJUptshR_Vz6xe2maTdmW
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"114785899ceb423273fcc17aaad202e9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0NnF7thT0fxS5y4-pZw4qv33lrHV4nZOoc-P854IlLHmx88zroYtbg==
42.f634da7c.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
12 KB
4 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/42.f634da7c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
df3b4f7ee9b54dc67162d74792e3906d8888a0a83068b490fb6830cc6954d5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
vXeKg.tGpOUOXbODWyYzAbmB8cSGPgwQ
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"c65db597e762d33246cfbec56b886523"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
sYRzBVUOoZOE90sLGclAVcOfjJU6gldfj_tdpGuRUblL4udFp09oKg==
29.31d09948.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
13 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/29.31d09948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 02:39:00 GMT
x-amz-version-id
sy2gXVIBAtxn_z6EcojE2GGUK5H4qzOW
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
10055541
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Tue, 21 Nov 2023 16:21:41 GMT
server
istio-envoy
etag
W/"455157cb49065fb85fed54901ddaeb0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Hzcz_uf8vZsST2aiVLVWMSk_p7_5P3O9pXK0exChTXGk2IVKLzMaMA==
21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
17 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id
mbKfJZbsWw.V.LuUA4S0Y6Eza3IzJhvH
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
5804391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Thu, 11 Jan 2024 23:20:33 GMT
server
istio-envoy
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tqhi2ptgiVUw-ehFpm0M3JZX-JDMzYp6hURbtVtQAMgQUdAphfet8g==
8.ab226b4a.chunk.css
js.driftt.com/core/assets/css/ Frame 3D04
31 KB
4 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:38:16 GMT
x-amz-version-id
Iy50rWLvnka9klYMF5qa_8hsgho0e_uB
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
4803185
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 26 Jan 2024 18:11:46 GMT
server
istio-envoy
etag
W/"1e97f00f07b87f701d0bf06259f954e4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
qrD_8GUMxVNZD55VYEzAZ9SgptvUpTpDFkIwgWd82IZZIq62qPoLtw==
8.936ecc7b.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
82 KB
26 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/8.936ecc7b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a6798144639128186f875d40209d2974025f20d7e11247a15ae93a943fbc5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
FQouIpJB67.TtbWNnCfyFf1DGTjBcG.T
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 08 Mar 2024 21:52:28 GMT
server
istio-envoy
etag
W/"f5556c13c2079425542f4c096b2ce080"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
U7ygSccDocVn8IchODlBbQrtluAQwP4cqAqYOXQYjeUazgFnk3eXkw==
16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3D04
24 B
698 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 10:04:47 GMT
x-amz-version-id
oL98YdzlpaGyxUOIAT2tnEGpxnQwpHij
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P6
age
7523194
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
13
content-length
24
last-modified
Tue, 19 Dec 2023 18:34:35 GMT
server
istio-envoy
etag
"0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
VXNUD_WUJLgqvMjFH7F1CNEddJyQ7XqTIep6FFJ_UstG34REtM0NwQ==
16.11fbfe91.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
93 KB
24 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/16.11fbfe91.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c0bb47b69b5ee22057a3c661e95661c72aff43895a545655c818884c341a989f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
z3o_HHOeuy1UElwxf68oZYXhsU2pCtPK
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 08 Mar 2024 21:52:26 GMT
server
istio-envoy
etag
W/"648b5bf0ecc273c631d2a26fe0984dc1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gOmUL3kPObXcmKM2hJIrJ6vTkHvc6N8u-HyIDSIwgejrfunlGlQF9g==
24.efe55fb2.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
51 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/24.efe55fb2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4e098a9d431d9fc4e4cb77057760ff506fd0cbbcfbfce59f1c30d88f8fa01be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id
zLPip1evuIT3lMB0y7bldjjKQGFoZPDc
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
919076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Mon, 11 Mar 2024 20:13:30 GMT
server
istio-envoy
etag
W/"33a0f37f879cb0561d6751c995d660a7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
NBvfIBdH-3L3PiuA3QvKmRLDQkUfp01C_dTIQh0JgDTjTnyVr7wcqg==
17.37d97059.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
41 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/17.37d97059.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
796519ebc8d7edbcb37a42b98be60ed304998eabdf8d26fa2f60b41331d0a627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id
Gratp3sycpdqsaiklnAY8j0B1idZrtk6
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
919076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
41
last-modified
Mon, 11 Mar 2024 20:13:29 GMT
server
istio-envoy
etag
W/"dade390e0df80c6f2569b3f376adfd1f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
rZVCq_5l8NS1eEdv-zNn-doMzpZ4Jm7SnR_TkDW09svBUkn_ph6ZPQ==
en.svg
widget.equally.ai/flags/ Frame 9B20
1 KB
969 B
Image
General
Full URL
https://widget.equally.ai/flags/en.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8f57ae36e7533f330d488d78955b84759053d8890dbc12a940f5f16c0169c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"ebf36f856cee41bb0004b1be873bc62f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
UFWr50_GsfPj9iQfI1pUe77nc5nfPaXnoAcCQj4Wea0Q8Lq6BSCKRg==
es.svg
widget.equally.ai/flags/ Frame 9B20
148 KB
36 KB
Image
General
Full URL
https://widget.equally.ai/flags/es.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"ce15a45bbe7193fd267a2b79f695f851"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
9sXYFy4B8MTdS4l33QVqKvo5zQB_kpF78rvXF93LXesJqVbQrKi3ZA==
de.svg
widget.equally.ai/flags/ Frame 9B20
411 B
908 B
Image
General
Full URL
https://widget.equally.ai/flags/de.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:58:00 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
71602
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
411
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"53d375e4d05c0f07c61381c149666a95"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
e1kO5ims7w4ts9JzJV-7-xDvRhCJrGHjp_i5AtHEWtXbfjAWyENaJA==
pt.svg
widget.equally.ai/flags/ Frame 9B20
11 KB
6 KB
Image
General
Full URL
https://widget.equally.ai/flags/pt.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"3db75d5500aac310ba9be72fe78c09a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
_GMZmig3FkIxxjnXT9BPBPA3xaB4XRrCKGWJXGSOy3MUnGWVAuaAAA==
fr.svg
widget.equally.ai/flags/ Frame 9B20
468 B
984 B
Image
General
Full URL
https://widget.equally.ai/flags/fr.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:31 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
468
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"aba229ec8b9399af14875fba8715b4e5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
c5zeJVkBbF-CNrnUPWXrCwLt8rjWFyMTr9Z1CSDOe4j2pIboRZZtlQ==
it.svg
widget.equally.ai/flags/ Frame 9B20
202 B
713 B
Image
General
Full URL
https://widget.equally.ai/flags/it.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
202
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"4f6374bbba141514028cfee25e6b8b50"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
1DhIc1mPt6ieBs029ru7qoKLtTAM-9MdWlOpGUk4YiBUUW7bocaOBw==
ru.svg
widget.equally.ai/flags/ Frame 9B20
232 B
728 B
Image
General
Full URL
https://widget.equally.ai/flags/ru.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:28:19 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
84183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
232
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"8c35008bdd453eb7092e5589433ee345"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
tS1iloszqb894jTGc3-5AS8bgud80TTuvpFRIg_ohIMSyCNHyuLtSw==
nl.svg
widget.equally.ai/flags/ Frame 9B20
175 B
689 B
Image
General
Full URL
https://widget.equally.ai/flags/nl.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
175
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"5f6ef944bbde5608a5cfd566abc3a61a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
XohCP6AGcp2qJka_RTviUnE5mjuQ3vHfC-GUddmhu1C4ekuB6nwEMg==
pl.svg
widget.equally.ai/flags/ Frame 9B20
142 B
639 B
Image
General
Full URL
https://widget.equally.ai/flags/pl.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:58:00 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
71601
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
142
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"e2afe0f6676f52f2142f71e9b3570e81"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
9CfAXwQIaXb7LZiVOro3m1y7bhpUUnWD9WG6LZq-M7Jh6FdQoNukbA==
bg.svg
widget.equally.ai/flags/ Frame 9B20
294 B
807 B
Image
General
Full URL
https://widget.equally.ai/flags/bg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
294
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"d35abad4c97cd9e2b3cc342cb745d11d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
IbKv1DVfrCdey8n2OyfIIQovV2Znt7WPfsjBjZttcWzCjuaSS3b_KQ==
he.svg
widget.equally.ai/flags/ Frame 9B20
856 B
1 KB
Image
General
Full URL
https://widget.equally.ai/flags/he.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
856
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"39aa6f7e5890377271d5434c4f76386b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
T4Aown29-xcouqpxHX4uEyD_N8MrBedtblZX8nJW-Dg0zlnb0DJwcQ==
cz.svg
widget.equally.ai/flags/ Frame 9B20
212 B
708 B
Image
General
Full URL
https://widget.equally.ai/flags/cz.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 12:28:19 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
84183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
212
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"047e732decd62b9d3ce350a2cd8f4de6"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
8LmcMe-QdEJlBkHAMexWm1tNboY4ZZAtKx6zzqKxRJVdu3K1HpUkcg==
dk.svg
widget.equally.ai/flags/ Frame 9B20
222 B
735 B
Image
General
Full URL
https://widget.equally.ai/flags/dk.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
222
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"c0cd63470ccdd66eb1b70437c4897d2e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
wqZOuQkfV-SYnecOPgrEns8s0nyTkaW29UHRWqE5opvwoaL_YG2Hzg==
fi.svg
widget.equally.ai/flags/ Frame 9B20
233 B
730 B
Image
General
Full URL
https://widget.equally.ai/flags/fi.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 15:58:00 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
71601
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
233
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"079f4bcbd1f4a3a2ac55d1071961eaa4"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
oI7RYBCx0F3VCrS1R_mLwwsqyHJLTy1L5IRZmc47SCCEzJGd5CTwzw==
se.svg
widget.equally.ai/flags/ Frame 9B20
216 B
712 B
Image
General
Full URL
https://widget.equally.ai/flags/se.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:31 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
216
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"1f642770ccba1a8f5948ac69923c15ba"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
zgheBZgXmURo7hpb1tzCf3NkK-D0g5ZKMWuKHNdVxVUDfnue44Jz0Q==
lt.svg
widget.equally.ai/flags/ Frame 9B20
178 B
691 B
Image
General
Full URL
https://widget.equally.ai/flags/lt.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
178
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"60ce52ef375f0a7bf84149719ad6a8e2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
9Rk9Q10_K3xg_SiUhwjx_pdsTuVavBUXU7d4ZZkfgAEFKabvKtxpIg==
ro.svg
widget.equally.ai/flags/ Frame 9B20
178 B
694 B
Image
General
Full URL
https://widget.equally.ai/flags/ro.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:31 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
178
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"a9e8cdfefb0cb78dfe786276f500656a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
TkGsMEZWWTPSeCvxn_CLcNw8YMI4gERQPXdyy2lbf-eeeXVcagf6WA==
gr.svg
widget.equally.ai/flags/ Frame 9B20
206 B
721 B
Image
General
Full URL
https://widget.equally.ai/flags/gr.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
206
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"abd7d677957e863655f6bc059dbaebfb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
8CBqEwyjkUfzfqXyJon4MBts5rQY4sO9XZzmZ3NLu5HZClBL7i5gNQ==
hr.svg
widget.equally.ai/flags/ Frame 9B20
66 KB
29 KB
Image
General
Full URL
https://widget.equally.ai/flags/hr.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"f4e06f4da88eab5e630a6263b8f5ebdf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
0B6jHRJcpox4nIHisI32qbWo4KTJvKXYRSxVoISRD4Vq43FljBEbgQ==
lv.svg
widget.equally.ai/flags/ Frame 9B20
138 B
652 B
Image
General
Full URL
https://widget.equally.ai/flags/lv.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
138
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"12cebcfb5d166f7cd2b6a3fb48c0924d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
jj8m8TqmPvNmqqr_9DzpaqZhZTbt1aXKpQyxgMzbWa4kZk_92mxUiA==
sl.svg
widget.equally.ai/flags/ Frame 9B20
2 KB
1 KB
Image
General
Full URL
https://widget.equally.ai/flags/sl.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4fda18694f1e60c937933eebd752cc3ed0701652f0dfca84677c3267b26db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:32 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76730
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"9b4bb3b189e8285e10fc2637df225958"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
2d37rpTipD9kSnKfiOxUWgLGYpRnvxUDqmTYoQblMJQFmgyFyowUtg==
mt.svg
widget.equally.ai/flags/ Frame 9B20
15 KB
8 KB
Image
General
Full URL
https://widget.equally.ai/flags/mt.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5c2eee915ed72695afcc7898018bf57c41e62c9b7b964e8de8bbbec9e895d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:32 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76730
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"66e76e37d320e1ef728362a420f7eb3e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
CNmmsjFEXnkn_JCqFbEEIB9CdsvRvRQ2hKcvKFb0zoilYjgVsjK33g==
sk.svg
widget.equally.ai/flags/ Frame 9B20
1 KB
1 KB
Image
General
Full URL
https://widget.equally.ai/flags/sk.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
645f75dbf15f9931d4c25509f2d3b55e8be7d97209957535382ecfd96658d7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"45bde9f51532f5f7cc44fa912e57fa26"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
VX4cPqDZppRvHQd7s84AnatkGtcpwwHz9qShfakbZyLkEerAvE-5zw==
ar.svg
widget.equally.ai/flags/ Frame 9B20
28 KB
11 KB
Image
General
Full URL
https://widget.equally.ai/flags/ar.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0b36326e3e5b74624ee8b5de8273ea00f7bbe9b5ba0da6250cbe7b3c637505e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"1b79db27bb882afead5050e6fa59818c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
uaWvqqMImkz6c3nuK2ySWDImz-IbJiXd748Y_SE3fLpVrp_6EmZoGA==
ja.svg
widget.equally.ai/flags/ Frame 9B20
209 B
705 B
Image
General
Full URL
https://widget.equally.ai/flags/ja.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 14:32:32 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
76730
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
209
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"a1e1ea513a3fcd801e85db4373ce8cd6"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
c7brvNXmvZ-32RJIqjg55vNWNvGWtq8Q3UdsV0XNw58OkMC1aaAxlg==
zh.svg
widget.equally.ai/flags/ Frame 9B20
589 B
1 KB
Image
General
Full URL
https://widget.equally.ai/flags/zh.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2992931db929f1541337b2427833930743899025888d5df0cd8359179c3a6eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
589
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"70f58c27d22d2fc42e3ae42109a6165b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
CSNEhsE8wEC_q-7jhIRlRHVu3mLqoF1jNbTg7buVLeC0fIF0f6gMjA==
ko.svg
widget.equally.ai/flags/ Frame 9B20
628 B
1 KB
Image
General
Full URL
https://widget.equally.ai/flags/ko.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557804ca07c2ab312bddc4c711c548563a1302a25eeebbff8dae19cbd4cc5e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
628
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"10679d585c351917622b94494b8a0329"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
CGGIxSHqhGc3P0o8EgcCadOREpW6LdlQAPI8HLlHJT2nbEVDaazFqQ==
sq.svg
widget.equally.ai/flags/ Frame 9B20
8 KB
5 KB
Image
General
Full URL
https://widget.equally.ai/flags/sq.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e223abdb13c475b827e74fa29a44a98e26675402fb46513eadc875faca72305e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
content-encoding
gzip
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
W/"9ca1e7c55a76c6f0c5b34c29ed911c8f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
8-SsV9_rpAiiRV93jkNFXwLGsJe0lPcBVMG0pBeTgWCDJTJ1qRXODg==
mk.svg
widget.equally.ai/flags/ Frame 9B20
416 B
930 B
Image
General
Full URL
https://widget.equally.ai/flags/mk.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-108.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a9c8a96b2d409c2295838d5e7c6182170f35aba3ec747dc2a818b96d8e8b23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:03:16 GMT
via
1.1 58efcae4bc8b2ca09d46ef20409fc8e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CDG50-C1
age
6486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
416
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Mar 2024 18:01:30 GMT
server
AmazonS3
etag
"93c15186533262b4a99e531c484d4459"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
oSaw83jwb_3LA4WPPiEBbIiF7VitX1M2vXjMS4Oa_VTh5GgX1FfAhw==
img.gif
b.6sc.co/v1/beacon/
43 B
484 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A20%20GMT%22%2C%22timeSpent%22%3A%221067%22%2C%22totalTimeSpent%22%3A%222068%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:21 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
52.b1edaf4a.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
23 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
O2lV9BfAoMGuWCy5h2KZx1r2hHWHdRQH
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
24
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
lhcNHgFtkwuDv3k8bPN_k8sYPR3KWdRyFF47jNVBldVAcMhYCO5IeQ==
35.d0f1ccda.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
36 KB
10 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
sgEYGmeR8Py6tciS9o0uWaEb0DViiRFb
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
34
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"46fa5a7bc37a22544a908e4ad950309c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
HoLivGAbfycF_wB10X1tXzw4WHeSYU0audeURNdJCPxgXbGrKwpZBg==
22.6b9a301a.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
32 KB
11 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
DvJ7CLlBPxNj4KV_C1b2ZR1X9H2QpJXV
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"d8739a9fe9a3a42936f5cd86c8727494"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ygTO4RBOS-0zL-QkSN2EfSb7adVOCItW9q71pxITvKTZVe5UJaECSQ==
19.6f85b843.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
17 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
TS.9ApOzy..rylGKiVPdLcCX5dJ9HsBw
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"e28ebc3391b56e8f01ea063dc089e9d3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
hq-wUJQhNz5FO8DZaHetUefO1qgjq0zL-PIuj6QTEATZrPVxcQBrag==
43.7ac85d58.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
25 KB
8 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/43.7ac85d58.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
kSQfBnXe3RrQ76A7.epJ9X5L3Vb2TouI
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"48be1563378f7c36bdadc0f2eb616856"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Ms7TqJJ1CjB63VrZs6R4pffpt6_wgd0HVRwL6oqQj5rw68zb_D_hbQ==
20.8c21ea18.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
74 KB
23 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
4VyxTF9cOmpvyHPO7jaWSto1hTdtU.sl
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
45
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"6d77a76055d81227033363af2f18caf8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
0zFc4CUoGb7sL_DACkUCyI703-_iRw24qPy95aAbIad14x-5GRqspw==
26.04e7f30b.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
66 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
cqsMaYjOHahH71A7EXhyHFywLOEay3sx
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
32
last-modified
Tue, 19 Dec 2023 16:15:24 GMT
server
istio-envoy
etag
W/"49ce5445ddcf5d24ef3badc4eb1a11dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fDEast2nTsG-edQsBtodgaYWBFpT2nY67FXnNmL_8OSDdvZCxydXDg==
14.e24a6190.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
91 KB
28 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
iLluOjfpMSRsML8bOSqA9V8JfTEqMP9L
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
20
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"16d7ae86e21434a32157d3226ac9bb77"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fDe2hG0mUyZasr6qFh_wDB9MLzchUwtANLUOLhOwkgzO53edLFRtHQ==
11.639238ba.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
23 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/11.639238ba.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id
fTPxsmx5We5V2pMGDl1ykjBzTcYFF2dc
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
5804391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Thu, 11 Jan 2024 23:20:32 GMT
server
istio-envoy
etag
W/"4049f38c00add1738dc4806148ff8829"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
3oGJm9GxjMKVmujsbffyKAKCoeDUTs5h2mi6uQeUSRZZ0ePbCzJspQ==
18.9c1bd1fb.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
62 KB
20 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:48 GMT
x-amz-version-id
q8W9FNPLIM8OX5drRDX0sp4TnKuKPMbY
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512753
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Tue, 19 Dec 2023 18:34:37 GMT
server
istio-envoy
etag
W/"02f09379c544befa413d22eb57ed41de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
nIjMfBntQwE8tv_71Jnem9EvTjU6fK2ipbrrj3UF2OezewJd6XsvdQ==
50.de3b5864.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
105 KB
34 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
BecLvOdVAWkrJUptshR_Vz6xe2maTdmW
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"114785899ceb423273fcc17aaad202e9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4NYoNCclRkzXaY9UloSeVtfbjRQWuABjVr943yhtsnWd6CaTRgbnyA==
42.f634da7c.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
12 KB
4 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/42.f634da7c.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
df3b4f7ee9b54dc67162d74792e3906d8888a0a83068b490fb6830cc6954d5c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
vXeKg.tGpOUOXbODWyYzAbmB8cSGPgwQ
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"c65db597e762d33246cfbec56b886523"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
IhxVlh22lm8G4y7eac9NfLkIAK4Mz3IlYKuOnNN9w1VXResoRLLXng==
29.31d09948.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
13 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/29.31d09948.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 02:39:00 GMT
x-amz-version-id
sy2gXVIBAtxn_z6EcojE2GGUK5H4qzOW
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
10055541
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Tue, 21 Nov 2023 16:21:41 GMT
server
istio-envoy
etag
W/"455157cb49065fb85fed54901ddaeb0e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
PV7ztMwryhavZ6XkhWqgc010ZRL35qOwJSCPHGqJbxyQBgFxhrltZQ==
21.b8c41db9.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
17 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 07:31:30 GMT
x-amz-version-id
mbKfJZbsWw.V.LuUA4S0Y6Eza3IzJhvH
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
5804391
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Thu, 11 Jan 2024 23:20:33 GMT
server
istio-envoy
etag
W/"65e5c965272e021ae33ff8bc39565ef5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
v3QCqtuvLW0bkwHnztGF4K0Nlsg9qF4lKRuJwiT0dm13XbCJ3doCeg==
8.ab226b4a.chunk.css
js.driftt.com/core/assets/css/ Frame 25E4
31 KB
4 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/8.ab226b4a.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:38:16 GMT
x-amz-version-id
Iy50rWLvnka9klYMF5qa_8hsgho0e_uB
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
4803185
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 26 Jan 2024 18:11:46 GMT
server
istio-envoy
etag
W/"1e97f00f07b87f701d0bf06259f954e4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
yV9TKHecbk8ad2d5lgnL2wdlRz6XncJFZ6IboeJr3qRlsA8Jj5njOw==
8.936ecc7b.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
82 KB
26 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/8.936ecc7b.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2a6798144639128186f875d40209d2974025f20d7e11247a15ae93a943fbc5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
FQouIpJB67.TtbWNnCfyFf1DGTjBcG.T
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 08 Mar 2024 21:52:28 GMT
server
istio-envoy
etag
W/"f5556c13c2079425542f4c096b2ce080"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ak2eOptDz3Uv9XtVuC3QssxzZeJrEc_iTyYW8AZD9Kkznrlp3w_lOg==
16.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 25E4
24 B
695 B
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 10:04:47 GMT
x-amz-version-id
oL98YdzlpaGyxUOIAT2tnEGpxnQwpHij
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P6
age
7523194
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
13
content-length
24
last-modified
Tue, 19 Dec 2023 18:34:35 GMT
server
istio-envoy
etag
"0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
sh4woCMEQedhimEIiM29XcH_b9nWq6ziRcPrfmOjrN133FtfVsDCCw==
16.11fbfe91.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
93 KB
24 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/16.11fbfe91.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
c0bb47b69b5ee22057a3c661e95661c72aff43895a545655c818884c341a989f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
z3o_HHOeuy1UElwxf68oZYXhsU2pCtPK
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
last-modified
Fri, 08 Mar 2024 21:52:26 GMT
server
istio-envoy
etag
W/"648b5bf0ecc273c631d2a26fe0984dc1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
KFPRqGNmj7YFPiDY1yQRj21Ik_p5716D82jHfLJgc_Fx0IVPjj4P4A==
24.efe55fb2.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
51 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/24.efe55fb2.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4e098a9d431d9fc4e4cb77057760ff506fd0cbbcfbfce59f1c30d88f8fa01be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id
zLPip1evuIT3lMB0y7bldjjKQGFoZPDc
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
919076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Mon, 11 Mar 2024 20:13:30 GMT
server
istio-envoy
etag
W/"33a0f37f879cb0561d6751c995d660a7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dNHocyPPCLsprCl0zVYGwoVPLpeoWcLk9ww6ZmddOU_vDci2mb2OrA==
17.37d97059.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
41 KB
13 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/17.37d97059.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
796519ebc8d7edbcb37a42b98be60ed304998eabdf8d26fa2f60b41331d0a627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:33:25 GMT
x-amz-version-id
Gratp3sycpdqsaiklnAY8j0B1idZrtk6
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
919076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
41
last-modified
Mon, 11 Mar 2024 20:13:29 GMT
server
istio-envoy
etag
W/"dade390e0df80c6f2569b3f376adfd1f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
2PLWc0C1JlX-xXh7T7wfsatCgpnYeql6sruRaK2OONmMmh2rmp2J7Q==
results.txt
yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvkijt88r
  • https://yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
184.86.251.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-90.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:21 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Fri, 22 Mar 2024 11:51:21 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvkijt88r
  • https://fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B
XHR
General
Full URL
https://fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 11:51:21 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Fri, 22 Mar 2024 11:51:21 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
9 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:50 GMT
x-amz-version-id
wIYiMMOv59k7p4Fbql5xBCm9H7moGtf2
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512751
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Tue, 19 Dec 2023 18:34:36 GMT
server
istio-envoy
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QRhht78qenWSO1aV4sYDD_N2gQueA_lEl02f-PhdUQBEq6HmJ4yTYQ==
31.c043863a.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
27 KB
9 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/31.c043863a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7236ba4d18121d1c1e55329fd2110eb585b49ded5d66b2fe461f15369c7d3dda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
xQshf8Fb.UbAzXwlaVlUWAyR86uYq5q8
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"80a16a7469ece9a85df7ac8d39605662"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1J7mZ2eaET_km72eIEfZnC950yJ6q9sqfplQz1o_TQZHk_enuzpJ5A==
27.b5e8f5e1.chunk.css
js.driftt.com/core/assets/css/ Frame 3D04
8 KB
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/27.b5e8f5e1.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 20:33:40 GMT
x-amz-version-id
zyzXY0HiUV0Kx0xDA0irOuT14sRG0uSI
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1955861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Wed, 28 Feb 2024 20:09:21 GMT
server
istio-envoy
etag
W/"e7107bc29ccb3c6d928f0f8f10a0f22d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
pnR2XT6Ab8tbt0Hr8ogtTYp8wsJr1AyJlTnaDG415uVIf2IEhZIUIQ==
27.42a90a1f.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
15 KB
6 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/27.42a90a1f.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
b781a271d23f8fcb33421408a4ab099770b32368548f88c651c0fd1c15cb2a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
uqJrHTB3r0l.Z3re932SJbB_rTNlMYGC
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
16
last-modified
Fri, 08 Mar 2024 21:52:26 GMT
server
istio-envoy
etag
W/"3305c113acc7be7b8411abd6abfa37ba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
gTt9D7iaT2O6PLJcJuDnGsDZOgPeIz8V3UcShSgjT_1J5l9WQTwx_Q==
25.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 3D04
365 B
1 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/25.c695453b.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:03:54 GMT
x-amz-version-id
0H7FjD7Jl9xIJbAVeMxI..hCPUWnSz0t
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P6
age
10021647
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
17
content-length
365
last-modified
Tue, 21 Nov 2023 16:21:39 GMT
server
istio-envoy
etag
"06b2963b029c0824382815165bfea73e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
L00q8dk_q6kPjg2X2rjgO2SnUYDuLA2AmmBGorG3WgYvLZmJtdwvtA==
25.9b0bf998.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
92 KB
25 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/25.9b0bf998.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
8dc3ae7b3048c6650ce35b4258f8e6486d181292ce9a851ba91e9a8cedc8c992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
w1vYVnqvPS7c1kB_xxUXFRcMNruM5sce
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Fri, 08 Mar 2024 21:52:26 GMT
server
istio-envoy
etag
W/"93cac7762688667f0d703a16f04812a7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
7YTgHCWsdYevD2GPB6ZRwdZWWaHYt1FTQe52VRmXD8eKvCNsJ6SwPQ==
39.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 25E4
3 KB
1 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/39.11d2b6a7.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:10 GMT
x-amz-version-id
UcZhIKxPiJynhkWzqWd9d6dr.VpqzWB3
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
20
last-modified
Fri, 08 Mar 2024 21:52:24 GMT
server
istio-envoy
etag
W/"87532c4db85f1429fa6d759bc3332f36"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SmquDbwv1Q-sZg6QtHj47jRgog0EIdOytUHnlusw19ZKtzF6Dh8aTQ==
39.f1d268f5.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
3 KB
2 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/39.f1d268f5.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
9373a860524d692ce81c1f8f266b511cd597a7f1dbb9fb674c57a303101c21bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id
uVEyZ5tRXLdtqtE229DGMUJWzGeJV7TR
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
45
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"b5201ff04da30312910b71e1da072dd2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
a9oj71mb_DU9seOKcQm1GYqGLTK2jPiarjJpgHmzp7VIY--m8Pj7Kg==
0.0b2ebd4a.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
9 KB
3 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 12:58:50 GMT
x-amz-version-id
wIYiMMOv59k7p4Fbql5xBCm9H7moGtf2
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
7512751
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Tue, 19 Dec 2023 18:34:36 GMT
server
istio-envoy
etag
W/"c5efcdc9e465604f32cf24af10fd6c13"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
4RFrPSgVqNtTwsbdbLe5D56J4S9SFcqpOaYCNxTXUN_meB0wQH5lew==
3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 25E4
7 KB
2 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:03:54 GMT
x-amz-version-id
Z3aGNvKDu1qrwflzzKzoomVmgF30.VOg
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
10021647
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Tue, 21 Nov 2023 16:21:39 GMT
server
istio-envoy
etag
W/"189aeffd571884559dababa22c66d75a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fKM1nQg58RhgQ5eD989iRP7gxN8lKwyQXPaJsJzpFAHywQDBmpPSkw==
3.2a4c7561.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
46 KB
14 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/3.2a4c7561.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
257cbdcb36feb3ef9bc1c5bdb9c777af5ae08f0834ece8a4ce5d74fbfeb7ea0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id
Ij0e.e6AkWNNfAhEvnGK4qzljUH2ysS9
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"2d79b64b95d2aa829a460e0d02cca148"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
r90qzjGqgF7qouesUneYwX_qrTgfGYzwQD4ObEiI44_3dAHHo40pPQ==
1.1bcc8082.chunk.css
js.driftt.com/core/assets/css/ Frame 25E4
44 KB
7 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/1.1bcc8082.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id
J9K9ed_T2U1DfO8_gHKqtr8IE2EyErto
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 08 Mar 2024 21:52:24 GMT
server
istio-envoy
etag
W/"3b8ba82e1bac13ee29e9764a55620d99"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
SX2eIGNZAO9vcfqWbBnTLpdNTgHwmEXZFYgOmL_M4ein1BOVgl03gg==
1.e85d7ac7.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
73 KB
25 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/1.e85d7ac7.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
be971140ab0a1717adb1a00cc77b30392799132f9493fa12e3ae6125c4474397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id
l5W_uQvW_IlwbRhp8acJTVWIqJn8bj5m
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
last-modified
Fri, 08 Mar 2024 21:52:25 GMT
server
istio-envoy
etag
W/"e6e6eb57e75c25c19fa49b6a49852936"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
KWa6CeEORmGpmI0F-VDbVH_aMJsERtFIyh1qt3sx2dYRb-ipLZg21Q==
28.812d5a7c.chunk.css
js.driftt.com/core/assets/css/ Frame 25E4
16 KB
3 KB
Stylesheet
General
Full URL
https://js.driftt.com/core/assets/css/28.812d5a7c.chunk.css
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a03b854d10519fd5be9cdcbc78fad3927c1a3de9e84fa74353c8a19cc20d0501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id
4DKwArnsEad_45FTV7lDarWR0I2cfneh
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
last-modified
Fri, 08 Mar 2024 21:52:24 GMT
server
istio-envoy
etag
W/"6f779260053e30787f84dfa7ba6743e5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6369SNVF77cSMPkb-dpPdek171Jkg7GW0CCpewBl8eYR8-w9ciptvw==
28.caa75eae.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
20 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/28.caa75eae.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
d51a4c1c5d8e010e04d9eb59e04242c20557bc928bc36e401c157a05c0171788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:11 GMT
x-amz-version-id
mC9SawLOV8oKr2SAmrqkSOSIj6G_pv_0
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
47
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"481aab9660002090188fee60921b6ec7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
sCZMuYrZGHlgMl37jPM9Dn_QZoByzrp246vOFhnBWEZ-Y2ShH5OOlg==
v2
bootstrap.driftapi.com/widget_bootstrap/ping/ Frame 3D04
207 B
847 B
XHR
General
Full URL
https://bootstrap.driftapi.com/widget_bootstrap/ping/v2
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-118.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
443746c308fe991b78c8f840b5e110cc95bb7e0f4a3964cc9484496e413f3d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Mar 2024 11:51:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
requestid
724dcdcf10c53517
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
8
content-length
207
server
istio-envoy
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
x-amz-cf-id
JsNRy8ACjL021e5bH0mM2osUehjfcCc1zpAN4UtZaOjN06KMzgXbiA==
/
0217991b.akstat.io/
0
228 B
Ping
General
Full URL
https://0217991b.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LJA84-589LU-SVNVV-WKPLQ-NBTC7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.trendmicro.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 11:51:22 GMT
content-type
image/gif
access-control-allow-origin
https://www.trendmicro.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
x-xss-protection
0
expires
Fri, 22 Mar 2024 11:51:22 GMT
v3
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 3D04
25 B
466 B
XHR
General
Full URL
https://metrics.api.drift.com/monitoring/metrics/widget/init/v3
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-7-188.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Mar 2024 11:51:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
15e525a43523fbf6
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
widget_bootstrap
bootstrap.driftapi.com/ Frame 3D04
42 KB
13 KB
XHR
General
Full URL
https://bootstrap.driftapi.com/widget_bootstrap
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-118.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
07042ba8c6ff983e1eeb048e4b5eb1ab9c9f9947dd5b4ee29d27fd3adc9cde8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Mar 2024 11:51:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
requestid
88deea435cd93088
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
241
server
istio-envoy
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
x-amz-cf-id
QES17e2RM-a1MGxOuk6-vwWZdWNtz8p6ErQoetvGIY8AeEaQehyMIQ==
img.gif
b.6sc.co/v1/beacon/
43 B
484 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A21%20GMT%22%2C%22timeSpent%22%3A%221005%22%2C%22totalTimeSpent%22%3A%223073%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:23 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
track
event.api.drift.com/ Frame 3D04
650 B
712 B
XHR
General
Full URL
https://event.api.drift.com/track
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-7-188.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
866ab9b157503b1d3294dd78d0ca32761ad1b9befdce4750a91f7190d7ed9df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTM4NTc4Mjc3MCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjE1MjY2MzIiLCJleHAiOjE3NDI2NDQyODIsImlhdCI6MTcxMTEwODI4Mn0.35NuEjLG1aiS-w9mjwJJ314TYp_IJcGdiek61aVJAZ1mCcbmvOCPq7EFULqHREjtpdJwAdzRTgGYKRGYrOw5ng
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Mar 2024 11:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
5102ab1721db431a
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
650
58.df4c0996.chunk.js
js.driftt.com/core/assets/js/ Frame 3D04
19 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/58.df4c0996.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
26326196e5083389665b95a2a6c859464aa25e3601dc062b01d6279095f2f25d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core?d=1&embedId=sv2uuh4gw3ms&eId=sv2uuh4gw3ms&region=US&forceShow=false&skipCampaigns=false&sessionId=31f78c90-f59b-4bab-b290-c543bb7b0822&sessionStarted=1711108281.406&campaignRefreshToken=8d4ac610-43c0-4d26-89c6-b86f3725db81&hideController=false&pageLoadStartTime=1711108278841&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:12 GMT
x-amz-version-id
MfNPO0hWIgB0HhAvUydp2VqfnGbeyUyv
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
95
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"accef82c4f6636ec26f17bd7b8068438"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dVXnSjSmfa4rs4hCVeTno1JDqxvvLRR7GpoBy1VQYl8t41NbPkgn_g==
58.df4c0996.chunk.js
js.driftt.com/core/assets/js/ Frame 25E4
19 KB
7 KB
Script
General
Full URL
https://js.driftt.com/core/assets/js/58.df4c0996.chunk.js
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.116b73f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-14.fra60.r.cloudfront.net
Software
istio-envoy /
Resource Hash
26326196e5083389665b95a2a6c859464aa25e3601dc062b01d6279095f2f25d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1711108278841
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 22:23:12 GMT
x-amz-version-id
MfNPO0hWIgB0HhAvUydp2VqfnGbeyUyv
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
1171691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
95
last-modified
Fri, 08 Mar 2024 21:52:27 GMT
server
istio-envoy
etag
W/"accef82c4f6636ec26f17bd7b8068438"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
H3XxiW51MPfFePH0X6bVvksIQ9VF85itgqqW6vOMKHouIkeAnWwa6w==
track
event.api.drift.com/ Frame
0
0
Preflight
General
Full URL
https://event.api.drift.com/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-7-188.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://js.driftt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
access-control-max-age
1209600
allow
POST,OPTIONS
content-length
13
content-type
text/plain
date
Fri, 22 Mar 2024 11:51:23 GMT
requestid
drift27feb374a8db56299ebe29a89d1
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
img.gif
b.6sc.co/v1/beacon/
43 B
484 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A22%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224073%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:23 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
bulk
metrics.api.drift.com/monitoring/metrics/event3/ Frame 3D04
25 B
112 B
XHR
General
Full URL
https://metrics.api.drift.com/monitoring/metrics/event3/bulk
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.7.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-7-188.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.driftt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Mar 2024 11:51:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
istio-envoy
requestid
77eee18640dd4bb8
access-control-max-age
1209600
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Results-Total-Count,X-Page-Info
vary
Accept-Encoding
access-control-allow-credentials
true
x-envoy-upstream-service-time
13
access-control-allow-headers
origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length
25
img.gif
b.6sc.co/v1/beacon/
43 B
485 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A23%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225074%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:24 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
484 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=810eb8f4ed8abcee5cd1e233263d8d3f&svisitor=null&visitor=0490d807-2da4-438c-8c42-1234a4273fe0&session=0759c10f-c2d8-45e6-8bb6-6dfe674982c7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Mar%202024%2011%3A51%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226075%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Magniber%20ransomware%20initially%20targeted%20only%20Asian%20countries%20when%20it%20was%20first%20detected%20in%202017.%20However%2C%20it%20resurfaced%20in%202021%20and%20continues%20to%20operate%20today%20with%20expanded%20targets%20around%20the%20globe.%20Magniber%20remains%20a%20significant%20player%20in%20the%20threat%20landscape%2C%20with%20malicious%20attackers%20likely%20to%20continue%20using%20the%20ransomware%20in%20future.%22%2C%22keywords%22%3A%22Ransomware%20Spotlight%2C%20Ransomware%22%2C%22title%22%3A%22%5Cn%5CtRansomware%20Spotlight%3A%20Magniber%20-%20Security%20News%5Cn%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.trendmicro.com%2Fvinfo%2Fus%2Fsecurity%2Fnews%2Fransomware-spotlight%2Fransomware-spotlight-magniber&pageViewId=897f5904-ed52-4b44-8726-a2442bcdb252&an_uid=0&v=1.1.15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trendmicro.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 11:51:25 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| dataLayer function| $ function| jQuery object| matched object| browser object| Granite object| _g string| GoogleAnalyticsObject function| ga object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| utag_data function| Cludo object| cludoSettings object| __core-js_shared__ object| Handlebars object| gsapVersions object| Back object| Bounce object| CSSPlugin object| Circ object| Cubic object| Elastic object| Expo object| Linear object| Power0 object| Power1 object| Power2 object| Power3 object| Power4 object| Quad object| Quart object| Quint object| Sine object| SteppedEase object| Strong function| TimelineLite function| TimelineMax function| TweenLite function| TweenMax object| gsap function| ScrollTrigger function| SplitText function| default function| UAParser function| id function| hasClass function| addClass function| removeClass function| closest function| debounce function| getStringDifference function| dropDecimal function| getPriceWithCommas function| allArrayElementsEqual function| isMobileDevice function| isLandscapeMode function| isIE function| isIE10orOlder function| superscriptSpecialSymbols function| matchSectionHeights object| TrendMicro undefined| html_org string| html_calc object| titleWidth object| CludoObject object| FilterListV1 object| FullPageTabs object| trustcenterNavObject object| tabs object| tile function| matchJWHeight object| newHoverHighlight object| bsModal object| verticalJumpLinkObj object| CludoSearchInstances function| MM_jumpMenu function| equalheight function| SearchText object| jQuery1124035443366022688383 object| accordionWithImageObj object| horizontalJumpLinkObj object| _gsap function| _scrollTop function| _scrollLeft object| verticalTabsObj number| iii number| topPostion number| currentDiv object| maxy_pathnames object| utag_err boolean| utag_condload string| pathString object| path undefined| anchorsArr undefined| anchor undefined| href undefined| len undefined| linkName object| mileStones object| ytapi object| scriptref undefined| playerCheckInterval object| utag object| _gaq object| pageTracker function| setMileStones function| _tealium_old_error boolean| __tealium_twc_switch object| teal object| utag_cfg_ovrd undefined| iframe_container string| iframe_url object| players function| onYouTubeIframeAPIReady object| start function| onPlayerReady function| onPlayerStateChange string| _bizo_data_partner_id object| _qevents function| fbq function| _fbq function| ktag object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| drift undefined| driftt object| _6si string| EQUALLY_AI_API_KEY number| intervalId string| gtagRename function| gtag function| twq object| google_tag_manager function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| quantserve function| __qc object| ezt object| _qoptions object| _gat function| lintrk boolean| _already_called_lintrk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| BOOMR_check_doc_domain object| ErrorStackParser number| c_start object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup object| regeneratorRuntime object| twttr object| MunchkinTracker object| a2a object| a2a_config function| a2a_init object| 3eiXJRXgVuLsYGH9303q object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked function| ttd_dom_ready function| TTDUniversalPixelApi object| ttdPixel undefined| EquallyAI string| VERSION function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn object| EquallyAi function| UET function| UET_init function| UET_push object| ueto_158b6cf531 object| uetq boolean| _storagePopulated string| EQUALLY_AI_VISITOR_ID object| ORIBILI object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory number| BOOMR_onload object| drift_audio_context object| drift_sentry_config

50 Cookies

Domain/Path Name / Value
.trendmicro.com/ Name: utag_main
Value: v_id:018e66004bb0001661e67230936d03074006406c00b08$_sn:1$_se:1$_ss:1$_st:1711110079216$ses_id:1711108279216%3Bexp-session$_pn:1%3Bexp-session
.trendmicro.com/ Name: _c1Ref
Value: /vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
.trendmicro.com/ Name: _gid
Value: GA1.2.824907187.1711108279
.trendmicro.com/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: ABVYu5lmXgY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gATvJ9odcmw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgVg%3D%3D
.trendmicro.com/ Name: _gcl_au
Value: 1.1.428215653.1711108279
.trendmicro.com/ Name: _ga_4502MK3B94
Value: GS1.1.1711108279.1.0.1711108279.0.0.0
.trendmicro.com/ Name: _ga
Value: GA1.1.1568980449.1711108279
.trendmicro.com/ Name: __utma
Value: 44797537.1568980449.1711108279.1711108279.1711108279.1
.trendmicro.com/ Name: __utmc
Value: 44797537
.trendmicro.com/ Name: __utmz
Value: 44797537.1711108279.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.trendmicro.com/ Name: __utmt
Value: 1
.trendmicro.com/ Name: __utmb
Value: 44797537.1.10.1711108279
.resources.trendmicro.com/ Name: __cf_bm
Value: cRyDAEUzOrBvQ.YRhsyr6fgIIinv.LmkQtToQGVAZc4-1711108279-1.0.1.1-TSXgEnvV_pfK4NanUQ3NtsUju9GVWDlMnIk1p0Zv91IUvRdNxVWND.XtW_dytOGdKQzpYg_qF92CzqDWvlBmAA
.trendmicro.com/ Name: _ga_9RTX7DD265
Value: GS1.2.1711108279.1.0.1711108279.0.0.0
.trendmicro.com/ Name: _ga_JSMMKXDWBS
Value: GS1.2.1711108279.1.0.1711108279.0.0.0
.trendmicro.com/ Name: _mkto_trk
Value: id:945-CXD-062&token:_mch-trendmicro.com-1711108279677-80906
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.trendmicro.com/ Name: _fbp
Value: fb.1.1711108279702.1316841011
www.trendmicro.com/ Name: _an_uid
Value: 0
www.trendmicro.com/ Name: _gd_visitor
Value: 0490d807-2da4-438c-8c42-1234a4273fe0
www.trendmicro.com/ Name: _gd_session
Value: 0759c10f-c2d8-45e6-8bb6-6dfe674982c7
.trendmicro.com/ Name: _uetsid
Value: 7f5b9940e84211ee9718a9f65fb39483
.trendmicro.com/ Name: _uetvid
Value: 7f5bbf40e84211ee8464f316402d35fa
.bing.com/ Name: MUID
Value: 335527B598916616070533FF99ED677F
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.t.co/ Name: muc_ads
Value: dfd67c96-3e5e-44f9-ac6d-adec084a4cd3
.twitter.com/ Name: guest_id_marketing
Value: v1%3A171110827982907373
.twitter.com/ Name: guest_id_ads
Value: v1%3A171110827982907373
.twitter.com/ Name: personalization_id
Value: "v1_O2/4Xar0t+ovRgNBvcj9hA=="
.twitter.com/ Name: guest_id
Value: v1%3A171110827982907373
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: li_sugr
Value: fab1e3ac-257c-4dc1-9fa9-766cfe4ca254
.linkedin.com/ Name: bcookie
Value: "v=2&01fc1dba-952e-41c9-80da-19fc5af33be2"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3183:u=1:x=1:i=1711108279:t=1711194679:v=2:sig=AQHHDr-vU0psQP6KkrZ6imk4ytwQfBV2"
.quantserve.com/ Name: mc
Value: 65fd70b7-eac23-26675-8d75c
.trendmicro.com/ Name: __qca
Value: P0-1645323638-1711108279465
.adnxs.com/ Name: XANDR_PANID
Value: f0I-TW5Z3TrxRBzNUoIkjVNvc7G_fYwvVhj6sLrvADO2g2MIHvL7gk627hkSrm4YOOrMVXGGrv0vwfr5l2Z33Xk6gBhI1fMhsiI6cnOxPrI.
.adnxs.com/ Name: uuid2
Value: 138656349698548073
.6sc.co/ Name: 6suuid
Value: b4641102d69d0000b870fd657900000096e56401
.linkedin.com/ Name: UserMatchHistory
Value: AQKYh4S3n0KzHAAAAY5mAE8Hbji__jJze49BADiR_oIG08F5pZuFN0iJfbaenPdJsNsN3lRb1Alc-A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIgI24PF-QTKQAAAY5mAE8HQ6XmR1n1E16EOq8pLNMhvqP6TZAkUeAd3YZ_Dn5krQnH7vYvSsL4LlGLWumMkw
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024032211512021a2cbee-231a-4d6a-8100-a763c27570efAQG2iYip7FOM3n4p_EoW1IDNHm3X1D3g"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTExMDgyODA7MjswMjGwCr6ijDFa7yGCQMa7RfWdp8qW+pBY46gWoRtdDpbGkQ==
www.trendmicro.com/ Name: drift_campaign_refresh
Value: 8d4ac610-43c0-4d26-89c6-b86f3725db81
.www.trendmicro.com/ Name: RT
Value: "z=1&dm=www.trendmicro.com&si=c17e3b05-cc78-4152-be7f-4532047f946d&ss=lu2lotpg&sl=1&tt=25c&bcn=%2F%2F0217991b.akstat.io%2F&ld=25m"
www.trendmicro.com/ Name: drift_aid
Value: b9f14927-df70-4bb5-9d48-2a23fad6bc60
www.trendmicro.com/ Name: driftt_aid
Value: b9f14927-df70-4bb5-9d48-2a23fad6bc60

73 Console Messages

Source Level URL
Text
network error URL: https://www.trendmicro.com/libs/granite/csrf/token.json
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://tags.tiqcdn.com/utag/trendmicro/nabucms/prod/utag.sync.js(Line 6)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/243552383039605?v=2.9.150&r=stable&domain=www.trendmicro.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://js.driftt.com/include/1711108500000/sv2uuh4gw3ms.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-magniber
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991b.akstat.io
5427711.fls.doubleclick.net
945-cxd-062.mktoresp.com
9572106.fls.doubleclick.net
adservice.google.com
ajax.googleapis.com
analytics.twitter.com
api.equally.ai
attr.ml-api.io
b.6sc.co
bat.bing.com
bootstrap.driftapi.com
c.6sc.co
c.go-mpulse.net
cdn.datatables.net
connect.facebook.net
customer.cludo.com
documents.trendmicro.com
documents.vicone.com
epsilon.6sense.com
event.api.drift.com
fibrwiaabpybckqce3ydkaaaczs724fz-pvkijt-09bd7fcff-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.adsrvr.org
js.driftt.com
metrics.api.drift.com
munchkin.marketo.net
pixel.quantserve.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
resources.trendmicro.com
resources.xg4ken.com
rules.quantcount.com
s.go-mpulse.net
s.ml-attr.com
secure.adnxs.com
secure.quantserve.com
sjs.bizographics.com
ssl.google-analytics.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
trendmicro.scene7.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
widget.equally.ai
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.trendmicro.com
www.youtube.com
yeqpr3nyk35vszp5oc4q-pvkijt-857ed2916-clientnsv4-s.akamaihd.net
104.17.74.206
104.244.42.197
104.244.42.67
13.107.42.14
13.248.142.121
142.250.185.70
142.250.186.130
143.204.98.120
15.197.193.217
150.70.178.131
18.172.103.101
18.172.112.118
18.245.86.14
184.86.251.89
184.86.251.90
192.28.144.124
199.232.188.157
2.17.100.184
2001:4860:4802:34::36
23.206.208.181
2600:9000:223c:c200:6:44e3:f8c0:93a1
2600:9000:225e:800:7:2bfb:7c00:93a1
2600:9000:2670:ac00:12:3734:2a40:93a1
2606:4700:10::ac43:1b98
2606:4700:10::ac43:2794
2606:4700:10::ac43:e8b
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:400c:c00::9b
2a02:26f0:3100:795::11a6
2a02:26f0:3500:12::1730:17a3
2a02:26f0:3500:16::215:149b
2a02:26f0:7100:59a::11a6
2a02:26f0:ab00::214:8e70
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
37.252.171.21
44.220.110.46
50.16.7.188
68.67.153.60
88.221.60.75
99.81.144.187
99.86.91.108
01154faffec8c1ad0c69007b28930a1b86902d1f0b469be222fc735a6ff8bc91
03252b877e1f233841ea078f705feff1e0a3713ae9d78d50dfed534c3e242008
045cf7fd65fd76199b79479c9bfd035d30e173ef2942f8b82360c85a811e843a
04b479f3fe89af5dc7493cfcaa218f9267a6b6d9d9e3d16c577b6c47714c09f5
05507806d4c7fc4e0fc28623957aee3e0e0a98ad3816ec06e9b111a02705f93b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06e5a8795add5d26b3b5052e429398731a7baf5f2a70641c7d671daa37456316
07042ba8c6ff983e1eeb048e4b5eb1ab9c9f9947dd5b4ee29d27fd3adc9cde8c
0726b52bd1cd916bfc197208c2ddb17c4373cc6238ba53bf671ab11803ea741b
082fa0c79a75af418f2646c10fd835a404e731cd00837f3b1aaf5e36e014909b
086e621cfcac0a3d8f7d05e33fefd1b09cd8837c443f89c8a9bee2928cfed62d
08987cd468fb89df63ff92df457ce691ce10e7f5c5c9cd5e56287f6dc3b1573c
0b3ba85c9f4fccaffb5b7a5f00f607495024b6ce7433dadb762531bbec0215d7
0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54
0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6
1203817a41844d7b3fb01f6ebdef78975b98e96e09719b60fecc368afde2fc6e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
138dc998424a6f8f578ae8fe723a4c0d5cf3822795319642f4eeedb6c66a7244
13a39b6b34bdb7d7241423cbdad82caa9f71894b432ee86ac5ae46a783ff8a3b
14c7ed6b9b540b42d3ec969bbe0cb8d4ea30965c15f5669b4fffddd405c0b3c7
16270c15435abfbd1e22c9a06378d29d8823f68d61216d61422d1b0b0643e776
165e3a9b29dd3c7cfc6eb330ace9284d6f8a4de52f34b78e4d84f6faa28206a7
17e70f90def9a1c940d3058eb5a92e799cce54b564b5c170eeb829810574fbb3
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1b76ba575405d509e0623aad3080e3f8d793ab95767a01fc69b6a9744c0283b3
1b973667ceb759e49f2982721f36e4d20a2f8b5dce8c47ccf3039d6ab748143e
1c580985c46f2d69e9d251c3275a031da27d8219e702677f7285ddad9134c562
1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f
1ed544b374d4c02027cc0a0e43a8fee0e216939384efdc5f1e0b1ede30366f77
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
2282dbd646a0e093b6315a3692cb2ab6c9bca68d46c01f7c6fba2f1ae924a953
22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178
239fdb6730e9f234b8b39d72ee99af8a762b69ed075c7cbbaf2751dceec1a0ed
257cbdcb36feb3ef9bc1c5bdb9c777af5ae08f0834ece8a4ce5d74fbfeb7ea0d
26326196e5083389665b95a2a6c859464aa25e3601dc062b01d6279095f2f25d
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
293ceaa480bda1594e9f61f6a52858999cd0aad1ef4f5d3eafe7cc559727e41d
2a4e748b01ca6bb2a1bc3e344a815e2b1a3e7f9a7de1be6ff0959f0e83f45d05
2a6798144639128186f875d40209d2974025f20d7e11247a15ae93a943fbc5a3
2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb0fcc3874f38cf31a9c8a905e51d08f200dfaa7f5b59d1fc5d887679ec7b2d
2dc4bded97472d2f4cf36308b7996200cc08db4379f15fc0a3116b7d225338e6
2dc6739f1427a93aa71d5a7910e6f2f6f2f51774b49d52eba46f5dd1453f6aac
2f1872ca675850da33a82c31c6f2c573bc2a8a7c4634c21ed0370638193975b0
2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32ac58e9211746f23be43c1a08e9fd2ea1e70894c9b346ceb2ec5b6a4d2e855c
350b392ec44d00b6b789b546ce78ee429e6ea703c701fa916d3652cf315b6614
35e785339e19d1ec1987cb9c3d8e66fc97f29a287db0b0b590b8dfdd96d4766b
3600b030ef76b6efd7cb2388789614afac27fc1f83c814a701daaa227cef44d0
36dddcbd8045ce061726b0f8194e1a582de23d473ed771928caeb0ec85ecb93d
3807e44914c34f9e293702693b49039f774b1eef7798a0fa8dfbb3c1992e32dc
3a3abfe7b0630828bff7d1f3a6e29c316f1a432e1909877d8c713abf14e43c3e
3aa0d66887bc53fa2c3aae867f345f2765cd72da482bf5b297fedcdc56259f21
3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cd077a472169d94c46ff7fd76053a8440247f820d23fd9606629b60066c0062
3f82eab82cf80ff1e120ba6bbc2923615d427f558927d06826e6dab01f10a6fd
3f95c868390ea2426ee26d756867a51141df402ab30ccc73404c16450fc10f4b
429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2
42e1111a0ebc79d1aa68af2ccac42031123c6a60fcdcc893c1452c9a76ef33da
42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0
442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1
443746c308fe991b78c8f840b5e110cc95bb7e0f4a3964cc9484496e413f3d59
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4a7f7e246fb61ccc3f57cd38061bbbdd4ada9768649d9d3e3362ec46be278bf5
4afa2f4769d6254f58b8c3373bf4f2660041e23276754af94925f7bdee4729c9
4c38452d4117e2bb77829601aca27ac6584ebdf4d42ce505c0f7b1ae0f933147
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4e098a9d431d9fc4e4cb77057760ff506fd0cbbcfbfce59f1c30d88f8fa01be0
4fde85fa8e2580ffdb174ac656dbb16213865510e97058a8a5c8ca08b0ce8878
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
523e8e412693994fe6b7c57035ee70d6d0981da58428747101852ac0710fbded
557804ca07c2ab312bddc4c711c548563a1302a25eeebbff8dae19cbd4cc5e3a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
563772f765890f5c4e868355b1c9755deae8e886e1281cec1c15ee708543eb79
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f
5916cb7ad857884f3b9fa566c013f3b65902249c8647f4f8c0f2992ca13fbe0a
5a9c8a96b2d409c2295838d5e7c6182170f35aba3ec747dc2a818b96d8e8b23d
5b2a07be2961576f0b4077074d640cec8d4c5892109741bd0c2b013046f505a0
5bb22e81453d6b69b10d640ba35b9a6ff3cc402d23e8b034bb3a1f1cee362084
5bfa00cf23b38ea03bdcf0c04fabb32c8b1fb36b62f7bdabb5071ed6676701b3
5c30d00dbb97ec4c05d6b41e850ea8ffab1c1623692de4193bcb235639be1d8d
5d761ce38299e49663f8dfc9311456c3bcb7bb3555f394cbd1bad6470eef7723
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5ddbc291be48759beda4bab9103ff67aad956b6eeca7a9432215047e1c571149
5deb6f9cade54812153e467832fe3c01d0e81b8ae0a4039e9c234b161b9025c7
5e5a43dfafa6b7448ffd7bac65fbc5d143ae7bc1ec9104c16900e9f294a46e0d
5e62e598e4d6ff2f9fc35b2c7c3cfd17f7405d07fca17f190cc2b77474695f0d
608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377
618d62ceaca1223e16de2c8939a1963a95c34b0ac75852f835f93e5b42f20871
63c035e2f43180086b19ec08f35c8deee82b2b804ddfcf92f7f0e6d835957bfe
645f75dbf15f9931d4c25509f2d3b55e8be7d97209957535382ecfd96658d7b2
652efd827c7d4bdbc5062da31da261ea6aff861b1735ab640eb5aea11e52deda
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
676e66eeb5e721df2e68029d518067cece19d56d7e0b4a1c9a2e3c449a232bca
68c21f3bfefc064bc07808b48bba6165dfc210d152ba4a6a35a567ed49151877
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca
6dba583880106c1d132324a73e774c64efc449671a5dbc701130713a31dca708
6f2adcf50cdc9374afa8b93818776ca2f36eef0f27b356df715d4d98aa6b5e19
7236ba4d18121d1c1e55329fd2110eb585b49ded5d66b2fe461f15369c7d3dda
726f95c0a4f34a9b0b9ff29312e5ac588ae10df3fe641d8a429f5b90a5acfbb6
74f5da663574c88f8694494adf45161949674fcfff783f3306b0644dc2a84adb
7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b
7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787
78fb3ddd8f59a195a9cd97e710fb315ee4a8fddebffe0d27bd9bc5a338440044
796519ebc8d7edbcb37a42b98be60ed304998eabdf8d26fa2f60b41331d0a627
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
7f57ae8c90a70d08a93990e3a24863fb52ad58e46587ebb3cbb93a0ad030d65a
801a9c10c0f5df7a7beb54fb3930066c96238ce2c0cd7b71d5a2519f53a6f3c3
812f0b037d45543ef221e7e3545b89d6839aad4a4bbbf22fe987d70a78dc6c2e
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
826354627bb80d8338c31b0d8752bc3c527c36eca6b6c248c28899aa61a454c3
828782f2fa51485871df9fbd53155d47fd41b38907a74d8f8af328a9df49c81d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a1088237eb2a988a69f8db6a56993c1d49b151f51b557f9e0474781e574382
84b3c038e18ba908e0e8723123115f880b3f8bd21f5e1876edad541b424c64cc
84f657435e631a1442815def2faa66eb24833b1047908ebd71275bfbef9690ed
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
866ab9b157503b1d3294dd78d0ca32761ad1b9befdce4750a91f7190d7ed9df4
86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07
89f5e612d1be23c76c63b9047ca4b649eaca252c5303d6ac4d15b63573330c71
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8c1781ec4483c6fb3bd9ad005d312800eaf24e232c12976624bff84f8ab908b3
8c5692e258913269df8aa8255d877f30ce245d9ccd2c8534b204af716600e79a
8dc3ae7b3048c6650ce35b4258f8e6486d181292ce9a851ba91e9a8cedc8c992
8e18319c572478ece9f57f741f31d4effa2412d58d44e746e4611a275cd9bd47
8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae
90b024f2bb6ac5bf0a8a77160406044bc6e6549fbf7717a88af8e82023d9fa62
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9373a860524d692ce81c1f8f266b511cd597a7f1dbb9fb674c57a303101c21bb
963ed4d34c87a19eb2653d018fe871c7262c9bda9aa5d13a384d42f22c800f0d
983b01fb791009138c45c8f0b4bb23acf47b0fc5944ddeb211679ded611994b6
985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176
9b7a6d6bbb991c1f914650b31aba23630c0316ac9968340b1d09af39ca4aa178
9c6bb7a62f5c16d0e7e323cd1e3be9c5d47d2ae5fb9ea8e12f3754a03d0b1c94
9dcb7df984f468cee4f41f0e76ea672a02601350aefe9bccffa7bd0120782941
9de58212f20de4cd0f5f1f17e9613bab43545df94bc3c1b05dd3cb249bd8f56f
9e5e4c08328b8f76c190b4b611e40b7bf437b2b6c2578679b7cf1780d6b22d5a
9eece5709f828182a567f2e576195fbac03f6d0f076fd97a81ebfebf5a1348df
a03b854d10519fd5be9cdcbc78fad3927c1a3de9e84fa74353c8a19cc20d0501
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b21f08b61e062f9814fda28c782d6b354fdf5f85d9686395c312d93e7ffe13
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3cae7d681dcd847a5d999ab12240d855a6565de774cc0b2bb0ae74d1cf800bd
a5c2eee915ed72695afcc7898018bf57c41e62c9b7b964e8de8bbbec9e895d2d
a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad
a8a325613a88ea2e903acc7c63efafb7f4266ee296b6353f12aa576026c2f844
a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c
a8f57ae36e7533f330d488d78955b84759053d8890dbc12a940f5f16c0169c47
a9c575c2bf9b9f836806dc58aa0866cb558806fc5ea1ef2f4250a8c0b1be7278
a9c5b1a13a2f7df690eba5f5562a012c8287e104e75f3844158b759611b495a7
aa0071a54f3622eeddd8f2c70e370c4e63cc39cb8abdb9b6b8b0222c7dfa473b
aa0fb12210395609982a73f34b179f54280417eb48f18497e9b6a964569c27a1
aa4fda18694f1e60c937933eebd752cc3ed0701652f0dfca84677c3267b26db9
aac964c3413f7f6db878d130df58f7c6b03473345294f3cf82013a619ff07091
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad514bcb3f2e982a190a5e963a29655f37824683a85f6b9ebe942ebd735e18ae
afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1
b0b36326e3e5b74624ee8b5de8273ea00f7bbe9b5ba0da6250cbe7b3c637505e
b4585d273cb4bfd228dfaede65217a0a8918615301c89a0f80fc4c4787215c53
b592cbd3146f76d70e35b1cb5807a0df441c83c29a5bc70d7b68c4269cc8444d
b781a271d23f8fcb33421408a4ab099770b32368548f88c651c0fd1c15cb2a0e
b7e3cad8e5b56efa52cdff5b6f68e15bebba0adb0fabc1c290fade72df119a68
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b9b0a150d864e5807481d89818b4789cf4b4398035bb32d58a816d1055bb0d72
bc40f55dc0399b99382412b3f312bd466bf2b0c3d1b227edc7bf2152ad7f43ab
be971140ab0a1717adb1a00cc77b30392799132f9493fa12e3ae6125c4474397
bec2aa10816e33504b9dbfd2b31c3f0c5a9b873877b85f44b2b9ced02271e60c
c0bb47b69b5ee22057a3c661e95661c72aff43895a545655c818884c341a989f
c2b094f33d25173f475f41a0526bbcb2acebf727a5239decda05553375d2920a
c32c72305e58e3885f42d3f29a702393a4f07a44caba3a91e2b1eb4ae8161a6f
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c7136392bf9f673d795e66234b6b2bbcdb1ceaae76e7979b4bfa642ad59cf7a6
c7d78d7d70a1daee30f3ddfcba1e58b12a5a985d87d63f7902e8f3cab806cbc5
c8921e3e5e26f923941ba4627de5403ab77ba7215ef566b4fa66ca6dab2b0907
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c941a6979bbb1fce9ffa2a04a483436d1d8d3a0990556772d83af7c333ac43cf
c986afd07a4082d65befeef18869a4cd5e00f3ac6e8228d49658802c7453a1b8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd1eef6ba8780ec4e408014498fe98f8691792cc00168d4b115f1500d502a3fc
cd934d18b2a48ed04d6fe7f97745ab75bcf32cacfcef4c2b6bd21c8b624542d1
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1d326206efc842a8035a2d3a1d53aa66176de9d45039389d090c0ee72a39a48
d2992931db929f1541337b2427833930743899025888d5df0cd8359179c3a6eb
d2b87675000aa06854dc6ec4958fa571b618221569949a88c3c407ccc41d1cdb
d43c03312a10d4a0e0e57627a1211dcac46680ba78f9eeafe34418961014df19
d50a796a476b1fcf5c96954fd3576ff056c278490683dce6f1504a9ded73edc1
d51a4c1c5d8e010e04d9eb59e04242c20557bc928bc36e401c157a05c0171788
d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296
d82b1a9a2cc1e98aab345965c63e6cdc6d5782d5ab2ddccc99edb4fa28058202
d8366292b6413e815888abbc34c7800df0b1d8101bff22e1f3ca1f34170a73b3
da316d75d41c92dac17387c6c4e18d457cbbecb0587ed53081bb21afcb4e0e10
db05d4267dfa54efcffce5353b6b16959137d2387075f61974be55c6d3d6413c
dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff
dc75fc8bd77a09c2c31992290e91787bb0a3b46212917c4956aa459da258b749
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
ddb3a051562457ce3d69a677341ad2cccad3a6c7dc6ca563c3a0c7a69ea181e7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3b4f7ee9b54dc67162d74792e3906d8888a0a83068b490fb6830cc6954d5c4
e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d
e223abdb13c475b827e74fa29a44a98e26675402fb46513eadc875faca72305e
e2338b763b58c3cc358441c594610101e429b8bc36790bc301151d6cb3fdade9
e2ee3de5ffb3de5456eb01221fd3c64a851fbdc8cbe2edeefd8a01cef1902a36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11
ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f337adbe68c49f832f3a8c224fa5d9028e678deba5e21de873847667bbb7dee8
f3d804706c6ccb7955d146f5b9a86c200ee5788031e0c8601a0d758da2ce6e54
f3deafdceca8489bc6713e7ff9c3869c17177783edf1b56a39c20fc301dbfaaf
f800118c2b25df31bc76f8113e59f63b4ffc6a3948c903dfa09f441b0a71067f
f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fa308959966462d3ef5890122526efbfe12e868a30803cfaec0d4786d9ff54a3
fa53da5dee5c2a1f9c907460752ac2d99020d3848090bf3940cccb39fba01dd3
fa688df996d472fb14d08bc17f7fe64c2b2e3ac38ae257f82cb0f4ca3fdcbe9d
fb16e72416ed28cf1dc29061bf4e2f388e4e29573c775b2181afa4199110cef2
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fef370402b314ce080b2510417aafb94eccdec8852c1b06826e30b154f890197
ff8f406b684c6674dbd3705d3f6d2cd10b5eedbc2c67a7773f235d69ef122d04