www.cybereason.com Open in urlscan Pro
2606:2c40::c73c:67e2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Submission: On December 15 via api (December 15th 2021, 9:23:40 pm UTC) from US — Scanned from DE

Summary HTTP 274 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 64 IPs in 5 countries across 49 domains to perform 274 HTTP transactions. The main IP is 2606:2c40::c73c:67e2, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.cybereason.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.

This is the only time www.cybereason.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
91	2606:2c40::c7... 2606:2c40::c73c:67e2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	2a02:26f0:12d... 2a02:26f0:12d::6879:4c50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:12d... 2a02:26f0:12d::6879:4c51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:12d... 2a02:26f0:12d:485::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
4	23.209.69.86 23.209.69.86	16625 (AKAMAI-AS) (AKAMAI-AS)
62	143.204.98.70 143.204.98.70	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	52.20.96.200 52.20.96.200	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.51 143.204.98.51	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.16 143.204.98.16	16509 (AMAZON-02) (AMAZON-02)
1 1	68.67.153.60 68.67.153.60	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:215... 2600:9000:2156:ea00:12:3734:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	206.19.49.24 206.19.49.24	17225 (ATT-CERFN...) (ATT-CERFNET-BLOCK)
2 2	52.50.109.234 52.50.109.234	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	143.204.98.59 143.204.98.59	16509 (AMAZON-02) (AMAZON-02)
2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	18.159.7.124 18.159.7.124	16509 (AMAZON-02) (AMAZON-02)
1	63.34.251.77 63.34.251.77	16509 (AMAZON-02) (AMAZON-02)
6	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
2	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.40 143.204.98.40	16509 (AMAZON-02) (AMAZON-02)
274	64

91 2606:2c40::c73c:67e2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.cybereason.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:12d::6879:4c50 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:12d::6879:4c51 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d:485::19fd (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
401574070.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

10272547.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10428681.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.209.69.86 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-69-86.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 143.204.98.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-70.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.96.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-96-200.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-51.fra50.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net

px.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.153.60 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: s.ml-attr.com.pxlsrv.net

s.ml-attr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ea00:12:3734:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

attr.ml-api.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.19.49.24 (United States)

ASN17225 (ATT-CERFNET-BLOCK, US)

apt.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.109.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-109-234.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.57 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-59.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.7.124 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-7-124.eu-central-1.compute.amazonaws.com

dpx.airpr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.251.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-251-77.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-40.fra50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	cybereason.com www.cybereason.com	7 MB
62	driftt.com js.driftt.com	742 KB
11	doubleclick.net 3 redirects 10272547.fls.doubleclick.net 10428681.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	5 KB
10	typekit.net use.typekit.net p.typekit.net	143 KB
8	drift.com metrics.api.drift.com bootstrap.api.drift.com	518 B
8	gstatic.com fonts.gstatic.com	213 KB
7	google.de www.google.de adservice.google.de	2 KB
7	google.com 1 redirects analytics.google.com www.google.com adservice.google.com	2 KB
5	clarity.ms 1 redirects d.clarity.ms c.clarity.ms	23 KB
5	linkedin.com 3 redirects platform.linkedin.com px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	64 KB
4	adnxs.com 4 redirects secure.adnxs.com	4 KB
4	mathtag.com pixel.mathtag.com	4 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	64 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	12 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	twitter.com platform.twitter.com syndication.twitter.com analytics.twitter.com	134 KB
4	facebook.net connect.facebook.net	196 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
3	company-target.com 1 redirects segments.company-target.com api.company-target.com	2 KB
3	airpr.com 1 redirects px.airpr.com dpx.airpr.com	3 KB
3	googleadservices.com www.googleadservices.com 401574070.privacysandbox.googleadservices.com	16 KB
3	hubspot.com app.hubspot.com track.hubspot.com forms.hubspot.com	3 KB
2	sitescout.com pixel.sitescout.com	267 B
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	facebook.com www.facebook.com	498 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net
2	techtarget.com trk.techtarget.com apt.techtarget.com	2 KB
2	googletagmanager.com www.googletagmanager.com	140 KB
2	cloudflare.com cdnjs.cloudflare.com	11 KB
1	driftcdn.com embeds.driftcdn.com	13 KB
1	rlcdn.com id.rlcdn.com	66 B
1	reddit.com alb.reddit.com	125 B
1	t.co t.co	469 B
1	ml-api.io attr.ml-api.io	241 B
1	ml-attr.com 1 redirects s.ml-attr.com	279 B
1	demandbase.com tag.demandbase.com	19 KB
1	lltrck.com lltrck.com
1	wistia.com fast.wistia.com	118 KB
1	pixel.ad up.pixel.ad	1 KB
1	pdst.fm cdn.pdst.fm	6 KB
1	hs-scripts.com js.hs-scripts.com	963 B
1	zoominfo.com ws.zoominfo.com	478 B
1	redditstatic.com www.redditstatic.com	8 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	licdn.com snap.licdn.com	2 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hubspot.net cdn2.hubspot.net	2 KB
274	49

	Domain	Requested by
91	www.cybereason.com	www.cybereason.com
62	js.driftt.com	www.cybereason.com js.driftt.com
9	use.typekit.net	www.cybereason.com
8	fonts.gstatic.com	fonts.googleapis.com
6	metrics.api.drift.com	js.driftt.com
5	www.google.de
4	www.google.com	1 redirects
4	secure.adnxs.com	4 redirects
4	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com
4	www.google-analytics.com	www.cybereason.com www.google-analytics.com
4	connect.facebook.net	www.cybereason.com connect.facebook.net
3	d.clarity.ms	bat.bing.com d.clarity.ms
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	10428681.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	10272547.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	fonts.googleapis.com	www.cybereason.com
2	bootstrap.api.drift.com	js.driftt.com
2	dpx.airpr.com	1 redirects
2	pixel.sitescout.com	www.cybereason.com
2	segments.company-target.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	adservice.google.de	adservice.google.com
2	c.clarity.ms	1 redirects
2	www.facebook.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	adservice.google.com	10272547.fls.doubleclick.net 10428681.fls.doubleclick.net
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.googletagmanager.com	www.cybereason.com www.googletagmanager.com
2	platform.twitter.com	www.cybereason.com platform.twitter.com
2	cdnjs.cloudflare.com	www.cybereason.com
1	embeds.driftcdn.com	js.driftt.com
1	in.hotjar.com	script.hotjar.com
1	api.company-target.com	tag.demandbase.com
1	id.rlcdn.com
1	apt.techtarget.com
1	c.bing.com	1 redirects
1	alb.reddit.com
1	vars.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	401574070.privacysandbox.googleadservices.com
1	attr.ml-api.io
1	s.ml-attr.com	1 redirects
1	px.airpr.com	www.cybereason.com
1	tag.demandbase.com	www.cybereason.com
1	lltrck.com	www.cybereason.com
1	fast.wistia.com	www.googletagmanager.com
1	up.pixel.ad	www.googletagmanager.com
1	cdn.pdst.fm	www.cybereason.com
1	trk.techtarget.com	www.cybereason.com
1	js.hs-scripts.com	www.googletagmanager.com
1	ws.zoominfo.com	www.cybereason.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	syndication.twitter.com	platform.twitter.com
1	p.typekit.net	www.cybereason.com
1	js.hs-analytics.net	www.cybereason.com
1	js.hsleadflows.net	www.cybereason.com
1	js.hs-banner.com	www.cybereason.com
1	app.hubspot.com	www.cybereason.com
1	cdn2.hubspot.net	www.cybereason.com
1	platform.linkedin.com	www.cybereason.com
1	ajax.googleapis.com	www.cybereason.com
274	74

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
malpedia.caad.fkie.fraunhofer.de
attack.mitre.org
en.wikipedia.org
www.priasoft.com
www.malware-traffic-analysis.net
www.sentinelone.com
www.bankinfosecurity.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
www.cybereason.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2020-07-03` - `2022-07-08`	2 years	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-24` - `2021-12-23`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-10-24` - `2022-01-22`	3 months	crt.sh
*.pixel.ad RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2021-07-25` - `2022-08-26`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.airpr.com Amazon	`2021-12-10` - `2023-01-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
misc.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-13` - `2022-11-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Frame ID: 97E3F2F4428ECBB952CF917360C08A47
Requests: 191 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.cybereason.com
Frame ID: 8A828B9F7AA541DFCAF1433FA8508362
Requests: 2 HTTP requests in this frame

Frame: https://10272547.fls.doubleclick.net/activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Frame ID: DBA764C6A00C1506EE7564378F850B93
Requests: 1 HTTP requests in this frame

Frame: https://10428681.fls.doubleclick.net/activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Frame ID: 0061E43E40EB484139BEAB283D62E1F2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Frame ID: 3D32A24F741D5916359ACBBDC47AD3A8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Frame ID: 590B1A4F291F645600AE4D596889DE7B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: D7A49E5D340F481365BE3EB8C211A60E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Frame ID: 4A899839602D9D30CA3B1333ED235EB7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Frame ID: B0896E2E822E1D8F3857497E91E2B0D5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: D14305E7CE8C2B7B021343E16BA250CD
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=78d561ba-5cd5-4900-9908-e0a2456846ae&no_iframe=1&mt_adid=241675&source=mathtag
Frame ID: E9389E642C7352983166BC6F34B3E3AF
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
Frame ID: 71B5928BBCB830891FD44508D6A1D906
Requests: 34 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
Frame ID: 973E7F568F074ACFA2D87EF0FFA6A822
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Valak: More than Meets the Eye

Page Statistics

274
Requests

98 %
HTTPS

51 %
IPv6

49
Domains

74
Subdomains

64
IPs

5
Countries

9028 kB
Transfer

14035 kB
Size

52
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?original_referer=https://www.cybereason.com/blog/valak-more-than-meets-the-eye&utm_medium=social&utm_source=twitter&url=https://www.cybereason.com/blog/valak-more-than-meets-the-eye&utm_medium=social&utm_source=twitter&source=tweetbutton&text=

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https://www.cybereason.com/blog/valak-more-than-meets-the-eye&utm_medium=social&utm_source=facebook

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.cybereason.com/blog/valak-more-than-meets-the-eye&utm_medium=social&utm_source=linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/malware_traffic/status/1207824548021886977
Title: late 2019

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.gozi
Title: Gozi

Search URL Search Domain Scan URL

URL: https://malpedia.caad.fkie.fraunhofer.de/details/win.icedid
Title: IcedID

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1096
Title: Alternative Data Stream

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/PuTTY
Title: putty.exe

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/NetSupport_Manager
Title: NetSupport Manager

Search URL Search Domain Scan URL

URL: https://www.priasoft.com/using-a-dedicated-exchange-forest-resource-forest/
Title: forest

Search URL Search Domain Scan URL

URL: https://www.malware-traffic-analysis.net/2019/12/19/index.html
Title: malware-traffic-analysis

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/blog/goznym-banking-malware-gang-busted/
Title: Ursnif

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/repeat-trick-malware-wielding-criminals-collaborate-a-12219
Title: IcedID

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1192/
Title: Spearphishing Link

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1059/
Title: Command-Line Interface

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1053
Title: Scheduled Task

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1081
Title: Credentials in Files

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1087
Title: Account Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1213
Title: Data from Information Repositories

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1020
Title: Automated Exfiltration

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1001
Title: Data Obfuscation

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1193/
Title: Spearphishing Attachment

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1117/
Title: Regsvr32

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1078
Title: Valid Accounts

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1112
Title: Modify Registry

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1098
Title: Account Manipulation

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1083
Title: File and Directory Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1005
Title: Data from Local System

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1002
Title: Data Compressed

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1053/
Title: Scheduled Task

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1117
Title: Regsvr32

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1069
Title: Permission Groups Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1074
Title: Data Staged

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1022
Title: Data Encrypted

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1064
Title: Scripting

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1063
Title: Security Software Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1114
Title: Email Collection

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1041
Title: Exfiltration Over Command and Control Channel

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1047
Title: Windows Management Instrumentation

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1082
Title: System Information Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1086
Title: PowerShell

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1016
Title: System Network Configuration Discovery

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1124
Title: System Time Discovery

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cybereason

Search URL Search Domain Scan URL

URL: https://twitter.com/cr_nocturnus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cybereason/

Search URL Search Domain Scan URL

URL: https://twitter.com/cybereason

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOm7AaB0HiNH4Phe66sK0Ew

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cybereason

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 134

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye HTTP 302
https://10272547.fls.doubleclick.net/activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Request Chain 137

https://10428681.fls.doubleclick.net/activityi;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye HTTP 302
https://10428681.fls.doubleclick.net/activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Request Chain 152

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID HTTP 302
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dcybereason.com%2526pId%253d%2524UID HTTP 302
https://attr.ml-api.io/?domain=cybereason.com&pId=3576325908894317993

Request Chain 166

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D72596%26time%3D1639603413722%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fblog%252Fvalak-more-than-meets-the-eye%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&liSync=true&e_ipv6=AQK-5ik5cdjAbgAAAX2_-qWbKni21_tj6nml3x9lpS8G_04yxj61EVXYYMGh_6y9_1TdEu-kMw

Request Chain 171

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=1Vy6YaX0Keqkx_APgJSTgAE&sscte=1&crd=&eitems=ChAIgMHmjQYQkd-s26Kuo8UeEh0AdKENUIew5kxzqJaBLc2p_pEpBMFkldcwm4KUfw HTTP 302
https://www.google.com/pagead/1p-conversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=1Vy6YaX0Keqkx_APgJSTgAE&cid=CAQSKQCNIrLMY_JC_QdEc0GmABC0QNLUnG9i3_9HqoJ3T8iBPbfWeONmNoae&eitems=ChAIgMHmjQYQkd-s26Kuo8UeEh0AdKENUJOkEg9K1lSycCl0UNh2X83yvm8y-MEfBg&random=917142451&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=1Vy6YaX0Keqkx_APgJSTgAE&cid=CAQSKQCNIrLMY_JC_QdEc0GmABC0QNLUnG9i3_9HqoJ3T8iBPbfWeONmNoae&eitems=ChAIgMHmjQYQkd-s26Kuo8UeEh0AdKENUJOkEg9K1lSycCl0UNh2X83yvm8y-MEfBg&random=917142451&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 179

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=4ECF56D5B44A42A1A408C2D4CC89863A&RedC=c.clarity.ms&MXFR=1B39F3EF3A2F6C743E49E2E13E2F6231 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=4ECF56D5B44A42A1A408C2D4CC89863A&MUID=0088A08048596AE40CFEB18E49326B41

Request Chain 185

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AALYpU7DdLoAAD0SARysSg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AALYpU7DdLoAAD0SARysSg&verifyHash=174cd3d1212117e765220dc4bfbff1ffb2abd4cf

Request Chain 196

https://dpx.airpr.com/px?hostname=www.cybereason.com&profile=660386&ga_account_id=UA-56367941-1&ga_account_type=UA&ga_c=2004201336.1639603413&an=true HTTP 302
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4239298787 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D4239298787 HTTP 302
https://dpx.airpr.com/anpx?adnxs_uid=3576325908894317993&airpr_id=4239298787

274 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request valak-more-than-meets-the-eye Show response
www.cybereason.com/blog/ 117 KB
26 KB 1523ms
1148ms Document
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

ebe3fc0a11c25bb8fb48fea36f6bf64c19ab5f727dc61b9e609fdf4fce9579b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 15 Dec 2021 21:23:30 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=14400, max-age=0
etag: W/"e95dcc85f23dd78196bb38404726af3d"
last-modified: Wed, 15 Dec 2021 20:59:33 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-29780301346,CG-5272851739,P-3354902,L-42870461961,CW-34473990280,CW-41681847227,CW-41682410610,CW-42867014566,CW-43300360745,CW-44252461159,E-34470223313,E-34470224480,E-34470477360,E-35275979682,E-35291999472,E-42363645447,E-42507089303,E-42507091846,E-42760289143,PGS-ALL,SW-0,GC-36042052587
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cf-cache-status: MISS
x-hs-combine-css: Disabled
x-hs-content-id: 29780301346
x-hs-hub-id: 3354902
x-hs-prerendered: Wed, 15 Dec 2021 20:59:33 GMT
x-powered-by: HubSpot
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zmCbY7SMhZGCjvinVBfHkgtvruRdNChZx29OhmWN2LZFV1lCISd50B%2BJJT60mDOKL%2FrChHKaJ3OlVQFHumcYBMAJemclNT3vSnkrRjjbLLEaYJDs1Xn9NmJSZ7FhwJyeQDnhJaN%2BwXR3Kl%2FRWSjKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6be2bbba0ed1f927-MXP
content-encoding: br
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>

GET
H2 200 index.js Show response
www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/ 11 KB
4 KB 33ms
0ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 205017ec1deb1818ed40d527d0c96868.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2525171
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc0fb0df927-MXP
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 15 Nov 2021 14:59:45 GMT
server: cloudflare
etag: W/"e87d0efee17e652760ab5ccd33fbc8ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnFyrvbb%2FNQ7%2BpD44Ff78nviRcdIqbPqMJKcP0eL65TVZNPqXdhcQ4QIQp6LbXY%2F9RSJEaN%2B3Zjbmvz1Q%2FD2e%2FVNDfEC5%2B5Xa3tWvNF5uwty8ZRpFhrRRNJmVQ19OAl3KWwuVoK8Bfn3gB1aPobS2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: vdFz9Y2Y_lpsefQtRnWK89fgZF54ag5p
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP63-P3
content-type: application/javascript
x-amz-cf-id: YxbdhGLcbU-8bI8_hlc9s3OK8HtrSYRJ9oXBRw1DdrxXrLFnzcKayA==
expires: Thu, 15 Dec 2022 21:23:30 GMT

GET
H2 200 project.js Show response
www.cybereason.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1015 B 38ms
0ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cybereason.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 8dd9765909fe9494b6dd4a72ba9e7b65.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3125824
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc0fb10f927-MXP
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sh6%2FIVrvWS8RPlJ0WJba59hqOm94xdZmDD67Fq9D13dGmdLfF%2FuXdKBLFAQNkdUbQtbcp3Ck2ztxJCUrB6Y6TrTsJcmFcU7S4umTJxqQqMBwdZ3WaVZhG0djymnb7TH111sxufk0tABpZW%2BQa10KzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control: public, max-age=31536000
x-amz-cf-pop: MXP63-P3
content-type: application/javascript
x-amz-cf-id: FeaG0c6R1eJ6NGIO48OqSkmi-tdJBfBeWwjgfQ7yaszmvAKZ8CB6AA==
expires: Thu, 15 Dec 2022 21:23:30 GMT

GET
H2 200 module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41681847227/1639157133255/ 3 KB
1 KB 320ms
317ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41681847227/1639157133255/module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef04e8e205bdda8d39cf639606e0ec1d1cc3bba2cec6c6c6dd517f702d60e989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639157133255
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 9557da2570df16242f84a67f254d7f31.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 5XVTR7Y39V43BYDZ
x-amz-id-2: vZ1fzS8OwVZDElWh3GgWeaX8Avr3PQosyibrA9g8ue3ha2QO+MrElTtmg6tDFw7IdFkgrGXZ270=
last-modified: Fri, 10 Dec 2021 17:25:34 GMT
server: cloudflare
etag: W/"1018f847139b4b565c35aacac5ed20e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7C9wC03bwdZIN0OFQZw4nDgGGS3TVAYV%2BwSikLJP10YT4dIIJVATVgaCuVVdz2H%2FFc2DFdVPKsUBmLTPDXXQ8%2FpYMFqNfcgaCvVl76SXJHmfZd2kwENZ%2BqkG7RHgPVSc8P6RYr9uByZhmCLX%2BpTxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 1J_5UNDiy.mMVrzfGOKB2yMvPMSEW8fI
cf-ray: 6be2bbc15ba7f927-MXP
x-amz-cf-id: grQ5zHY5sExpifv2w9HFm4ITdY6_JOcqA2MUrf4W7_SMSgMGag1K-g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41682410610/1639593716420/ 6 KB
2 KB 359ms
356ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41682410610/1639593716420/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f903f416e22249cfab4769b65c97a216746ff7d579fc7fa983740943240a9362

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639593716420
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: T4X3E2CS0PDPQF6Z
x-amz-id-2: mzWX6LGGKfcw6494uXttMuo2ph42tjw9e9ywO5vTsDwnhkxzWu+gukLlTZ9Zcgsdi8g8znLEVcQ=
last-modified: Wed, 15 Dec 2021 18:41:57 GMT
server: cloudflare
etag: W/"594d3cef98509b9461f429bf5b0e356d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hGKYx71k0TYbgGB5xYH2MIKubw7epwISZ57%2FjeVbwsL5VvYAdhKr1v54v4%2BuyvreOuAYb8DzbnZsCRfmJbsTGZdy7RTYYPzbe4jMVtz3RxmblLFpc6kQwBhY4GmWQ%2BiyBgsd7ZzJ%2FRyvryWeywpag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: DF9PddG_xOxWz4mKBlXtT4_DR3n4GVcU
cf-ray: 6be2bbc15bacf927-MXP
x-amz-cf-id: cviOL5EM-D7z2pGH38LesDK4ICU566Om4IMsFAqGT8uI7zFX1oSSpA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_43300360745_CR_-_Malicious_Life_Network_--_Related_Posts.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/43300360745/1635957557401/ 105 B
662 B 298ms
295ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/43300360745/1635957557401/module_43300360745_CR_-_Malicious_Life_Network_--_Related_Posts.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735e44959f60192ae3b93cfafd034f89a1cd8a95510fbac7aabaf9fa05d9465a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957557401
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 a12c29ca3e64ac2015cf4f6c9099b8ce.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 8TNR877W4BVCC3W3
x-amz-id-2: p5njw5hu0dUo+kF+5KlLUj3gvn5WLwh/EIvBgI7cEiKkUW7A+ApPkpmqP/bPIBEXb8YYTribfA8=
last-modified: Wed, 03 Nov 2021 16:39:18 GMT
server: cloudflare
etag: W/"b794f1cb3242ba801fcfb92cfc192f88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uc32XVojV%2Fa5FHkpnDfY20G4KxXOQg0xkDNchhTp5OsllVGxDnRRfuoLwcEHlogRAx6fD1QJecmEkCgKL%2BuWO7Vs%2FNowWk8AshgWH4OZ9R0o2bE%2Batli4MAFrudFnUYQeKt05JtR5FYtWJPZh23UXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: bAak9bfCwDG2IYFk.X8WDIK3iJgyQ_K1
cf-ray: 6be2bbc15baef927-MXP
x-amz-cf-id: oY4ONfKXnhJw6W9KwCYCeauF30K7_TFg84ZgB8SyCanA95AyRnU-Xw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_34473990280_CR_-_Footer_Full__en_US.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/34473990280/1639595041868/ 3 KB
2 KB 82ms
78ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/34473990280/1639595041868/module_34473990280_CR_-_Footer_Full__en_US.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97163b731eeaba18956ab2503090d85d58ef9cf7ec7d95dab7d872f188257963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639595041868
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 b9d1b307966c2273bf97ed7c681603db.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 269
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: BAVCBRYXJHPNWQSJ
x-amz-id-2: 5RuxcoEJhn5OgHMZh59Oc37M3mxl3mgmV9dp89iigBR8Zelg7FsZvZ/h31yW4oL2lDkTl7/MNPY=
last-modified: Wed, 15 Dec 2021 19:04:02 GMT
server: cloudflare
etag: W/"5e970d579e1eb0f2b04f3bb72f88b645"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4gljc4IPRMJn3bf3hyhnsFEqoKSJK%2BrirCL2OjkDdFhI4uvdtgoNl%2FWGVPLVOQrOGffCBygxK2DD%2F6I409X%2B37LPCWz5vasi7XFMsr%2FZGv5yIXKe7ZHljs7eojouNFmKa4TUyjEV3i2sb7XPbBoAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: gbKmDkiFdYeylhcu5LaWqJG3Ew2iD85F
x-amz-cf-pop: IAD89-P1
cf-ray: 6be2bbc15bb0f927-MXP
x-amz-cf-id: hf7jTiWHo8mAMH56Gqo55mUGp2x12Ag81fBHFVyRz7gwROzA0fwTYg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 vyv2ljd.js Show response
use.typekit.net/ 19 KB
7 KB 196ms
55ms Script
text/javascript 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vyv2ljd.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3548fdd09c76e6d1a78dc0890d0da250339a5021ef499ac8b61f9d1bfae1a43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 15 Dec 2021 21:23:30 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7011

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 08:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Dec 2022 08:47:52 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 201 KB
61 KB 275ms
61ms Script
text/javascript 2a02:26f0:12d::6879:4c51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c51 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Play /
Resource Hash: d120a85c209c9b3bec4d3cae2e6bbbbebd666a74238e77c7ea5b31670464540c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-LI-UUID: AAXTNU2eQD8gXjm98Au0Mg==
Date: Wed, 15 Dec 2021 21:23:30 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-ltx1-x
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 62393
X-CDN: AKAM
X-Li-Fabric: prod-ltx1
Expires: Wed, 15 Dec 2021 21:39:32 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1639601232848/hubspot/hubspot_default/shared/responsive/ 5 KB
2 KB 165ms
85ms Stylesheet
text/css 2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1639601232848/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639601232923
date: Wed, 15 Dec 2021 21:23:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2156
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIvAQYiRKHsNrZem9ayqsh5e8mAdClpsxppW0XVFXzc5otxI0%2BwRC%2BLAYIzaDjfSNZrQOpShzlEPi85sE%2FdExVbocdHG949Qh64bTbbHKzks0GJ7%2FqiodF2LKCVLXKzSH12ltd90b6UMc36HXCs%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
last-modified: Wed, 15 Dec 2021 20:47:13 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
cf-ray: 6be2bbc1da120e06-MXP
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-master__cta.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1639595693810/__CR_Web_Platform/CSS/ 3 KB
1 KB 332ms
328ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1639595693810/__CR_Web_Platform/CSS/cr-master__cta.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7be72851ac250f7abb86afb92be94955289cf05179daea64e9a582966e28766c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639595693954
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a555.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: R1KPA7DBHAAM0RFD
x-amz-id-2: Nr7akG0pujhZQf3cF4OtFPWteAXLEb+u4VAM7qpd9creqqa6h2RUv0Anna0guoC1tOM9+q/AoDc=
last-modified: Wed, 15 Dec 2021 19:14:54 GMT
server: cloudflare
etag: W/"09a82b01351e58fc19a6f8390ebe34bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTB0%2BU%2FPVaVHUsIycgQB67el4il%2BId0i7wEAVkWH88fvuecTQgcI4Pf76VcndHojcSdzwDPKzuXa5NxkzZPyAd78Dxuxt%2BGAj3VnojZOGN41guwolFEQHXMdYtfYVwHHeovzEmNeGIGEkDny0dt0ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 6L11e0uwvHpi_lK.LNN28oGymR7MLa.7
cf-ray: 6be2bbc15bb1f927-MXP
x-amz-cf-id: RXoYlAKRnaktrod0eZ_x4dL_XV12Z-xhpKXpj9xzSaUUwLG3FCDMgw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-master__main.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/ 50 KB
10 KB 69ms
65ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb0e6512bf681048ba8f82af0b5b165eb8aa47c3f26385888553fab5c6b3d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639599879202
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3260
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: TWPX0H09CSYCSGYJ
x-amz-id-2: rYKuI8SqAixliqnAqAshR7uDVyEIvd4JKEY15+Fjm8/2ycQpl0fQDBxQVItT79QZc8U82sZrxM0=
last-modified: Wed, 15 Dec 2021 20:24:40 GMT
server: cloudflare
etag: W/"fa9902a6c23b2e3bae93eb168f3921c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FpF4bS%2BTFbw944xPzQHY723h3hQrbOJShsr4MdwGKKiR5EZL3QoWVpf7MxaCLVoidDCRWE%2FL%2BvcNUpsPwjkPDbWwpXaRsPpVDDoDPEepndB4JoIOesjJaQFPeyHYzmsKZjioAjFZXtua6Gtq%2FK3Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: npZ4Q2hltuVqtneOyqTacFCK5.vRPQkc
x-amz-cf-pop: IAD89-P1
cf-ray: 6be2bbc15bb2f927-MXP
x-amz-cf-id: om-tUczdhdfe8nU0XeUWhtZmoKNoPyPX4QFX-rgzc1fWJ8jZSxnvlA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 ionicons.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1635957556121/__CR_Web_Platform/CSS/ 50 KB
9 KB 1077ms
1074ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1635957556121/__CR_Web_Platform/CSS/ionicons.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556350
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 9PBA0SSWHCTFV5F9
x-amz-id-2: Aj3LFQqw7xMgSoZ+/LiqyFvCP3zU5+K7VjK9xT+G7HbGGmtYjIGhZozONpfZbcSoOkWTx9Xn06M=
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"71c8c946791f3411c42a4cb1e9cdb5ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36rnl8nB%2Bs4PcL7MyByrDHXZD6hVlsMXMYbbW6IfdRPaLl6wAJOLmlVSCOp5ynPg8HiEEg%2FxpIUfkTqjYusU9HeG3GOzB9V7EYEOgOapdp6j7Sz%2B1gYiZmUDTxBryeH1%2FTXRiVg%2B0WrFQmVBuCrSyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: iqT2mW6uvtD0FkJWnkj0JpBhNkWr.WWM
cf-ray: 6be2bbc15bb3f927-MXP
x-amz-cf-id: 8xbXulFu8G57GDrFY9esi1ybHMBfl_Wlm4gp1CPfCA-XZi5VoZIZEQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-mln__build.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42760289143/1635957555962/__CR_Web_Platform/CSS/ 13 KB
3 KB 308ms
306ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42760289143/1635957555962/__CR_Web_Platform/CSS/cr-mln__build.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a939b9fcb8cdec877464e6131704ef19effd6279467d48bd42afe7af8558391c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556021
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: QQZF1VY315ZYSZPR
x-amz-id-2: 1cYMyHXOKpmQYVbzq6KM7WLV1h5iaHNhy8WA3eLAsqCcddk+XUee3Ap6QxsZrhPniFcG3Hu3iGs=
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"badac49ceb808e0da5626ecf98b71573"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjDUsBno6rNX%2FGt3ePVDiZqUir8tHdZCtR8xDxHtmKzxfx3iQHzzJxyA%2BfRa92sredMiYZanMUqa04RLjqwMR32MPoAkTSN%2Fw1gOSavHbVS8WAh%2FWf2X6gY9zgtC4NtJkgOTVVyWysg7CAJbOjHuGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 1fuT52OtpeUgs1Ov_uPVWY4zyW43j_Sh
cf-ray: 6be2bbc15bb6f927-MXP
x-amz-cf-id: kwH3r25kMJk1sDFGFRjVyDq2cXtouV5bfLO_dgJy-yc_rD-qhskw4A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-framework__bulma-columns.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/ 19 KB
3 KB 1058ms
1056ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470224480/1635957556830/__CR_Web_Platform/CSS/bulma/cr-framework__bulma-columns.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556893
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: GX0WCEQ2BYK08X3B
x-amz-id-2: xMTT4s6N6Ea+XwrIkWlgm0ux1NM+s96sadthVFLzkIvda/wEDYg3f0ZVrbOgZMpqDdlSEvnozCQ=
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"636c18615b58fca9536b2e1c578c6db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxsDvvxt%2F0Ki4ONnFpKeQoDcrCtAxvQOs8O6NZ6I9xnazBaxTG3zRtbNqRbm%2FilCa8Sfuht1GwEG2UskgsCHRIWspG6botiKw33e1j0S5EiGWyliYmKxyuwui8Ukys%2FwjzlipE3xBMr2I644IViufw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: ztbfQ3xke3U.HOkgMJI8FuP2IAE_PoWW
cf-ray: 6be2bbc16bb8f927-MXP
x-amz-cf-id: 9MshudiQYULzECXpkRbzTkAcAB3-swnSgOrLwtYZGRSnNGTio86xJQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 cr-framework__bulma.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35291999472/1635957558054/__CR_Web_Platform/CSS/bulma/ 64 KB
10 KB 675ms
673ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35291999472/1635957558054/__CR_Web_Platform/CSS/bulma/cr-framework__bulma.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1db8e6cb7ae20e5ac308a25943b94734e7ad0f794b26eb778c7e38ae2b51e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957558203
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: GX0YW1JRZ9TJ7E54
x-amz-id-2: LoKueyWFSopTduPCWg4STyw/hSn2rUcb4bHMwWPeYbg3QmhjsqT1aRInBNZiJ90KcV3loJ0Y7LA=
last-modified: Wed, 03 Nov 2021 16:39:19 GMT
server: cloudflare
etag: W/"88605a5e2df657681a0605d62c89a631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rh8fMF9fv4YSyrPubtzsXwsn2AWb8bLDBYiOSI%2BRlztwqiWAYD0x0AOqFF9LSZ1FBWVfVy6VlYIKltbnttxgh1SndrXg3g7V31Rql3idZS%2B5qpL5jR%2BpB1HLB2JcoSTIEleDQrQPiNvXi0lsZ%2B3ywg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 3aTHTQPnhMOJvLkrILGm0cfE0qzY9sSm
cf-ray: 6be2bbc16bb9f927-MXP
x-amz-cf-id: Wm0PPk_Zd1quj6MYm0cgwi6kWFA27S0t4Fa1URpg7zs48irVv_3y5g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 hamburger-animation.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42363645447/1635957556555/__CR_Web_Platform/CSS/ 22 KB
3 KB 351ms
349ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42363645447/1635957556555/__CR_Web_Platform/CSS/hamburger-animation.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9130ee8c979a74ab038cf5e8a06db5cb94253eab35ea5242f515d605f4781ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957556622
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: B8YZ8A4W5SYQK6AQ
x-amz-id-2: 3vHtA54EedxkNzqSEUohk+vTM9g044Uc31Jon/JUslnRN6RU7Z/WAnuEJJk/s7vj9xqUl8JvIWw=
last-modified: Wed, 03 Nov 2021 16:39:17 GMT
server: cloudflare
etag: W/"a0b451fd96744fa455495e022542ab86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eWNObrlmqTsb1rx%2FCPlLncIPQTtxOSwRes%2FzjDOxDQYuJv%2FFWGC05qMSJhYtBGNmlfNIdinGVx7zW%2FkEUJs0o1FPk%2BXIRxHrowMoLGjqsKx2CYU%2BF69BvQebSFCRx93iOHuoQCAHSH%2FkQR4Xx%2BOlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: lQk5raYmhtMGvBjPaErNiYKiV.vYRZdk
cf-ray: 6be2bbc18bdaf927-MXP
x-amz-cf-id: F6zrHO2SklRteARIRQ7G0IncdDS9SlfWB33frYoYsthjX04jPHdbTA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 animate.min.css
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42507091846/1635957557027/__CR_Web_Platform/CSS/ 52 KB
5 KB 351ms
350ms Stylesheet
text/css 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42507091846/1635957557027/__CR_Web_Platform/CSS/animate.min.css
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957557027
date: Wed, 15 Dec 2021 21:23:30 GMT
via: 1.1 cea67f5ca1b497624430e599aa6b7c63.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: B8YHYE9QEWRWG70C
x-amz-id-2: 9AOM7opjEW6maSseLeUFYNx6rLKbgyHxlqZ/aTGBJwfuP/wKFUhSC/mR4OiJvWkHmfoHJdr4HHA=
last-modified: Wed, 03 Nov 2021 16:39:18 GMT
server: cloudflare
etag: W/"55009d64191e6f9e712a841773ee6611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihbmo%2BKh7susHlzUMK0l571M8Rp0dE5jxrG%2BOEvpvVA5x0N6i5Kb1nwBFHX7LF0%2FmVgtiOUytf8HHG8AvaQPL%2B8K3Gq6OcCv8V49u9CvS7Zp6ISWn9Ftc09e0n2gKIftIUBpnOiI7d%2Fe5zQtp%2FJsFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: IGvZUZfEwaJFbKF3muzrtvS_E6bsPjZO
cf-ray: 6be2bbc18bddf927-MXP
x-amz-cf-id: SEGBgNkj5Hh2QVpNl4LXGCwCQqu00YWYcknZEqdCEHLOrM455NRQ5A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 95ms
34ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2927470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaQL9WF9ikycuEys57MvGBQPmiwszocdZ54NJuWFDRmw7GVK4haZf3ODm7MfgPY2zPcuB9THtsNCPjgzW2f%2FfWj8Z5LhIcw36sEz4NJmpjbFQ3WnvBkJmdOdDnIFKpUljRT2Dmyvf0%2BUIFYp2SA3hJ9e"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6be2bbc1beed4ab6-FRA
expires: Mon, 05 Dec 2022 21:23:30 GMT

GET
H2 200 marker-animation.js Show response
www.cybereason.com/hubfs/dam/plugins/ 6 KB
3 KB 1005ms
1004ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/plugins/marker-animation.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 843803aeba82f94da6f1cbe1f853ccd12f5d7cc6a3afa20923e57e5df60c412d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-36714670113,FD-35651288461,P-3354902,FLS-ALL
x-amz-request-id: YHJY0K438N14MEBB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-36714670113,FD-35651288461,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: W/"c789451d244987df6815383a74c748e9"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1603818553593
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 032d5acf8b9877b36c8078e2a86a3836.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
access-control-allow-methods: GET
x-amz-id-2: XjrO0y5oqA0UTEJYsYONP0JLGMwhVMc0ZeFL/u/HS0Zcq+np8o6nB3hZstg1pPLFzglii1TWwGI=
last-modified: Tue, 27 Oct 2020 17:09:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoccSfLq7KZvakbpBIhRA8IbHPen5UJ6jZlghGGR9ygwdSe2n3HiVFXv2hS0%2FPlDJ1Fl%2FjlEooxl%2FcKD0HeusRwK1jdbtwjq65CNXy%2FegZV7VIPJhGhx7tv0lw26QjDPokNBWEYvCiN3QhnqUjcFYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: sJPPhJRtfwkomYz4StFq0KxvBmQZgdrG
cf-ray: 6be2bbc18be0f927-MXP
x-amz-cf-id: AW7UFvPpUUB5peeDxD09kO0mAsROYUhbjktZOUvN6gh4qK6HSinutw==

GET
H2 200 cr-logo-inline--primary-black.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 4 KB
5 KB 132ms
120ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-black.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e041cb509df34abb6a3ac62c3702931561a0dcbc2d683a5ad85adae7b88f15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-61141635938,FD-61141712896,P-3354902,FLS-ALL
age: 1136
x-amz-server-side-encryption: AES256
edge-cache-tag: F-61141635938,FD-61141712896,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="cr-logo-inline--primary-black.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: YHJZH82D6QR4TNRJ
cf-bgj: imgq:85,h2pri
etag: "0200a44af913040fda048d2ccd029463"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1638554372341
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 21c61ae7ca6a89b4d771e10f50d3df83.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PMO50-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=7847
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 3988
x-amz-id-2: WfDPPs9b98dpAXgZq/XDPNEcpGanbnHtyf9khPhDMXieVxoaLbj2jszxt8v6axAznysqDcsq3fE=
last-modified: Fri, 03 Dec 2021 18:08:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n%2FsfW6%2Fm3bIT8%2FPASwRX3rStuWPwHoSscJTuZq8shKrz1qqrgP3B7DGyaNhWqVYTDgdBGisGSImEPeF6ExL2qIewTwp49x6NOu0vXXcTK7k83yGPdYrjNylU4hDrSAB0nOYZmylC%2FaeNbY0nib4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1LngWEyN4tNEgd8xjh2XfYWtnwtSYo_2
accept-ranges: bytes
cf-ray: 6be2bbc82fd0f927-MXP
x-amz-cf-id: rVfPmKu2VH6CqdzYhyWhUtHiA65SNYwmQDUXBHBWXrKkBTfSlqisOg==

GET
H2 200 cr-malicious-life-logo-v2.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 69 KB
70 KB 932ms
920ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-malicious-life-logo-v2.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8cf126d75f99bd82c6d6628074ac7935a193951c7bc97350929f9433eb4856f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-62006917298,FD-61141712896,P-3354902,FLS-ALL
x-amz-request-id: 6QWEAFQ59ENPHDJ7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-62006917298,FD-61141712896,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "4f8f695cfdda0e2a9e41271fd3ef4840"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1639593687375
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 fbc8210d21f6d43d0666226a15960b78.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 71071
x-amz-id-2: T2qhfte/zvD0kBB7H7+L3Ni35MjUT0v4kQxulDiNnBPTzay9mBaD8P/xb3NKHd7RF5IYGJVWC5k=
last-modified: Wed, 15 Dec 2021 18:41:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aORdJsEjdlQ1fhLnF9g7Nfo34J2PEprEJZKPoTmrf5j%2FSK5XktyTjZLrNQ%2FMTEseLZnh8bv7pV6LN6MoUWkyK2QgZj%2F%2FfhkvQKfk7DRvGuWX3WPC4QoGfyj%2BgIyogMH5Al23epC%2FzfknE56Mrh41jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: FNursooMMi4W3ZximECaBRRsSVMItEjN
accept-ranges: bytes
cf-ray: 6be2bbc83fd5f927-MXP
x-amz-cf-id: ha3lwIXI8qtiPtg1bciFtITfPUdKijTjKNeMj5g2KMMHK1XsPK39rg==

GET
H2 200 cr-blog-icon--search-dark-gray.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 583 B
1 KB 976ms
964ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-blog-icon--search-dark-gray.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb7c3316ad37b3d3149422c5782cf05de60fd9e692055ecb82e9859b2b011b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-42360212094,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: 5WGD94PWXJ19Q81K
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42360212094,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "5285e68f20ece59da650da19c81751e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1614741596040
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 70fdb585c7383d8ef51284181f351364.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 583
x-amz-id-2: WVf+nxP08dNQhOWmIogGmlrsly4hfjDYRmCcfixENJ//70uLtz7oXXNDbFf9SS6TV5CbK0W63sw=
last-modified: Wed, 03 Mar 2021 03:19:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSjr2qjwryu7EmzS95SoC0LmEkqYWy8990b%2FRL4dVlsbx2H4%2Bljqii%2FyT3tKjy8I6ezudLnvbL3Gy9bJEMjFurSZcXoDo5d%2BwYxzEtx%2FJ9Bja6bY9wZOFVPJBZVaKYlMx6YdLH%2Flsn0xr%2BWKmKcKMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: Z9.dvET4DoUMSJH5gPgUuVYnyNsIiNYh
accept-ranges: bytes
cf-ray: 6be2bbc83fd9f927-MXP
x-amz-cf-id: MH5DOxTVAmjOlx9-FiqhGmUtpiMhj9XxWb8ivpOcTZmW3BJKMNZpdg==

GET
H2 200 Valak-Hero-5.png
www.cybereason.com/hubfs/ 2 MB
2 MB 1043ms
1030ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/Valak-Hero-5.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc06a84e4736309bbd566bfeec5a46f2844fb22b20480cd49a6297c61eaf4ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 d027cf032b23cc672770f5bbff1b93ad.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29835669592,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83fdcf927-MXP
edge-cache-tag: F-29835669592,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRKV6CRVYWN4TMZ
x-amz-id-2: +tro/u+pvRNz1U2vhLafx95pplk+k/Utwy068i0sPCWM5bCu4dwVXdyiFs5YdZfEfp6LSji6ClE=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 20:27:13 GMT
server: cloudflare
etag: "4f236857fff657b6885d39a353c35377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByIZraNnAfUKcN0NHqyUXlawI%2Fyz25wbuD33KIrXHKA5oYh2t57CWOs1oh0Fh2%2Fll07Um9WROYJ2S5VVnVhTXwHU0w6UKmbJwC6dxranIRx4%2B5sZT1b6V9GMC%2B%2FjGgYOdROOSmKODS3ZMUPIrnYtHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 1xY29LQttroIEOUfUx2gRBSZ7nZ59tiL
content-length: 2156934
x-robots-tag: all
x-amz-cf-id: q-ickoSbYMIzxhgVjBnDZjG3qF4yH1rYvWxb0epGUGyfeTjydRy5qA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 twitter-gray.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 749 B
1 KB 930ms
918ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/twitter-gray.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9db6465a204cc4186368b72a0ba4f063e64569aa4fc96e0f40c7ac69423121b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-44251289646,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: 5WGAE8MCQWKN92FC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44251289646,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: W/"5c103d0cd978b3a8d7ccab6bff714599"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1617243822112
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 03fee7f631e055be23b425b3d7dac737.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
access-control-allow-methods: GET
x-amz-id-2: XJKsAEQRXnUXxuwPZBC1TXVLt4WqKAM0+qm2+BVaVmKhh3cu+b5XQ30l1n3XJrpJtTo/yAGBFIU=
last-modified: Thu, 01 Apr 2021 02:23:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrKnGGF3W7TRU43Vi4Blae3TN5Kt%2Byt3nJUVDZ%2BxUw08d3AFOeMaWhJe6AX1TRlp2mBPAvohsqF6sxJdhyYa7nKyLYpYs%2BRKRz%2FlV8lYKGRjGburtLrVkCmDyhgSNB%2FHrzSo58VgogM%2Bo9tWVkr84g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: IqbJNdLSXrwowOx5nKBNqqtBOZO91Biv
cf-ray: 6be2bbc83fe0f927-MXP
x-amz-cf-id: BBfAhzGQeE4RRFLw2L8dpxZSjgrgaxJ7eRcudRnxEUgOICK4sQo2qg==

GET
H2 200 facebook-gray.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 372 B
995 B 933ms
921ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/facebook-gray.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82231820461c83d1b0966caae71bd2732bd89e9a910fdb90d193c3dca16dbc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-44251209055,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: 5WG09NVT2H6MW5A0
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44251209055,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: W/"8c22d0d78005c386bf29edacfdd2360d"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1617243822102
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 5475b042e714039f4c19ccee86e34aa3.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
access-control-allow-methods: GET
x-amz-id-2: clW7xRSpye16WnNAzbypzYWox68pNcPly098i9eQiiVEOwsmNRg3W45Ar/7nLxusQ9r3wYIePlw=
last-modified: Thu, 01 Apr 2021 02:23:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orIIdPKC4Qq%2F9L%2FM9uJUcrAgxMVzV2R74zK%2Bpttkvzzvk25SW33l9j%2BlbJNiS7hhBulgay7M0jypK9x816sojtOup8y9Oh%2FDNcpBm4V15KQAx2%2FPmdAfwIskGZtEPN8sQ2VS3rXNxKIBosWcF1k91Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: j7TMxqcLHA18llA46ti9t98ENVzeqi8u
cf-ray: 6be2bbc83fe3f927-MXP
x-amz-cf-id: z0bK9JC8RQZe1F_nM4jaWvfIjrXf7F7AHQJwdbZdVm-QJlNpyPDGfw==

GET
H2 200 linkedin-gray.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 742 B
2 KB 967ms
955ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/linkedin-gray.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12127e3110351f54262db955bafe353593dd58c89c7f6b6fc159c10515e93c61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-44570599712,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: Z0AH76868D9C6G0A
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44570599712,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: W/"446340b1a8e73ee28b1a47837a13fdf3"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1617758009375
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 fcd8545d1b62265bb65a45721c43e6ad.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
access-control-allow-methods: GET
x-amz-id-2: kmsTZz9t4wopPesOq5kzgSC3R0XyTsVBpb4f7HcrfP2J6y/bIGBxNAQ+uwwHpyGxJ6kXw3Z1uug=
last-modified: Wed, 07 Apr 2021 01:13:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcbDktoEJa8NGODVdl8Oj4iHMTBRP9%2BCFsLcOhjLpsk22p7r4I0PfPJVu3VtJyhHfPcIt77cGw8igoseI2A8Ia7OtIFIWMsZM4OiYqAu7wmL8qrzJgo%2FWBOzueoBpAp5Q7Z%2BPen%2BEVTR6DTTSlUsDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: cNQVyvptDzpT8RxIUtNpIf4tWlwMEFMh
cf-ray: 6be2bbc83fe5f927-MXP
x-amz-cf-id: 0k9h0z1zcWQkBatoh_s9ZGD4oWREA98kcH1sDCHX6n7LxK7IAf7iiQ==

GET
H2 200 valak-1.png
www.cybereason.com/hs-fs/hubfs/ 72 KB
73 KB 647ms
635ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-1.png?width=784&name=valak-1.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ee60ba23d21a5005d12f49d255f00b27c47ed6b7881f661eafd281413d834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800126735,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 73712
last-modified: Thu, 25 Nov 2021 09:17:51 GMT
server: cloudflare
etag: "5e9288c45dd98ef8a63bfb34800db107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAlPfy6c1pji4iVWlN9AtUaMY700AZWKKol9PVMg%2B75TUS5Jz%2FJPdEf0xogPLBiZw%2FwMZFa4JYHoOMY%2FLNRqlS2S2qJrp6xxAoWtG4jWzomSq%2Fx23pC10mGSNlM3RQndDIXCu8IQYAht%2F2fWA%2F%2Fe7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83fe7f927-MXP
x-amz-cf-id: wuvlIEjlAfDoGrTrKiSfMxFIhAyWILe14IumE-KTUbqhJmk0PU9aiQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-2.png
www.cybereason.com/hs-fs/hubfs/ 38 KB
39 KB 349ms
337ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-2.png?width=778&name=valak-2.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b865393cfa7c8e3d563d36d4a6bb5acabb407529e041e6d5c58ef646db8bca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56059.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800506198,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 39049
last-modified: Sun, 28 Nov 2021 09:24:48 GMT
server: cloudflare
etag: "b3718ec2f8f7a17f2896aeacff4ccb1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYltuf0x8u8EqJ6eskaqDz5wj5nkyqILMnxGUrv%2BZVYDwuKsZ7BLWLSx%2BVI%2FQBtyecBR39yTEwyDiLKJLdKjROm9uyxz7zEwqG5YkfYRMXqa1yDpvi2E64cfB%2BpCSq4SmKiCkhkRA3Ic0dA6b0gbmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83fe9f927-MXP
x-amz-cf-id: Fb3-DLn061jmn8yGbLN6pnX9NcnXwGlkMakeo2VaboGJW3xmXUgACQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-3.png
www.cybereason.com/hs-fs/hubfs/ 32 KB
33 KB 1544ms
1533ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-3.png?width=784&name=valak-3.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15b9e259259b31a0a0c2aaaf0ecaea63d2c825e0c8d09b3f0538e25dde39b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29800506295,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83feef927-MXP
edge-cache-tag: F-29800506295,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 9YVQSMA0K08Z4KTV
x-amz-id-2: R7sMTgy/Xcov08tkvRLNp62+pOGyj5+utn0bfAhXD7oHbrbeAHtWGYyL80KcV1xUR+CMLzIRHFw=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:38:06 GMT
server: cloudflare
etag: "24b865dbb122b0d5b22f233f46db8f19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wV%2FaFvrTr72I2%2BA60rdgebGvTSdqk7oMQjGNy524g00NBWdAeVRFCSJjuOcgA%2BmukAuu34%2F%2FWju2t9akJjoSy6sAe5HU5LUbe6LW7ZYR2phZhlKBCKmtgaI4X4Gc98wPycrASdDd3gI8LtRBVmu2gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: BdTxMPDwx8.aVlOrn6Hjm.ntw16djICj
content-length: 33047
x-robots-tag: all
x-amz-cf-id: fY8QjFiJEOXlaDoANro0ULD5QFdg_pP0yzEh0-7qtymZan75OscNcA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-4.gif
www.cybereason.com/hs-fs/hubfs/ 240 KB
241 KB 393ms
382ms Image
image/gif 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-4.gif?width=780&name=valak-4.gif
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a06dd8c689a6a52dcb00a0eaabf9b05609e98792fe24c12cbdbe9ad45747546

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 4ee1745ee3cece0fab563f5a32ba165b.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83ff1f927-MXP
edge-cache-tag: F-29800506347,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 246014
last-modified: Tue, 26 May 2020 20:38:44 GMT
server: cloudflare
etag: "48262a7354d3303c12b0d567abd74faa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR1iM73SiOTKAEVxjHP6Oc7XNzN2vOuOFf2viw%2BRZc%2F2543hXLzvuPpdzAKa2XYLYr7MdmWsPFaoLLAWgxES0%2FdyvoXcxgU8yy0AndMbsH52JJHvQmffah17IKMtSQUe%2Fi7kWa%2BEQwU1Y%2BBB%2BUl9%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: ibT2lre6o3xjQL2ebZHrjAyOsI5yfr58LW3nQDMnzebQIM8wG0UtoQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-5.png
www.cybereason.com/hs-fs/hubfs/ 90 KB
90 KB 378ms
367ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-5.png?width=799&name=valak-5.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32ab45c529a2f3f62c3cf64b7195cacb9a818f552525537102c15e9d4e33b55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e1.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800504040,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 91862
last-modified: Thu, 25 Nov 2021 09:17:50 GMT
server: cloudflare
etag: "95743aeac5ed64a019c96d6648ed659a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md1Ie32fM1q7OPTGdG9bZVPB2pD%2BjJAf00sxmLmPercKVW%2BkzoneHcCq9II1acuc9dOLB5gbkQwNXKhWlO5BDb3FoT%2BERNPZQP2QMXEHbFGpJ5irf15zfmctmLxXJMBnJ4B8ydjbHKGDvPbUHFEPog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83ff5f927-MXP
x-amz-cf-id: VAK_yzWve4S5jLR3riETP6XNsoUPv5vawOEseV9z5r6Wr5OqkGFeMQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-6.png
www.cybereason.com/hs-fs/hubfs/ 9 KB
9 KB 364ms
353ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-6.png?width=677&name=valak-6.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a9b9ef1e7b0e00b845a01494a94482ce95d5c24363f93e0e142e0901d0e5738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83ff6f927-MXP
edge-cache-tag: F-29800504288,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 8972
last-modified: Tue, 26 May 2020 20:42:09 GMT
server: cloudflare
etag: "eab786e68bd89a24452202dde8f18d9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ix8X%2FZQ8SwypWdhIovijTWlbLZ03x5MSdKdeVVztP1yDyrhhwbWKbEcx74oWdjLGdt8E01u0CVfXK9Z38IU%2Fd2DI%2Bc%2B%2FiG7inHaqqkAhLBquwmiZNzVzCazBpOCRw%2FjpIdutqNpn1VplzzMWtX1wfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: fGlD3gBKESIODl2AiZeXI7txmTLlJq686DZvEejgRPzan3E5UCRq2A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-7.png
www.cybereason.com/hs-fs/hubfs/ 27 KB
28 KB 1365ms
1355ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-7.png?width=793&name=valak-7.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4edfb8595e3ac241138afb0ba0ee1a43dfe72d5b6889c5d60c6523e8654a271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800506674,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 27813
last-modified: Thu, 25 Nov 2021 07:45:13 GMT
server: cloudflare
etag: "4a8f0d7f8af835ea9a3057fc30112c43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jge1DavsFUy1MMS5zGInNS%2BmFWFqJrAfZ1Az493frPvS91w3sEJ5n0yZ1aXMwhVVu0zBxZf0%2B0DnYThgTBOPhaw95DE%2F6XTH6r2Sph22PxixMI7RmRpWyGeJbZMShVGAy5ah0sUo2SHpFILSW3blg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83ffaf927-MXP
x-amz-cf-id: AcPhIVMcFsWsUbE8yaPIdpOVbiV9u-9PEQcV6PLkEmGPHvZWABwPHg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-8.png
www.cybereason.com/hs-fs/hubfs/ 25 KB
26 KB 469ms
459ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-8.png?width=795&name=valak-8.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f03aa42c9abd16b80a2c8746abb9d53095adea2e3e92222461c143f471851e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800702997,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 25434
last-modified: Thu, 25 Nov 2021 09:17:56 GMT
server: cloudflare
etag: "aae5b76fcab226a8137f2d7ffa509794"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDWJNnzBLX5GhiWvyJd%2FGjTXCdqYFDU7Z2gnxYk6wba5XUPijCbRMPdy6aiSaHxCtSNJUDGgDIv1aBW%2Fz%2Fot4iESBbAX1NmYZgG3pJ%2BoGTb1ZTOfxCwjH1VcqeEazkidRwcvmU6Wz3Mc4iXmfN6t7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83ffbf927-MXP
x-amz-cf-id: FY9IVYu8DEVKOszhi1f2fktyWk3Yb3GXlcPuSzwD2CuQWGXUnEdbrg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-46.png
www.cybereason.com/hs-fs/hubfs/ 53 KB
53 KB 371ms
361ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-46.png?width=787&name=Valak-46.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90afb44945c375f756e14a22121ab9ba52f6c65e74590a84babed8500165f459

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800504834,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 53910
last-modified: Thu, 25 Nov 2021 09:17:53 GMT
server: cloudflare
etag: "08a06d01a3dd6e7df6bf6cfdbbb877da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqYXUVAO9JqwYsGNQBNfLsC78Zae4l37QcPu%2F%2FmJvTcyPox%2Bv6L7aWWzbLKpFtj19Ak0c3xTjIDRgo7TAegOstDrNb2F8wTiG2mTxLyfXafRsq%2B5mZuljH3yhEHrsKrD4dGD4ySbg6xaPcyoCmk%2F2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83ffef927-MXP
x-amz-cf-id: 2fz94DpM_yeyUAP1HgRn2BtvHYx5KNE4BDbHGqOqGX9UzkMWs4znAA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-10.png
www.cybereason.com/hs-fs/hubfs/ 66 KB
66 KB 453ms
443ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-10.png?width=795&name=valak-10.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874bb052e7dd0496af71ff29da5ca6e2436ee44627584077ca56ddd9f701f748

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800504556,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 67329
last-modified: Thu, 25 Nov 2021 09:17:53 GMT
server: cloudflare
etag: "bcbc788a9f446dde8b2a098c3ccaa8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qc%2BsyVPyXXz9L85lCqki%2BA4Q2Xne743KdpQvsHx0oLwKMeWanI0WNXE6Foowkm0eO99oePZCKtEoyMSLn4oqS54hJrGKdphjgt%2BdtlOhzKe2WOLhXB3GogiVLRvnzvax4vokSFM6cN%2BYgvjvntNgGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83801f927-MXP
x-amz-cf-id: IByZmJ3kidm9njV3qjpdxLfqmjSLaVgyOhfUDWE_7le2eLk5IJr32A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-11.png
www.cybereason.com/hs-fs/hubfs/ 96 KB
96 KB 1428ms
1418ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-11.png?width=799&name=valak-11.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51be4699c1f6d0ac31b6e46802f4f7d6e02131dde182739e1bd00de55d3b8885

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 dcfd78c05ae02ba7df7f221cacf87f22.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29792828975,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83808f927-MXP
edge-cache-tag: F-29792828975,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRZ2CN4VEETJ1MD
x-amz-id-2: hrpaECl8iuAuIvPtMOdere76Xvy8pNCPMdUHjHM99gWcrx0Jfssce4vfBWy8MtO4G4bigV5jCwA=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:45:48 GMT
server: cloudflare
etag: "38bbabc0635e1e99b3f855815611c340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fwg9bfmLo80ApOZa5DE1qWh%2B1YLQXXu0UJ73N4H4EhrRZ1o6j9bI5HUdDreAERg0VpsipFNRBylbt7sRLkrMf8tpfHe%2BhLh2wLByrDl9htVxFPbOyI%2B9WCalQz6Px%2FZ762gFfh5%2F5DqOtaHp91EsEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 9ADyH10PujBGaNZfx2P74UtCegrDx3Uk
content-length: 97885
x-robots-tag: all
x-amz-cf-id: EG2QoZjT4wA587gxRo9gL0OC6oboPfa9Z-uFEHMYjaJ86X21Fi-dFg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 valak-12.png
www.cybereason.com/hs-fs/hubfs/ 33 KB
34 KB 1338ms
1328ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/valak-12.png?width=801&name=valak-12.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0187404aad265903ffc6dac965bc2f4e4d1100b6f0dadaefac03d27ce60a3745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 c920ea2f130edd74e94c18ea9d06d98b.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29800959806,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83809f927-MXP
edge-cache-tag: F-29800959806,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRV1QYPGQNGZQHD
x-amz-id-2: ElY9phaTyA3MqmIxLNdhWREBqqyvNlQ8u1bQKmvbQhvsZxLZ2HRCaQi6cUPV1nCmckjjM3TlL7U=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:51:49 GMT
server: cloudflare
etag: "fb8203523bffd03677a234bf8d589347"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEBKdCFuhDRfGVact5RZkumSVj6oai7QWJqcj3I7HGzNf26RzyR9cZhuqxWXNHz%2Fdd15eM1xVS2BbVMBzChKhLMk5fchhmmP27%2Bxwfw0qcgzwyP4GnZzurTauNMXkvwLjJg25GgKGZ96TSNPICVd4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: v4kAc5TjEQqVzALDfUzQZ5g2VkED.CYM
content-length: 33816
x-robots-tag: all
x-amz-cf-id: RqRQLOvOlYvL8ahlFR80sebg5Bi89d3iGGPxRvuDPynDmaYDE64Y5g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-13.png
www.cybereason.com/hs-fs/hubfs/ 120 KB
121 KB 432ms
422ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-13.png?width=835&name=Valak-13.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 466d394a20d85dd055135496956dd49c2a2005d12f55502678b2bad9dfdf656d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29792832101,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 122906
last-modified: Sun, 28 Nov 2021 03:09:02 GMT
server: cloudflare
etag: "cf6d265c65fb97744bdfcb170bb518cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RdkURQI1QPMzwHcW0tdzQYkAZ5D8%2BU6ctUA1MmIi06XG7IBLVC%2Fy6IMFYKafuoveeV1zY1Jzwx%2FxT4wJwd5bQ33vmHq5R9uMFpwjD0%2B3N1TyW8tRIKwnluQVAmhWpa0%2Bn3fPyZnyTYqehiViQqpxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc8380df927-MXP
x-amz-cf-id: UNzyxKn2VPsyXp-jbw7M1hKmYAyCh08mkiwKIWZOfh6ADZQm4TW4IA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-14.png
www.cybereason.com/hs-fs/hubfs/ 11 KB
11 KB 469ms
459ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-14.png?width=525&name=Valak-14.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23c7f59f882c33ed251242beb6d53ae3f0b351b21ae085d545ed36fd8e32248

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 a7a1b4c19abc42d237405ce4c4069f11.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83810f927-MXP
edge-cache-tag: F-29792869915,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 10947
last-modified: Tue, 26 May 2020 20:53:24 GMT
server: cloudflare
etag: "e5952be3ad22fba141f316117e1d54c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9OC0Hy7rN4b71dAE2y56I3l1zFKJgzLe3ZK67xAMh7uhfHMiYBCRbzyV6GylWyaTnrwcX8Y85NcOjhdEVMG%2FCOmwlSlY1C7P5HEkD0VxlmhacWiDsymBUZ9z6vop%2F3C6ARv0PlXH3CfeHoHav5kRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: uLEcW36F61c_5gPzoDc56xSpTVa9aBmABpygy1uZawWgf9_UR4EtJw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-15.png
www.cybereason.com/hs-fs/hubfs/ 64 KB
64 KB 870ms
861ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-15.png?width=822&name=Valak-15.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4b47acf268b1d6f0c30b0fc796c625c073600c4c5f8b9979f9ddbabbe9ad48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29792852761,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 65117
last-modified: Thu, 25 Nov 2021 09:17:54 GMT
server: cloudflare
etag: "a380a1ee8e8045869c5c6b98b906cecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFClEHB62QFnsprfJWg%2BlLjc9utz9Uk3pIiOQ5e8ZYVG5nsw2kiRy%2FOTmfjoFiMgjheKJL0SF3LgGKfzTrCgGfltf272MDj8zJ6hg9aPFg5Os1J7uxrxcI3NB6TiX9Q2RLVv0xeS3A9i3AZ%2FK5ugyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83813f927-MXP
x-amz-cf-id: 5XXPYvp5bzAs1dC_T_gVsdXl2QnOAIbQkv2k5leoW_n1Hsp3bzLorA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-16.gif
www.cybereason.com/hs-fs/hubfs/ 321 KB
322 KB 1755ms
1746ms Image
image/gif 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-16.gif?width=787&name=Valak-16.gif
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c2e4bab088925eaae4a38385ad599620fe3ad82cf313a59e42275c0b61d21a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 b4a15133db3a2b8a3148547f5267d170.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29792869992,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83815f927-MXP
edge-cache-tag: F-29792869992,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPMDDEW105VDRYV
x-amz-id-2: PyiZjyAvN17zG2jLPRC8Ufo+kXhJw3nHJb8WlYO93ka4e3im8Mgpnu7n2smf7lcdkgWFJGC8akY=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:54:30 GMT
server: cloudflare
etag: "99f86233f7db7c544f140ad514a21519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nut1uE7iA4UO%2FLBqJewDPpdiqf6bPV8f1YM02%2BWIKBSg1q9Oq%2FlTGKM%2Fr7gKgYsSOYfC%2BZUfFaGr6WN1ejulDHNw2bhau1QzY16gP8TYGFGXwOHJmyPTyiCm02CsqI11fh%2Ft%2Bz42DUlT3LjQ%2BI%2BP9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: suiL4FBJfZzMmMbPSPKplB748jjrfq6y
content-length: 329016
x-robots-tag: all
x-amz-cf-id: nmNLF9Uopb3ZSu2DuJSDlT1p7R7q3SSlyjRAdAEQ0Dv_Qx2w_IT56w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-17.png
www.cybereason.com/hs-fs/hubfs/ 91 KB
92 KB 647ms
638ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-17.png?width=858&name=Valak-17.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 509e3e4cd0a56f878d9b5ab1c529b559ec003c505ef4551796de673259c1a536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 4ee1745ee3cece0fab563f5a32ba165b.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29792829701,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 93001
last-modified: Sun, 28 Nov 2021 09:24:48 GMT
server: cloudflare
etag: "0543836d543a959b3d2a3f5e61c0b470"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a%2BGs%2B4SAyp3vRmDhyvF5mRrmz6u%2Fx2k0CllExtafXRdHPKDp4CxifZtfCOAqEEetUZ1FoPBLFUrsM0osZ%2FoAVVcYkGQJrwSn8C%2BXmMprvJd7hnwI3a4Km4oMYUooPdOFcSwAWzEJpd28VnHt%2BIwCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83818f927-MXP
x-amz-cf-id: afvY5O1314pT71ZBY76x85q3-1ADhVQ9r_utpKftcY8k32T9Hyfqxw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-18.png
www.cybereason.com/hs-fs/hubfs/ 160 KB
161 KB 1983ms
1974ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-18.png?width=787&name=Valak-18.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c278771cd7c327c84117834bfad38a97db978889ba5ec32aecdfcbd05a656ed5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:33 GMT
via: 1.1 43caad45fe33928cc863afe8f8e92577.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29792829765,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8381bf927-MXP
edge-cache-tag: F-29792829765,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPYFKNSK8S47X41
x-amz-id-2: BsICA7qvlBrqMHfnb3ll25xz6uG5BoC8xssDwaAQm4f3oWWVOb/L0XAMMog+q8NcRKHelZF3M0g=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:56:02 GMT
server: cloudflare
etag: "e5a946a4ed39d0cb6a4fd656c5df1435"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdAEScEQHYvic1y2hq5dy1hXit0f28rn28UDXLrwh%2F5oY20KQpIACLZ%2FGVhkAELjAJAylhjU7UjF9N7mY8B8HBI4sWNa14W8XCYFrSZEG3jMGdUevrkxdGc8AbEqSMpfKzlnbQMQXPrOWZ4fFJt39A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 8x5Vr2pkvL.GNL.Mi20mbi2mI8Lx_uvK
content-length: 164170
x-robots-tag: all
x-amz-cf-id: BnrU5eleDeYtfiYWe7gODCOsC-zL--nhHLXqAJoNf-0b1QA7UJ7OCQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-19.png
www.cybereason.com/hs-fs/hubfs/ 110 KB
111 KB 1525ms
1516ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-19.png?width=831&name=Valak-19.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f373d676c028ad1d152434937897bff566e9e1adb1dcf1b24513a38d044ac76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 8a18f55d51efc3ad7cf529879a3478f4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29792852989,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8381ef927-MXP
edge-cache-tag: F-29792852989,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPNBK81JGHS8QV1
x-amz-id-2: Wl0nBoouo2xYHPgg/suvJFFB6N1NCW9bv4j278zKY2mmhzga3vGxe/h0IPMyCIl09mbbTcEZlgA=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:56:39 GMT
server: cloudflare
etag: "3541576fa8f9597e1eefe41a966d129e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Alee1D8O9QIrf3VCut7dPtGut6sBhU%2Fd0o0wV47VGezvvRbeT2bJ3L%2B%2BAkOK8tPJtnCHmC82EkhudlIYN91gQRifBN1iHRanuA1UfdFFskWvCHhriVy8kh%2FA%2F2jDr%2BIGTXZkiYaMNzCTg34BD1hbdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: Dv2mD4d8jxlosKT.wT1pzCiGZ9YUNB9v
content-length: 112745
x-robots-tag: all
x-amz-cf-id: Fs7n1bYI5MqzFqmkzmaiYLayOOgH-b64dPeIRziluhqE8ZzeC3h6qQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-20.png
www.cybereason.com/hs-fs/hubfs/ 39 KB
40 KB 1422ms
1413ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-20.png?width=812&name=Valak-20.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64012cdd932ef13e83e2708af4d9b35bd4ac1416ca9473b7324eb851a2b93364

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 cbb1b4dc70fc5f87e7b215dd4f3252e1.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29792870201,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83829f927-MXP
edge-cache-tag: F-29792870201,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPP7RG7AC7KBKTV
x-amz-id-2: UtXkJpf571b8+4yw37bgCal5eXd4MsQ8AcO8rdZ/BIUhWU3kRKLaGhgH7h9LlfdDeJSMT/7ngGo=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:57:06 GMT
server: cloudflare
etag: "76d786773c297a1a709410b5de371bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7byDfxq%2BGUQTc%2BYvvBIIM9UP4uyUS58TCXJo22h%2BRiQXxfrWrL5cWwE9eK9Vk4m65fyNQ4TQsyYXSwoJY8Nzc5A6wDBVH0OzWZ%2BptIge3Sr3E0SVdlqP9T9V1lj13NYTxzNxnlhIVwPawq1dw2ntA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 9ZxIU5WCELzJ.kxkUKIXTJn2qAFRpI_1
content-length: 40344
x-robots-tag: all
x-amz-cf-id: XWEBJx2X-b3aeKWZwj-PylCuG-bUYtPMMgSHBGxqEPJISCudoZVWEw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-21.png
www.cybereason.com/hs-fs/hubfs/ 110 KB
110 KB 1138ms
1129ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-21.png?width=842&name=Valak-21.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d124f797fd1fd1c237f42df284ae0725a62bd2fd0549fd59e9ea226938f0f131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 f27399799a88e43e05ddb32625905f37.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29792870243,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8382bf927-MXP
edge-cache-tag: F-29792870243,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRSEVDC4W85QNQY
x-amz-id-2: FS0H3Nvc7ESpsgY/JDH+5rv4VeUJD43GoL+RUL7dZfr1hC4Nkyk3aBhNM9IneAhvzS324mU9hIE=
accept-ranges: bytes
last-modified: Tue, 26 May 2020 20:57:50 GMT
server: cloudflare
etag: "932f8ac22dba489c57ed378441953aea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXIT4XjGmOJjeLLzAjLSnttio2B1hqQ%2BqbIAYjkX4KVK6NlstOHeUTFGNuTIdo5zcn%2FrpOk4%2BF34LkU8VDz2LJFXHfaKIVCaEcBIEwZ9jKajLz8MTiFcq4OqDL0AmGcZac0mZeTvH0JY1J%2BXBO3ETQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: INsU7Vuz9rOoqZiuG6VM2Vm5HoBVJL.m
content-length: 112179
x-robots-tag: all
x-amz-cf-id: 4XrELX2zfomRUvX1GDVvGyZgf_Me-1GRi3LNL9wBzmlXbfhwi3Jhhg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-22.png
www.cybereason.com/hs-fs/hubfs/ 50 KB
51 KB 858ms
849ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-22.png?width=836&name=Valak-22.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 438769c80e34b84e797ecb4f4740158d9f56253bbc1cfebce0c59aaf04c1b355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29800960269,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 51267
last-modified: Sat, 27 Nov 2021 03:23:47 GMT
server: cloudflare
etag: "d086f5fb1cecfac9d11c75b56f0d8329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47AitUTg8%2FiKdLrFrsJOA5kNmQHv%2BOLXY2xVYFA%2Bx%2B7hWcLghcMwOpbl2w7JdEPXgjTXyPoK%2BZ9Ww%2FfNji3S2gAWCV1p4hxVe9IQxG8EqBZC0J0ROOO4nHPgEwEt5nWVxxnQmPdn%2Bez2X4Dusurh1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc8382df927-MXP
x-amz-cf-id: eUXWlr2vFe4N-XMcip9UBdpFHO24PrZrXzSfxZWVUw9x_fgyj6AIBA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-23.png
www.cybereason.com/hs-fs/hubfs/ 73 KB
74 KB 1486ms
1478ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-23.png?width=792&name=Valak-23.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c44b1bf97e8e11c656368a605c4c7740688c9fccf55bfd5fe2f13de5b5f620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 b17e3799e485082f3a270f6c4550e322.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29821835013,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8382ff927-MXP
edge-cache-tag: F-29821835013,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPHZD3TXKNGEWPA
x-amz-id-2: m84oB/Bn13/yohWW9/LB8UfDooCBlwq6BR4KryM5OOmVIM+VKpPHrbnvrBccHLQPQNaDcYqs2v4=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 13:31:32 GMT
server: cloudflare
etag: "52bb75fdd758402fe814fce59b8112eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGKy5jENCZxCuS%2Bb6fMaiFXEaBWUnFJ6Mw1ZlvzBuWwTFVfIdemUvaVAm%2FdXdBBLfphCKd75OIS5OpGa%2FBxvpYyk7M1yRxCibMi0GuRKSlvEm2c0sqBTTTJH3X3%2F24K5jF2d%2FYkcdP3RB%2BBLFaCd%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 8ReS2.wEFS3mwixwKZX48uEr_6mHBLQv
content-length: 74485
x-robots-tag: all
x-amz-cf-id: KVE2vPA8Ld8QYufvt-b8LoMcxoBBscJjP-avY10yXYh9EPeY4mayhw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-24.png
www.cybereason.com/hs-fs/hubfs/ 38 KB
39 KB 472ms
464ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-24.png?width=811&name=Valak-24.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeab2d464a59458f10747304223e23b90b41c656287cc7a85e06e4a77e1b8aaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822252497,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 38928
last-modified: Sun, 28 Nov 2021 09:24:47 GMT
server: cloudflare
etag: "42a9540b913a84a8bc46f6787f1eb797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvkdZwC3wIpMCNFhTORlOdBBpiYQhCz%2B1X5YL4EWZkNQOufGhyuAq5v1XSCtzZmoz2kNmE1w0hi%2BF4m7yTzoIUa4wVbok%2FyNXlfbr29QnxAyn0uRo9yzopjw8J%2BzoS%2FYfcCbtwUI6M%2FnjbA1KcaheQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83836f927-MXP
x-amz-cf-id: -kQs87ZTacS7i5X2VQW4t1kcAYN46HhIRHC19oOlsaJ9qdLFdrpvzg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-25.png
www.cybereason.com/hs-fs/hubfs/ 53 KB
53 KB 625ms
617ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-25.png?width=844&name=Valak-25.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f32653318cae3c5d724963003cc4757738fb9096a031a46cf14701241bf32ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 6f3546b6b501aaa8c1b4750231158189.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822152697,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 54047
last-modified: Sun, 28 Nov 2021 23:20:39 GMT
server: cloudflare
etag: "96a2437a26508ad1a26146f1e11e715f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T8oxflKp6A3Ydkqqzoyjn5uEUk1JSN%2F59QuHZcIR4%2BBIIRHH16dO1yfruMSCV5bqrbVSpmPamb5MZLCN0d8cJsoOTA%2BTJzHGz%2BCz5IkdUq%2F72lxpw3lM3yKBgrIP%2FGXvH%2BUwoof%2BcwiK9edqrqivw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83839f927-MXP
x-amz-cf-id: bKr8w9zy7tGagZdK9qa3UZ0mtwAuifIX6JT6mmqPEJtpkvpZ0ihqaw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-26.png
www.cybereason.com/hs-fs/hubfs/ 66 KB
67 KB 486ms
478ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-26.png?width=817&name=Valak-26.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371d7d61fcb6139fc3a6d7a124e98aa200a4397e2dfaa5bc749ecf0c577b4dd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca5.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822174126,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 67701
last-modified: Wed, 15 Dec 2021 15:30:55 GMT
server: cloudflare
etag: "3e71633e62a48da26e13ec7b019cb2e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcGVSghmCJbpK1%2BeZwO1uezzo4f7avWb7bVlW3wx7y%2FfxPk9mo98K0yePmhgIGg%2BHGnuhFLPXZbjgBFH5JNW8w0oJcf2uZ5oqpqtxMO%2FeDctvKcnRYo6q17pVCM7NPtFZLm880Bt%2B%2BJgv8RLTrshlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc8383bf927-MXP
x-amz-cf-id: ew3cus5u99sZ28zQK3mklFdNNLsSx77WWzVAiNH8fjOQpx96nTlnyA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-27.png
www.cybereason.com/hs-fs/hubfs/ 12 KB
13 KB 703ms
695ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-27.png?width=783&name=Valak-27.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a21965601cf53461e8b194087f8a15828d9e07728f0e6abbb58dbeac59246fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8383df927-MXP
edge-cache-tag: F-29822252754,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 12578
last-modified: Wed, 27 May 2020 13:44:35 GMT
server: cloudflare
etag: "7a06297b9e7c433208b1c5ada9416786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzAwlsmaGeWGKQuAi%2BLx0KO3GQNO1L5Ux0AlTRdkiKtYXC20yqU90OC7aFUDS9Jio52waThuQYBiUL6RqBic9FcmQRRlQAEzGWYcJqRSxbjvhqZcW7k6EkVbGVyviEJFYeQ5Jmgj1AkVqoCpy513FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: zBsqxECESzjsz2IQxR-MTNX1VI-A4IZt9Pds73se2n_3l6-6Xnbaag==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-28.png
www.cybereason.com/hs-fs/hubfs/ 7 KB
7 KB 502ms
494ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-28.png?width=860&name=Valak-28.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f8a16376fc58a7bef15158e27102c37d461897a3bc1e6ce8afb5b7e6f98dfef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 920629f47fa586ce02a1a1af8b626579.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8383ef927-MXP
edge-cache-tag: F-29822152791,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 6791
last-modified: Wed, 27 May 2020 13:45:01 GMT
server: cloudflare
etag: "476994bba81a8f71375b3b838269fa05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxIupVr%2FICgOn0GAYZB3ZH4C%2FUjbn1rgeCJpOMX9ODqtRHWrtLkruon81Co0SlbPvLARXpojGSRmayKqMv%2Fk90O01BdJfxYbQG3MpzKK3ZPDb%2FXjk2vvqt%2BezFce71mbfF%2BO3p15QX0vUsWaSl6M2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: HbP4Lf1pCaB_ygPr95u7_Mknlxx7_79_IpWijeJNzyYrhRdns7_uRg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-29.png
www.cybereason.com/hs-fs/hubfs/ 13 KB
14 KB 1819ms
1812ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-29.png?width=792&name=Valak-29.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8870bf0a64d39458b2e420c9d5306e37327dc78493f37c2c0d215d443589692e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 8dd9765909fe9494b6dd4a72ba9e7b65.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29822152845,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8384bf927-MXP
edge-cache-tag: F-29822152845,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPJGRS01MRS6W70
x-amz-id-2: OBtkhUEH0EQm3ZCFJcJvSCv/6aZScvLuK+Oag9i//q6GiTduFYWr+Xz9U2DHK9n6KDHTYMNM/NM=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 13:45:54 GMT
server: cloudflare
etag: "2d27c030cf20eb80233ac070ac773d83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiaUo%2FsWprTJ85ZXJ5EeViN2RbUWiDBq4XJRCNypN93%2Fw6eQKSQcQC%2BDQ6FAKE4TfRXpe7%2FBargAXowYypfDddzmVUhfe5qzwf4F0ZhGDXTeq7yvY5iIyFe55jd%2Bg1ylv6H9PUl5z71FznQ1M3VmkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: X0B1DC1w3spvicAjfMZITGYKyDK2ESLD
content-length: 13084
x-robots-tag: all
x-amz-cf-id: evd_z02FsF97PYURMBo9ief8K7b3N4dgZ86yIO9kDrvfGinXy2tIFA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-30.png
www.cybereason.com/hs-fs/hubfs/ 23 KB
24 KB 1522ms
1515ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-30.png?width=819&name=Valak-30.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a0bc814f10fef2510c4f118fc4803b6e6db6d3f1dabf89771d23d84f53c535

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 03fee7f631e055be23b425b3d7dac737.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29822601529,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8384ef927-MXP
edge-cache-tag: F-29822601529,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPM7XB1480ANFFN
x-amz-id-2: hB1KQdES/bLMO8bnT5YU+HrAM0a0DCNHrUq8ncewJoXR6czmGyFtRXfrbK7iensUVhqOLyNu3rA=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 13:48:10 GMT
server: cloudflare
etag: "9f02eb10a6eb6c28f58a0b8bbefc21da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl%2BBQucc384XwF%2BqJUajS7wRDLiV5kc8UXsWBUf47vYx3ZmcvY%2FpOTqeKbSiKlTFeRfbokR%2FKtEth4N48saiQ%2Br7lRJRF1Y3au%2FpPN%2FDMuGLPIVnkSUtbqdE9V5mNgi%2FqD%2FX8uCVZs31%2B6AsExnUzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: s7eQb6YF5pNjNuZaOl_VnwftULlB.VTA
content-length: 24026
x-robots-tag: all
x-amz-cf-id: 6X5dIPT1KOGWRDbxyzQ8gSYG2qtzE-QL7on8TDJ9WtGKSriwtP2uEQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-31.png
www.cybereason.com/hs-fs/hubfs/ 39 KB
40 KB 794ms
787ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-31.png?width=378&name=Valak-31.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa3b76bcae9ae9e6b616b51f6451d62a49f7f8a8fa2961c1f577169df63112d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 5e1f849553b1d58615d0d8f7c044078f.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83851f927-MXP
edge-cache-tag: F-29822243676,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 39880
last-modified: Wed, 27 May 2020 13:48:56 GMT
server: cloudflare
etag: "23502d1dbc5431da48ad8a7148465727"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6aRnnqYqoay8zIgp5aoDTdG2VKSgGNa996XNAT784bVPcKlVXZFo6R8HOkSn5LQayNXHF5E%2FNIiMencP5kg3IOf%2B7m8cC6xN%2BepybU8tpcc0F5DFQNjr29j5vW41GuQ2nRkPHyMgqhHxvwAhXBz6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: 273dfhAAUf3iuW-OenzO2B362FwPWGbBXh-qXmU0SDoSkKeWoebiug==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-32.png
www.cybereason.com/hs-fs/hubfs/ 63 KB
64 KB 448ms
441ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-32.png?width=777&name=Valak-32.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc175cc5f496a1790c3ec65d0f79ac4360987abe8c7124cbb9b48b56448d463f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 349b149961d8d2361c29d4be4b5847f3.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83857f927-MXP
edge-cache-tag: F-29822601617,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 64810
last-modified: Wed, 27 May 2020 13:49:35 GMT
server: cloudflare
etag: "6aee634c09dea4fa8cd141013359fc04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSaDi2EZlwUwOiDVdJOdFp3dTnn240%2BaQu8CpsbCF%2Bve%2F8t3nOLItklj9LV69WquxmuZEwyoSeJnk%2Fs8eFGomXKbetycqhEs5SE%2FZKgQRq5G6k2sYbbEVV8yIO2mrwbVOb4GIA2NrazM0D8nRFewuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: HvEE0QGzKBpDDW0-tvBs78D5GNv82Md9SJU7spDXotaIg59JUvFbUA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-33.png
www.cybereason.com/hs-fs/hubfs/ 105 KB
106 KB 883ms
876ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-33.png?width=798&name=Valak-33.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996d02a1dba9e22a12959ead6fa19686ebb9f02107b1fc78a3e5b3487680fe7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822601735,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 107876
last-modified: Thu, 25 Nov 2021 09:18:18 GMT
server: cloudflare
etag: "e15a956741c9afb26afb36ac9b7fe633"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bhk92yy8AEoCJJkT8%2BLlfs9lwPlyDHad3NO5FC9Lit6zK3pLnR5jXt3W4KqoYe6Eet3lIFZ1ncMuYw2nx5tJmqh27%2Bbir2SLhYWlRtgfswKRbVIEIRagRU8M6eXVtns%2F5o5v%2BHSYb71dYnj%2BLJ%2BfXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc8385cf927-MXP
x-amz-cf-id: ky4rsovWvx1X1lEr5rLTuzoD2zci1lYY4CjMsj3dZScMmSuHmSb7Ew==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-34.png
www.cybereason.com/hs-fs/hubfs/ 71 KB
71 KB 1504ms
1497ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-34.png?width=790&name=Valak-34.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16296e596f42ebc081cce736f5dfcf3ca001c909b659b9c305f45f06606a6e78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 57df6814b1514a53c272681e0f33a547.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29822258479,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8385ff927-MXP
edge-cache-tag: F-29822258479,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPHZ2AJ9WB2Z84B
x-amz-id-2: oWappqrAESwB2qZrI9JR5uXOMlQbSwavvtm+3QoNmRSnGKnsPDU6cZveQPjZ9MWHqENXCNMBTBQ=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 13:51:27 GMT
server: cloudflare
etag: "967fb303a24c4d8f6c2701f95b5220fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KorKFnwah6wl5gfFmraUbZUr0Ur%2Fzqk5ubDN9zTbh3NkicAQouPKghBof8%2BuKpMymXQeUhDJXHPitbA9TzK1VXG8tDjMcDswp%2B%2BcWOYKslF4h4vtaxUkMSA4aD6%2FET%2BC6ITF9kbWWQMGtdct7ZIYLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: aUmviCqX_tKWmjvwx3T_GXMdxwDZ1OhF
content-length: 72263
x-robots-tag: all
x-amz-cf-id: VehAFyX8T7PaRuKvvN3dRN8hzseSlykG17ENLGqWrGVRTOC_NFNU3Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-35.png
www.cybereason.com/hs-fs/hubfs/ 71 KB
72 KB 910ms
903ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-35.png?width=423&name=Valak-35.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97dee3ee495e4f1afdbc1cd7cb39ebdbabd3cb1d75f42ce095fcad1fa99e9ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83873f927-MXP
edge-cache-tag: F-29822174546,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 72713
last-modified: Wed, 27 May 2020 13:52:43 GMT
server: cloudflare
etag: "185dd336a42d2966b7e5e786d10b32b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aPvYp2BvOmk4NbRNF7i5%2FXTiq0mzZuSSSiEFOUoUeWVJ1ARkX72Tu%2BJx3zZO2OM%2BPAV6rKfmyyyuJoP7%2FGjevHE4VCEAhpaujUNKAF5QUZW9ApQ0x%2FFn7MMh5cc9s5cGKKMvRmcTyccMbOG5bksdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: Kg2ahMVMd8nT3kOhYfWFNKsP40Tsq-yQc1RF2XiVnICwI_mgajB14Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-36.png
www.cybereason.com/hs-fs/hubfs/ 67 KB
68 KB 467ms
461ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-36.png?width=789&name=Valak-36.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c78c8efad07ce7a5a21d2ff43ecb2328890e4d61e06c22c2ecc7f3527f1af3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83877f927-MXP
edge-cache-tag: F-29822601882,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 68706
last-modified: Wed, 27 May 2020 13:53:43 GMT
server: cloudflare
etag: "84fbaba3115cafe941b6bc35025f64b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FpWVFab7XzYvOHnUYOhNhMf4jFCTueXTNmK26TPc%2FwlUvXOirTSPqGJEoBoU7cERenig5X0TaowOhb2vBiPXN1Lo7BaKswHFhVZhiIrQLNN4ycYNWF%2F4JkeJiMRd6juSlx9tyedL2DQe%2BCwsPFwXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: r53WjU_dG3-tDZE6DBIMOgy8GNXa-eMCKCIQbcXrDXqFQ6ZrxJgD7A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-38.png
www.cybereason.com/hs-fs/hubfs/ 40 KB
40 KB 491ms
485ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-38.png?width=810&name=Valak-38.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc8dad635c949a90c5393375fd62853de7e12c22f6e7d95b2abcdcdadc5f4c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 3d65275b81abaf880be10de6f2c71e9b.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822802072,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 40656
last-modified: Thu, 25 Nov 2021 09:18:06 GMT
server: cloudflare
etag: "ca78f215805e400dbc50417e4f59900d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtafQINgqOQRdSl1Xz1IlCp%2BSZs2Q5AJIUy2vj3dxdnKCi9FR4uCPHYwFoOTIiPxvf9%2BjQd1hn0O7GfnXTQsEiF5uoJGsUNekfKNIqloBeWpypLj3%2FczvMspZYiloQqDGOMzsSQ%2FAFgX9og0r7X7YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc83883f927-MXP
x-amz-cf-id: mQnDJRS_oipIJDB9o85KTxOSTClyKaxq0KHoyFtK_-gUrc8QfBtizg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-39.png
www.cybereason.com/hs-fs/hubfs/ 89 KB
89 KB 601ms
595ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-39.png?width=730&name=Valak-39.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8380529dce8f5097c8864a52c2609a5feda6d8f8cc9b9ce3ac47c30c09b317ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 5148e372b4ab17878741ea92be548473.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83887f927-MXP
edge-cache-tag: F-29822802259,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 90751
last-modified: Wed, 27 May 2020 14:00:12 GMT
server: cloudflare
etag: "972087c8bd78de77b6bedcd632819d8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXDXkQY24z3kIQFJm3uXAno3MpWFcreFCT%2FOwLiW%2B58%2FuWUzCIc%2BkWk%2B5ZJxZ6aYMVuAf1YuUJEmO%2FI%2Fq48%2BsM9Q1IIbHypP0PN%2F%2F59vxaLLZixlOKfJmZYnZcHdHtwuUyIhrRAYDC9LrfMfv4EB8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: EX982Gc1lmd8HtWxS5Y86OPZef7yA1mieKzyz3UBk5rvndSIDXuBcA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-40.png
www.cybereason.com/hs-fs/hubfs/ 60 KB
61 KB 1496ms
1490ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-40.png?width=431&name=Valak-40.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3435ea8e0a22b4402b86aee2c20d86fc52d4ff266691be7bbe595e6d173289c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8388cf927-MXP
edge-cache-tag: F-29822802311,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 61705
last-modified: Wed, 27 May 2020 14:01:05 GMT
server: cloudflare
etag: "99c09e87f7f3c929afd60163aa6cd1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdp6uSI7Vb7lO5GEfs5gxwx6F%2BFoEiuK74TV9SAZO425tBOBHJI6iPd9t1Kp2p2xeGkW%2FFn6HOFMRkvrCvnXFsewfyb6OPtXYtoFiMytFqVUZN%2FrGg1B6NdSWuw2JPD3WgununLkWtJ%2F7Z0quGwgkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: ltOah6gFJvA4bGMdYP3oxSQGX9tkPNm2ngDa66ybimOAWh3XiR83nw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-41.png
www.cybereason.com/hs-fs/hubfs/ 39 KB
40 KB 1572ms
1566ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-41.png?width=804&name=Valak-41.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e78aa920659b720cf324d22d8fc497d09bfb072650acfd43c5189e1023a2f390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 8dd9765909fe9494b6dd4a72ba9e7b65.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29822602377,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8388ff927-MXP
edge-cache-tag: F-29822602377,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPPV1X6B8E98PJ7
x-amz-id-2: 2eJkmhbsrlbaxxNJYOZi+C+wSI70IlPX2E5vT+Xhgk+MAVcthhOfmDK8vpQ7HlH6XQNDeoHrPKY=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 14:01:42 GMT
server: cloudflare
etag: "6e1055c2b6221957d329cfe44a714b13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0KJrVPJvshzUvfK3HyCUdbmcte8eRiXA%2B3y2NmcxF4w1YXo5BQVLpsNo4udTn1tzH73q6ipahS%2BOil1CpDBpd3dR4xE6y9ooygyevzxcceTiYvEATv2aVPIcgcaAg9vMxU6rZq1mtiLakVL4dj2ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 4xmpk01Aw4tBZcmUW1E6EIUPhPgTr4wZ
content-length: 40082
x-robots-tag: all
x-amz-cf-id: aXpkM6vuYdsszQltuPqkMTm6yDldzwlLlJRBooJmyrRD9JUIO7MRNw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-42.png
www.cybereason.com/hs-fs/hubfs/ 68 KB
69 KB 1590ms
1584ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-42.png?width=424&name=Valak-42.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1329dc32b989df9f34a507fcb9d5cc08b8978535b4073e8ea0c69c22afe6be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e1.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83891f927-MXP
edge-cache-tag: F-29822175090,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 69663
last-modified: Wed, 27 May 2020 14:02:23 GMT
server: cloudflare
etag: "0af82a542a1c4850ae12d63f4f67e6eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnkW6cmxztZt7mejV3NmGmtCFLh1xO38VWYCYlzAFqYF3KNlIzohBDWBPlw0uVw6l%2FLxeWNMjxjtAraDcLyoIgYKtL9VXiZ%2FXZmOfv0p4SELbOGUa7RdTB%2BeRbf%2BUQ%2FbZZoKHUsuCNxMT5Fq%2FWgKSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: 4PrTX7Eeg8fHd14kHOfWgGOWFaXxqQTwJtMkxt_kbUObCLljmBuKBw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-43.png
www.cybereason.com/hs-fs/hubfs/ 67 KB
68 KB 1384ms
1378ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-43.png?width=720&name=Valak-43.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d62c8ecbad928763726e683c07fce5e3b41a91d5ceb23327b802d310d4bff0dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 57df6814b1514a53c272681e0f33a547.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29822825879,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc83895f927-MXP
edge-cache-tag: F-29822825879,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRKMT197J1KV7YD
x-amz-id-2: y0RtnNRQJzgitQVEHzybnuIfHpEJOc6BMhML9RlrLwilubcvU2wzyTerdaph5sJeVH5dkUTR6tI=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 14:03:07 GMT
server: cloudflare
etag: "4d39877f5a8c946405357878af522be2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSQIJ7E5fBzXpKhth%2BNeRP6JE9PQhrFdLag8gGrHScXwIPaHRFyVaMiOR1BG5aURZeJPrtWyXj1QRQwRHtIU6Ms8uHXhEahmmkC2mrtxhbbTzQbW%2FZ7egmF6%2BV33Mr4YckMLKgwYRkgUpi327hDdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: W5vr7w6sHRqvjw3NU253cOoF7czcRStE
content-length: 68374
x-robots-tag: all
x-amz-cf-id: 4fVp-LdFkZW_w-U0r5cK13i2G0L6SBGUzrf5A75YcW4Am_o9pvY30Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-44.png
www.cybereason.com/hs-fs/hubfs/ 54 KB
54 KB 2068ms
2062ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-44.png?width=834&name=Valak-44.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd4716b9e24e02f14e46229f383fa0c0bd3305d4cd93a25b7c235e43799ac3c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:33 GMT
via: 1.1 a9eaf6e9a69fa6a7e0ae6b0894db715a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29823018858,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8389af927-MXP
edge-cache-tag: F-29823018858,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 4KPSPDZNKGN62CQX
x-amz-id-2: GTCjYWN+O+XKA12k0yc/cogiiHhMIoE3MV/jaCd5+ShyWfvAf0HXYB/sHOw4GyT19WfFcDdwHeM=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 14:03:37 GMT
server: cloudflare
etag: "47d919d0e5339fdc33b3d95c3900b077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkUd8ZZxcGETpk%2Fl9wZY5dXekQQ4X%2B9UMbgVBP5vx%2BgoJZNA8g6HgQQz7mQGjPu8%2BB954KoVzakk9L2ltNDa%2FjyncJWOOlfrIqMzMypQwFZxbTvMmP1HavDECXwbO5wi9ONqKPqCNKat%2BM4%2BO1KglQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: qoPAUN9BlqJyAWTeqHTYSkn5JoEgqbBA
content-length: 54867
x-robots-tag: all
x-amz-cf-id: idSyhK6J-cqKDL7PXUirNLtolD6T9pUMr51-wCeHWmCv2P1syqRsLQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-45.png
www.cybereason.com/hs-fs/hubfs/ 37 KB
38 KB 1432ms
1426ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-45.png?width=829&name=Valak-45.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2a361503e5af77a9fda0e38730101333d05edcd29741b6429743ea6e7559a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc8389ef927-MXP
edge-cache-tag: F-29822825973,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 38234
last-modified: Wed, 27 May 2020 14:04:32 GMT
server: cloudflare
etag: "59f43a21762f36b365c95d0aaa2c32eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qp%2BxfdGY%2BcszPG%2FQrnbzI5Qtuy23dCG%2BheH0H%2FUW%2F8dZbMcbOojYOp4zc5BuMephlbB%2BFTuZziTYwdZZc8sT1lUvvEHbGdwjrtFvrckV9ilHYT2%2FHPaKSS4CcZyBiiZXQuDlR618rXmBjf2TjsV5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: L1--sdMDW_Yql2GbeuAr7Hka6tndKwRRQs1yigm3WXxTMcORIVczlg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-46-1.png
www.cybereason.com/hs-fs/hubfs/ 56 KB
57 KB 470ms
465ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-46-1.png?width=824&name=Valak-46-1.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ec3ee440081d7e6941611ecfd74f881b68f6f420ae768c073bb5a30bcf0249

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 7afe17509cf46af31fd4ba3c3d932fa6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29823018930,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 57745
last-modified: Sun, 28 Nov 2021 23:20:44 GMT
server: cloudflare
etag: "1e30804d1ba25e126e4a31167a04824c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XS5Z5oMSlBgrbtlnlkdhPz%2FBGeOFVjZYwKL7rBD5lJJVurlmsdCWFYhpNm%2FGSidBUxEv%2BodOqk1hDGJmGUDB%2FsSloeLJrye3y0siwV376uH3FYhKbv5LqOuNi%2FQhNhomYZrunzp%2BOPpvTwmygdNOyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc838a2f927-MXP
x-amz-cf-id: iMdvWYSAh6S6MdpV-HzzqYjaOQZHOxPvmBDtickItyrqcjarXbMkQA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-47.png
www.cybereason.com/hs-fs/hubfs/ 66 KB
67 KB 487ms
482ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-47.png?width=845&name=Valak-47.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d97ad2d1c4f2074aa5d6212a7fa5520803193da184052f69d550ac6c16d1e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc838a6f927-MXP
edge-cache-tag: F-29822983693,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 67864
last-modified: Wed, 27 May 2020 14:05:51 GMT
server: cloudflare
etag: "22d224749b315271245ad11f732fa83c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsleJRomxRWX%2FGarkydj%2B9TRz4PSMxpx2mrJV7LtoS%2FMX2XET7J%2F7wuiUWPkKQ6S4f22tDuz89f6hqqEjt6av4ABGKik6J8HGrXfDgbLwY6hBOEIxgTIvVrHqEltNmI%2B%2Bx4ZrlkIUBUW0xjJCxtHCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: m--YNKT0-w7k_efeh22gRbIp1CY3wPwJjBfOUE-QsbUMB9V9VkdRIQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-48.png
www.cybereason.com/hs-fs/hubfs/ 48 KB
49 KB 1420ms
1415ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-48.png?width=838&name=Valak-48.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b835cee12f876f7f1d54d3c3de53c2381fe7489fba360c6e5df216ce771e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 71f808ad45a98980e167f452a2aaf882.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29823075786,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc838a9f927-MXP
edge-cache-tag: F-29823075786,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRHX7FT8RD4ASMH
x-amz-id-2: zru1XBqw57aqM8OaBuhFvZxQgF/YDkS0evcYauC0mA9/gay7eDU+Mpnc4s2XnNN/bJqqXcnxkJo=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 14:06:05 GMT
server: cloudflare
etag: "bdd3babffc542198edacb8bfc8440446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK3ftyb4o4tUb8Ysj53%2FzlK2iCME9snTrCehTrQjfL3VOItbgU540DNNmzgXWjINOHqYIh38CM20OONuRTPeWvbIbpw6%2Btt9O1AI7BU2AP%2FHryI7Qal5L7P2BR7B8sghNvsDBvGszDAfUL9EydOSig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: .maP0oDhc.7m6DUQJ31aqC3cokNH2iow
content-length: 49419
x-robots-tag: all
x-amz-cf-id: z7tcL-N90OS6G27lYtYrsFQ1vd5taRNlztKYSwOJRYZAMtnVuF8nAQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-49.png
www.cybereason.com/hs-fs/hubfs/ 77 KB
78 KB 564ms
559ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-49.png?width=822&name=Valak-49.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9204ccee4e342d8d594ddb8e9d22a9d3dd469c766ccd93fba35b1b71300770b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 615f410a3a080a335933e9fa08c15261.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822802674,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 78799
last-modified: Thu, 25 Nov 2021 09:18:06 GMT
server: cloudflare
etag: "8dc78c53c570f33c7c36e5e26997df4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWCa%2Fl5El4m8UsbdQMMkUCl%2FgWM71VU2EV2te7fe1Rndkhzt6LR2SFuZE4nmMosUaPX23TeY1RxPtwNJJqKfzRDgS3axXtTMH4QBBROaIZ%2B7Q1q1DbCVY%2BCpYtfhVw9fkCg3LlQvlz0LvYrpB3HTXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc838abf927-MXP
x-amz-cf-id: VcDsfcpJk_B7mWWNvhg8-EZjlwdWTcpWLeDHgoqoI2mLdKDwxBwOVA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-50.png
www.cybereason.com/hs-fs/hubfs/ 206 KB
207 KB 663ms
658ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-50.png?width=799&name=Valak-50.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809576ac31878ad8fbd13acf4ce46a6be0239ba19cf43fc4ae484fe008bdcb10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822802711,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 211242
last-modified: Thu, 25 Nov 2021 09:18:07 GMT
server: cloudflare
etag: "fd3d29437f69c48b26354e90d5b3f7e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB58Yyb1OVCnJdo6ng39ZGh1EzH52LMlZeGwayk3mlWG8kH1a19aSmnh36eAX%2F1h0KHMsya%2FRu1ImCah9TYRtW3EG3%2BsDrY1ka97Paq%2BViNCGWt2Sh9GkO5U679hilkLZJcJRtEjzxaedXtPP6ZpqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc838aef927-MXP
x-amz-cf-id: grmR-UyeDRrufPtiqubWrrswUScqn7v3q0e3y-v4KpYccTOQeUqHGw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-51.png
www.cybereason.com/hs-fs/hubfs/ 23 KB
24 KB 1416ms
1412ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-51.png?width=805&name=Valak-51.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5170dafa42d3393aa578540b806c68c9655d42cf4a34e5c0b5ff2f50c38821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-29822826179,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc838c4f927-MXP
edge-cache-tag: F-29822826179,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: JZRSJ8BBK0A2TV7W
x-amz-id-2: PlI6uLImP3M5LlaVtFZtPzqv8h2K5s90jid0ciUEx370L56wSh2uID5vQQnu5fT7KpRrvHDhVvo=
accept-ranges: bytes
last-modified: Wed, 27 May 2020 14:08:16 GMT
server: cloudflare
etag: "e5581f269a3f1c272db5b6e622afa09d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GSwQRvwngnLJ4gBrU07cw6E5CmxCRjsv%2BIr908lkvkWigG1iot6bEu3TfcDjFSW32TszoNr77lQfLXDm9kMXKUNFtd75p7YU0lT4lJXUg0hvGQlBBIsMTvnOfAwfXRO4i6l7fviquPnDECoKyNCNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: Yusa8vE55bw1zGYDjv5IV1dP4ZrSWFcG
content-length: 23585
x-robots-tag: all
x-amz-cf-id: ZjUSN_-OV-7ilTyJ3mZPs_TelzV0BpjpqkFsoJULQGsFX75BoUobNQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-53.png
www.cybereason.com/hs-fs/hubfs/ 11 KB
11 KB 642ms
637ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-53.png?width=251&name=Valak-53.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df7190cf4334bedc912330fbc4b3bee340bc60dd057ddb9bbb07ffa101a35cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 68261aebcfc232344da2ef3bf1d3f9eb.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc838caf927-MXP
edge-cache-tag: F-29822983830,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 10844
last-modified: Wed, 27 May 2020 14:08:50 GMT
server: cloudflare
etag: "20bf0d82167c8e609779dbbeb1a385ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVVGgNfT3SsmLQE4qqNfx9%2BOD9C9%2FCqwoc1k9%2Bt2OcDjENRCEKVjpge29%2FxdKBrm4Wjz7ymkCBcWHuKIAhfWxIJXRk64w%2FGfpbFa8Z8TVACyTsRHYVIxo6z3RZiwo6025DSxfu9v6BuVk0WdrnaZDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: YxZ3ogT5H2VWEqs0l3nuNyPW7YV-qYJNjiDki05MJC2714P900rUMw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-54.png
www.cybereason.com/hs-fs/hubfs/ 62 KB
62 KB 661ms
656ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-54.png?width=778&name=Valak-54.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29cb598eaea9ca58dbcac5eaf696895f96975dbf32bc0bd9b7f87e61b572754

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca5.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbc838cff927-MXP
edge-cache-tag: F-29823076003,P-3354902,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 63040
last-modified: Wed, 27 May 2020 14:09:28 GMT
server: cloudflare
etag: "893497062770976b04bcdad059631bb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnII0NR%2F8YdpjyJyM3WhvgkVb%2BtNppezFC6df8bEJRD5PxJOfme4Yfc1qQeNYwfXwWNZ1bV7nIRCo0QOpFyfKa6XtxlhoB5pz5VUzlevzUv%2BZtl5WSVAhEoJXjPgbmrBKGxFKUJMQpovXFzyKeGo8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: yNd8hFS1PfHuJ--SHwvWwntMe00zsc-ibArpUv2wV7sHuOcjBuw5QQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-55.png
www.cybereason.com/hs-fs/hubfs/ 69 KB
69 KB 618ms
614ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-55.png?width=644&name=Valak-55.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1a7004d4936e7e0f20ed0bed2e766c3cfbf20a7c20adfd39580242271d14ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 bfba2464a75a65b0c6568afe15f68b4c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822802861,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 70316
last-modified: Sun, 28 Nov 2021 09:24:47 GMT
server: cloudflare
etag: "29ec9ef0b006c18db7d2187951e35366"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ0L7jRoWuhqWp7Ozu0XUQl6oR9m5PfcDc%2FyzDPuEcA50wXN03tuCG6wemY1BryudxIXIuEiZAze26EiBPTbnBdleOzB6hQn0oqnO%2FLLGiO1UuFf%2FjeraLzR4CAigRvU8aZ5BOIL%2F19tasiQOWkNaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc838d2f927-MXP
x-amz-cf-id: 9v0X8Lsh8qOszijwpeZJgF6sq_sbs5JZ-tPZYAo8NsxR2_2UJQ9fwA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Valak-56.png
www.cybereason.com/hs-fs/hubfs/ 50 KB
51 KB 900ms
896ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hs-fs/hubfs/Valak-56.png?width=644&name=Valak-56.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 209ed113e72a399e9f971061807a1c7e2f2317709dde108d1dae8f2b737b5530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 e418fd5667de46c635f0321ea814c2e1.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822802895,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 51277
last-modified: Sun, 28 Nov 2021 09:24:48 GMT
server: cloudflare
etag: "02c5f7f1e9b4870a32da193b80ed0822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT3AiogS6ox0Y4hgKlOo0bNrxcVn08ly8lQeq8UL99riGy%2Bngm6Ceg%2FUQJYCziG5tF9o5Zhr6m83dDdIIoMunNW310etAoVr3a6KXz%2FrOlN7j7Z49sAJzpvkd4nyNfSlLWypt8342DB0bhQW%2FphzIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 6be2bbc838d6f927-MXP
x-amz-cf-id: K1oM_2CehuEhl7Jo-c7cJ-Ur-ShpPCJoUa-MLHRBx6C8ijqtNwP6tA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 CR_Owl_Web_Mono@3x%202.png
www.cybereason.com/hubfs/ 18 KB
19 KB 834ms
830ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/CR_Owl_Web_Mono@3x%202.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7eeb2760475a956e132e38d772e4a2201db7d7e653ffaccd9a63905317acfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-methods: GET
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 8dd9765909fe9494b6dd4a72ba9e7b65.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-11216732180,P-3354902,FLS-ALL
x-amz-cf-pop: MXP63-P3
edge-cache-tag: F-11216732180,P-3354902,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 5H7N0G2FZD23Z720
x-amz-id-2: B8XvPGJvdcWS0W71dWOxuDsBOl1rEUgKkgZyDXK66Ss0k1DciYm4AvRaqM0KQ42WgKL14Sja1gs=
accept-ranges: bytes
last-modified: Fri, 12 Jul 2019 13:47:40 GMT
server: cloudflare
etag: "5830fe3ad7045c6e2f662e6cb8ea7db9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZADsv5RaQpyqRDgxO0IgJu3WKzhj0UDHG%2BRrsMxhlTALdqJAxh6soIyrl3AmTiT0yikte3IgIJblThrjvP521WKSHJ%2BIQdQuo188FRS%2BixbkyfXP%2BxTY3VknR9mRmSnfISn7rR4uzGXQNqNqhAuz2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: nZ4bmwWnKhcTbz9EkpvMbukUoI6WISi.
content-length: 18281
cf-ray: 6be2bbc838d8f927-MXP
x-amz-cf-id: 59f0DgHygrf61cjOWqxXuKFpMuOQfJtVykrNTbfebsR5Po83LlK-1w==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 icon-social-gray-linkedin.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 228 B
986 B 1085ms
1081ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/icon-social-gray-linkedin.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a45ea5b3d2f06d7dc15fbbd31895b161abb6c6803eecefb7916d109ede06cac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-44556752913,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: Z0AS3TDB6PP9VVGK
x-amz-server-side-encryption: AES256
edge-cache-tag: F-44556752913,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "5b58aca254cf940946a8b643ac56bc3b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1617740300009
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 483fdb1ba41b89c2c2bdf32814003bc0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 228
x-amz-id-2: leCLH0M69Ftb0s1n7c+i9OKZbgF71B4ccwQLUpBq8j6SKzhgJ4CcIVeKnC/lh5PGvgfk+2TrLAk=
last-modified: Tue, 06 Apr 2021 20:18:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oQNrDO7KtSPM2QLE%2BQwiOcoUw%2BpSUQ4887m8gmENhZ9txI3zlIX9U426%2BiNFge47Fk%2F1BC9sCE2gtUApXav%2BVB895mzhqjMOZZ9R3I3Dd0Rlv49NLlA5b1GYXtK5ld9xOOnYJt1X%2F81RCWIXi6J0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: QKZGjr11n8RfLL1jJfRJGaNCWnmOz1y4
accept-ranges: bytes
cf-ray: 6be2bbc838daf927-MXP
x-amz-cf-id: cMoAC1eoiL8fVpzC6ZDYmw82GGIOPqP7GWegJZaVN7qXsx-e14ADqA==

GET
H2 200 icon-social-gray-twitter.svg
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 749 B
1 KB 729ms
725ms Image
image/svg+xml 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/icon-social-gray-twitter.svg
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9db6465a204cc4186368b72a0ba4f063e64569aa4fc96e0f40c7ac69423121b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-43294710828,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: Z0AZPX14WQ8N383H
x-amz-server-side-encryption: AES256
edge-cache-tag: F-43294710828,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: W/"5c103d0cd978b3a8d7ccab6bff714599"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1616007053027
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 d027cf032b23cc672770f5bbff1b93ad.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
access-control-allow-methods: GET
x-amz-id-2: +DH2L36DYmT7p9L85IgZ3AHY3ze15jigh2YlSMUH4SYb7zuwwyNqT6PxpEAryvhrvWMBeAihpaw=
last-modified: Wed, 17 Mar 2021 18:50:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osu4GNEqBULef9oT%2B771tZIWYli9CuKuIUAgcZRD9mO0V1oNDcDSyfRkSrcqtkZw3gyWr3QiAMimiaI2xzU4UZHQ%2BffyyjBlZilLJTYQ5adtAy5gCdSpZHYyix7ku3ui8QKRH6Htgq26ZXpnC0y%2FqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: NF3dgF5tFLaoFoVElEGWcy105X0OE1GX
cf-ray: 6be2bbc838def927-MXP
x-amz-cf-id: XVy7kSflYJw4iOPffYtctIv0Uey8YXeQarg-9tJ1hBKJjTbDfXeeKQ==

GET
H2 200 cr-logo-inline--primary-white.png
www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/ 4 KB
5 KB 204ms
201ms Image
image/webp 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/logos/cr-brand/cr-logo-inline--primary-white.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88badf53b16ffe06a7c8c98815c8cb08635b4037feef05703226fa5b7c63a1fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-61141712801,FD-61141712896,P-3354902,FLS-ALL
age: 1429
x-amz-server-side-encryption: AES256
edge-cache-tag: F-61141712801,FD-61141712896,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="cr-logo-inline--primary-white.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: Z0AJPNVR6RZT4NXK
cf-bgj: imgq:85,h2pri
etag: "9fa007f86be3dd9a921a2d00bf86f36e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1638554372317
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 86e0eb6c8f3eea90e0cc2d99e58af96f.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=7930
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 4000
x-amz-id-2: P9zjySSCp48ktF2/GU2VujxbxWEEWxOcCilCL5+WdddlfkfWT8US+mZdfNTwaD5uNzUYnxBuNcQ=
last-modified: Fri, 03 Dec 2021 18:09:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZRXGZ4KE%2B4psj0HtAmwFtLHVmf5lwp1IfkZQsqcpvnYrh4MXaYJ71qqPEn6HymreEsCvGHSABKwVgBp9Wq4cO1sngUtmbxQPU5QZTTOXOeipyWYQrpn6SlfNOzEoYvQ54%2BHmLv2CrEHU7kCZMSdqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: YS6Z9S9WF8IoNxSZ1bGCzUOTOXWIngsY
accept-ranges: bytes
cf-ray: 6be2bbc898e3f927-MXP
x-amz-cf-id: 4hr0TnpCQDblArFTwpv_WudlxNdvs4ZBB4T_M-FDoMteno0RrW01Rw==

GET
H2 200 animatedModal.min.js Show response
www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42507089303/1635957561725/__CR_Web_Platform/JS/animatedModal/ 2 KB
2 KB 654ms
653ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42507089303/1635957561725/__CR_Web_Platform/JS/animatedModal/animatedModal.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1829207304c9dc4a4d3f08067a1f3024ff0d7e9c3d305259c4997212f6831839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1635957562075
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 5HQQX4D64PFA317R
x-amz-id-2: UtljQ70EnAmQatXX4AnOObaeHG+eXmzWKt1kCw1d4gZEKEHJD91HjPdf+K3g8LCNCEhZuPFB4NE=
last-modified: Wed, 03 Nov 2021 16:39:23 GMT
server: cloudflare
etag: W/"f35838e13927a0179ed36cf22e7425f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5joYFivxxHhVGb9AwhjcFetgoMh5bfIEtVRTinKssCx1%2BgzAxiXgg7IrenkSKvYIzrd8IBULozeQacRyacveyLTP%2BMQWCdqkb7Z%2FRQFB0cG6veb9S6Y8DbConjE1pOSCjLjwtG98%2BXOHEttb3rQlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: sUn30qz.L7UoxnDEDTLa6G7wlu2zLGCA
cf-ray: 6be2bbc7ff58f927-MXP
x-amz-cf-id: GsqS0au0rNV8fGhsGmBNa0WfR8S_hfkLhZzEhXakPvQSle0tLJabcQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.js Show response
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41681847227/1639157133156/ 374 B
1 KB 705ms
704ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41681847227/1639157133156/module_41681847227_CR_-_Malicious_Life_Network_--_Tier_One_Header.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119bf322a2ce6d2a82422b51404bc54b375c881f12a120205598d1691fa48820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639157133156
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 0VTTNA5JFKX2Z2VQ
x-amz-id-2: WYVXAiTMT/D8rOgdP/9pgaZcoVd3ZzVDj8hxwFurgkkdhaJBbg2JU74OmMKBJdDq9hBoSgvZr78=
last-modified: Fri, 10 Dec 2021 17:25:34 GMT
server: cloudflare
etag: W/"1d7f81aaf24568ea5d90a82b829960fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZb8%2FaNV1uXK5Ezu4ogthrj%2BlsMsElCarkFzqr8F9%2FPvDYSVE6c43MV56xCBJ4o5Rg5vxd4vu7NCmnJIf1yWjCMUOYMtk8NycZ6iai4lx0sqfPJe16fzd8WU5jV38j9khmGCWqiSVAgqT%2FAsj49eyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: 4f9LeZ6rvWsjVH0iS1m2JXCe38h4gAAW
cf-ray: 6be2bbc81faaf927-MXP
x-amz-cf-id: b7VCrglCFX1ogvmrNjW1Ls9vlFOnBHa2-7PkScg0Q_sBQLVu8Gg1_g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.js Show response
www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41682410610/1639593716292/ 305 B
964 B 347ms
336ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41682410610/1639593716292/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ba9d76c09ad6dd52135d52c368f6d87ac40b5b4ce418e41a105fb221c7e470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1639593716292
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: X3SRZZ7QVC6G1X2Y
x-amz-id-2: tNXs4FycJTtrBG4F5flJBTwbQabwn6p65EOVcF2gCN4f8f71zxTnXzqEts0BF62FBAc3ETiQtg0=
last-modified: Wed, 15 Dec 2021 18:41:57 GMT
server: cloudflare
etag: W/"86f1ecf1077302d6bd359676a0142438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4KUGN4f9iEShMAgjoShJyMhRiceRBntD15LyMaiN0LSyeixjcRakWBQzvuhjtLKw4RwSm0k0babAQIoOgGErgGQW3uAFgeeRgXwXMdJbGOkKgnMtJ3%2FGrl6IHxYA9WM5k6txqK4P9kQfqpXUhsVcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: NkFs7FnAegbZy35heByAi6S07WGDW6jv
cf-ray: 6be2bbc82fbbf927-MXP
x-amz-cf-id: V0eSHkH_K4vUqYlUgpoBjHwUhQviy6qQel7MVeQ7_rECFVjXDNzNng==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 3354902.js Show response
www.cybereason.com/hs/scriptloader/ 1 KB
1 KB 273ms
269ms Script
application/javascript 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14bde8a9ed463ff343937368555105c6e2e25bdefcccf034593b295579fe2b73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 57de5d07-e610-4476-a49f-3d4ed9dab048
last-modified: Wed, 15 Dec 2021 21:19:02 GMT
server: cloudflare
x-trace: 2B9213DC3639F5DC991D6964655D01429A2E5FE8D7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYlKA2E1wYw4Psp3O3aO1GNbZfZHQVC05MVxqwzVxDYYFDtZ9SPoVDBMjJwNMc2xtl6rfiGHQgzNdfeQ8YT81EKhOZ9slgRh%2FTJZpFwJmHwSrO%2FlHTmy55DFsBjQc%2FlOZJ63dKfx5mmzro557zcMPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6be2bbc898e6f927-MXP
expires: Wed, 15 Dec 2021 21:24:31 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
4 KB 33ms
31ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1123653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48t6sQ5NpfwFHSWUnHVfu9P2MvZrLqkr8R2SzQF6l0GqvbREaT22vHjJR7y9qoemVr9lHRRX8LlyLwLE%2B7kozIfNNf%2BLg7chpSKCOE2kObcrpFa4CrjH9JrIMzNlQ4x2%2B8Eniw%2BclOeJ2vwym8Q%2BniyM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6be2bbc3bb034ab6-FRA
expires: Mon, 05 Dec 2022 21:23:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6af036a4ec23088a2e702e364d84320dbcd420a0c8c5ef82bac37006554e3ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 20:31:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 21:23:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 21:23:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
990 B 97ms
42ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ea7d23d55fdda4f42a373f9a16ddb9a744c682714a9516dc95e9acdc5b3ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 21:23:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 21:23:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 21:23:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 108ms
53ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b7a50770485be8281befa17e0b6054466915401e8163c5319cd7791ed290ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 21:17:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 21:23:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 21:23:30 GMT

GET
H2 200 cr-blog-hero-owl-transparent.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 670 KB
671 KB 972ms
972ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-blog-hero-owl-transparent.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41682410610/1639593716420/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 266d85b7ad351501b8651b0e659d6d74fbe07085d3226cd3f7601f6522fbdf97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/41682410610/1639593716420/module_41682410610_CR_-_Malicious_Life_Network_--_Main_Hero.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-41719333184,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: 574A6E0WQB49H702
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41719333184,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "cd208635457bf65f33aa7c8849efcf21"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1613708850431
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 2b08544e695e9e7bc49d159008bcc657.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 685987
x-amz-id-2: sKquO0aRA5dNglIR8dtj+26lr2SAbZLaGwdUv7P6OFHY8GsvyPxrWhdv+UyatlnbPIoUbna32Wk=
last-modified: Fri, 19 Feb 2021 04:27:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLW9BHu5M7BdjlbRhCZ%2B0dZP39sz8dGUMeJczI1%2FpAMSYIFgzHemDobXw4OKe3Vivt%2BAbmlkm1X7rwvLftUegG%2BIugo4QnMK0SuHhjEf%2BG49RhU7Iuzks0CtuvEM%2F38wZ6xH6290WMbTwAlP6FL9Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: pMBSD6mHHoba7vVAwnZHReLD9ID8b41e
accept-ranges: bytes
cf-ray: 6be2bbc898e7f927-MXP
x-amz-cf-id: a8x5xeOadmdwCjMkVnqEMkPmMcGhEpxAcUXYqaLMIcdD3nToKVQxBw==

GET
H2 200 cr-mln-network__footer-subscribe-bg.png
www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/ 75 KB
76 KB 993ms
993ms Image
image/png 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cybereason.com/hubfs/dam/images/images-web/blog-images/template-images/cr-mln-network__footer-subscribe-bg.png
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42760289143/1635957555962/__CR_Web_Platform/CSS/cr-mln__build.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb9be20a82426fc379a29e4ae95b7a403e9d228feb0bbac4b516ff0dd4e8201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/42760289143/1635957555962/__CR_Web_Platform/CSS/cr-mln__build.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-42844750665,FD-41718904629,P-3354902,FLS-ALL
x-amz-request-id: Z0APBFNNYW4KEQNC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-42844750665,FD-41718904629,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
etag: "c28026bc6a6d55f395e2227b7b19c8c9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1615403417467
date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 205017ec1deb1818ed40d527d0c96868.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP63-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
content-length: 76527
x-amz-id-2: SdeFsFd6LlaV/ynca2R+dLnZxpVNkeMnChq5DHAwBYguN6oA43OU6Gg8sd4pCIzbqKeh7CENBs4=
last-modified: Wed, 10 Mar 2021 19:10:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz%2F9rPac4ANrkEJ8w1l7jPe%2BD5Z3JFLs511svzdbvqfiOvhSqQKHwwSDPqSVJEiIkKgDvp2yetoEmkPmKh%2BPCetG7GTuOonRZdD8KwynltB96KXffqIQ8cAsSXb1QQCn0oFG4Lrh5nqYkONZ93SCUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: re8UAqBG9Z9r42hnTIwXdZAL52u2VF_w
accept-ranges: bytes
cf-ray: 6be2bbc898e9f927-MXP
x-amz-cf-id: Reey6-aqDL2pQgTAZpXveCdyCY6T5a7AtJDBy1H55LOk_buSJbtMOQ==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 74ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 459089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:52:02 GMT

GET
H2 200 ionicons.ttf
www.cybereason.com/hubfs/__dam/fonts/ 184 KB
106 KB 268ms
267ms Font
font/ttf 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/__dam/fonts/ionicons.ttf
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1635957556121/__CR_Web_Platform/CSS/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1635957556121/__CR_Web_Platform/CSS/ionicons.min.css
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-35275624221,FD-35275624214,P-3354902,FLS-ALL
age: 1429
x-amz-server-side-encryption: AES256
edge-cache-tag: F-35275624221,FD-35275624214,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: S1JP4HSY5YHRA2P8
etag: W/"24712f6c47821394fba7942fbb52c3b2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1600860540619
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 cc216c6d975e303d13c81952a95bc0fc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
x-amz-id-2: Uaq21W6qJtT+KxrDtSw8dKqceHiIPIQ+PIeIb/Tk9ICErxHj9rymuKlbfB/Z/3BQeeuyKNgSwh8=
last-modified: Fri, 25 Sep 2020 09:38:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsSk036yrugqAERCpxT4%2B2L6VhZQocKH%2FMkpNP3S1q3MdKsv4rGP0GO6C%2F4sT8Fcal%2FmVP%2B6cteFilqzFA7OUl9ZgXI1I3DwCNk5QjhNc5hDe%2FO8O%2B11fm%2Bc%2F28F351rVT91M5XBZbpz8Yx1Q%2B2O%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: jxZ9WTKM12FAq58JViQDodht0EN9wNZx
cf-ray: 6be2bbc898ebf927-MXP
x-amz-cf-id: 2Nrmm4J3WPe1aHpNeqa1NCGyynzWUrLQFeTDaDVQJdGPgnWGgmBKrw==

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 131ms
77ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:22:02 GMT
x-content-type-options: nosniff
age: 100889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20348
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:07:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 17:22:02 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 125ms
71ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:06:15 GMT
x-content-type-options: nosniff
age: 184636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21072
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 18:06:15 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 142ms
88ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 17:56:21 GMT
x-content-type-options: nosniff
age: 12430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21080
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 17:56:21 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 138ms
84ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 10:46:05 GMT
x-content-type-options: nosniff
age: 556646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20444
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 09 Dec 2022 10:46:05 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 105ms
51ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:44:20 GMT
x-content-type-options: nosniff
age: 459551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:44:20 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 20 KB
20 KB 134ms
81ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

604f11b1aa0c94217abb80eb7a5c7de728f9463e4f045fe8a34339f438a50cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 04:17:21 GMT
x-content-type-options: nosniff
age: 493570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20500
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 04:17:21 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 20 KB
20 KB 143ms
90ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:09:35 GMT
x-content-type-options: nosniff
age: 184436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20676
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 18:09:35 GMT

GET
H2 404 Criteria-CF-Regular.woff2
www.cybereason.com/hubfs/dam/fonts/criteria/ 0
0 226ms
226ms Font
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Regular.woff2
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 b4a15133db3a2b8a3148547f5267d170.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 268
cf-ray: 6be2bbc898eff927-MXP
x-cache: Error from cloudfront
access-control-allow-methods: GET
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
last-modified: Tue, 19 Feb 2019 20:12:00 GMT
server: cloudflare
etag: W/"f6e4b6cdb45684ca8239a8161901d7ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP4A2MFLuAVR6hcIFj3HPVkQsAYyOdLRe1WCy%2B3KxrP6bK9BSk3wZ%2BUxuaejby00uHzO5GJ7pKkVe3ckcn3xiakcFu3H7Cvs5D4UKqUL3rzY1R6Su8eKRt0ZHjfdWFAhtvNw8vMLVNkDQyRiqnAVLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: oQ5g.LoAEFK3mdk3M1pWALQQ6oLrzuy3
access-control-allow-origin: *
cache-control: s-maxage=300, max-age=600
x-amz-cf-pop: MXP63-P3
content-type: text/html
x-amz-cf-id: fLQ7DUI9wCb3g4uA2VhaK6-5zxnadnRTb1Tt46CDMwuxEO_xGu7Myg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 Criteria-CF-Regular.woff
www.cybereason.com/hubfs/dam/fonts/criteria/ 22 KB
23 KB 86ms
86ms Font
application/font-woff 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Regular.woff
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d21f451d964e9dc02c1ade6f0348001f7583bcb29c7d95ca44d9a3037f6ff45

Request headers

Referer: https://www.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1639599878970/__CR_Web_Platform/CSS/cr-master__main.min.css
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-57632824913,FD-57632835487,P-3354902,FLS-ALL
age: 1426
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57632824913,FD-57632835487,P-3354902,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
x-amz-request-id: 6RXK38EF71CC9RDS
etag: W/"e476a94020dcd1317d27605ec692587a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis: 1634316502329
date: Wed, 15 Dec 2021 21:23:31 GMT
via: 1.1 71d15e4317f9ba4644f6c17f42ef94c9.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
x-amz-meta-index-tag: all
x-amz-id-2: cfwoz49TedXKAirO4hiMiea4U32zBROQDdJg7gbZzx5duIhYGakDJDYevWk5VNmnygr/di8b4e8=
last-modified: Fri, 15 Oct 2021 16:48:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjXSccKca7riPoHxbgJUM6xvnncfWhU8UXxgBkVRILIkrpDvMMXmkxSVLl0b1P571GuH10FVbitZscZqXy6kkeVMat0YicdbnZbkWN4jH%2FdvNWf4T1hB58GEeU69%2Fhq207UX7m4jE7nkmMuvY4H%2BNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: QkLigCwzzyj6k3UDDoGSJC0PKXfnSnnQ
cf-ray: 6be2bbc9baa8f927-MXP
x-amz-cf-id: v8M7h3-jnzEp_fkormSfXzhBG7HOBpOQzghUEWjY1xZa65Xgqx-N5A==

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 68ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5cea554b6ecfae067a6d7f03483584a6970d15baa0cc7d5281d785d7bf9dd82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OXzZM522eo8tkDuDrT8tPw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: LkfxR5EDOVQlJP0lVjuUpUFK0ilYHG+eUgfJJ999cvEzT/LSmU19Hl/a0yA0Bw8qOMy7fMq+q04wVQSTpBzUcQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 3ccc9719cee8b14cf785aa65f51b150a
x-frame-options: DENY
date: Wed, 15 Dec 2021 21:23:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ac91a4a67d44435e3f70c05038d1d179"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Dec 2021 21:31:53 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 211ms
52ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CEC)
Age: 1073
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
768 B 226ms
173ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3354902&callback=jsonpHandler

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: aa0313cc-b64f-4043-96af-b2b73bc90f83
x-trace: 2B180AD6E7EF49DC6378E008C4297FF4F1D6A62A53000000000000000000
date: Wed, 15 Dec 2021 21:23:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6be2bbccd94cd6ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/343335/00000000000000003b9b0ad0/27/ 16 KB
16 KB 190ms
53ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/343335/00000000000000003b9b0ad0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "eedb93b5a9ba82f97df21a2548066c304a8baad8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16112

GET
H2 200 l
use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/ 16 KB
16 KB 217ms
80ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7219936e6e56b9932b2f1dd06cfff09b655a729bb17d0aa6d757e14184512384

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "2d91046573f0e4458e7737f18f00bb9c13388e11"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16252

GET
H2 200 l
use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/ 15 KB
15 KB 250ms
113ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "865da7d2ecc4da3cb6bd5574f01738cfc5c8bb11"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15448

GET
H2 200 l
use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/ 16 KB
16 KB 246ms
109ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 359197d1e7ab63fe678db88914f31f1f9f6a37bd182e0de565fc7a68302a1f50

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "8c3ee2b4e977df4e0f73e1b985c24fba9611fc49"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16652

GET
H2 200 l
use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/ 17 KB
17 KB 227ms
90ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 66b4fac9494bbeda177f4637fa3e7423fc8ef54b11a6875e68cdf3e472293b2a

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "7b5be73a29b093f7ae3c099f5a521c9274f6db28"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17148

GET
H2 200 l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 16 KB
16 KB 209ms
72ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16456

GET
H2 200 l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ 23 KB
23 KB 239ms
102ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfbead/0000000000000000000146b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 365a7ca6f52df29efedfdac2e08a9d0f03e4e2122dd9a49803bf8dacd58480fc

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "122498e3424e674610da39fb441d661549879239"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23248

GET
H2 200 l
use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/ 15 KB
15 KB 234ms
98ms Font
application/font-woff2 2a02:26f0:12d::6879:4c50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c50 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 765097740b7490e6ab6a2d8624199ab7b147e8c6cec064b6cce257750fdb1985

Request headers

Referer: https://www.cybereason.com/
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
server: nginx
etag: "13c2813ff67959226aaa4eccfcdd1399bd756b8d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15336

GET
H2 200 3354902.js Show response
js.hs-banner.com/ 61 KB
16 KB 127ms
48ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9971f57588bd4bdf0ca7e8e213a1f7ac70e246f96702c5f31bff5e41bd9af9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 280
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: Q0926KBG92XBP2AK
x-amz-id-2: AtpWyonHQczG1NhIUYM17L1hGq7y7M3jv4ITod2bs1IA9wiUYujDl/36gpkUENzGIl/hjIhY1ig=
timing-allow-origin: *
last-modified: Wed, 17 Nov 2021 18:45:51 GMT
server: cloudflare
etag: W/"cfd80d7670c77c3b1f25ea4115a1c154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: GIk9Yx1A.Rcluk1W7udwMEUT.M.WG0Zj
access-control-allow-origin: https://www.cybereason.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6be2bbcd1fb43749-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 15 Dec 2021 21:23:52 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 101ms
46ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 29328
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6bdfefc20af0d6f1-IAD
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6be2bbccebea4351-FRA
last-modified: Fri, 10 Dec 2021 01:08:50 UTC
server: cloudflare
etag: W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: CFlN4t91I683yMz6FBVcMyI2bwle3enHDzt9K12dafnV9nHHe_Dv3A==
x-hs-target-asset: lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js

GET
H2 200 3354902.js Show response
js.hs-analytics.net/analytics/1639603200000/ 63 KB
20 KB 254ms
188ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1639603200000/3354902.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/hs/scriptloader/3354902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c3d9638e0fdab99199438de06f94d2bdee6f6dc9b7a1331a9f35dc8b923fbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 4KPXYVG7H7Z22WKY
x-amz-server-side-encryption: AES256
cf-ray: 6be2bbcd0e860f72-MXP
x-amz-id-2: obO/9Dk4HjpB6pApzscTc+g82ek/9YameXI5i+kcwg4Ma9kHfi5ZOcUSd4Ml1I9omOI5lTO7z6M=
last-modified: Wed, 17 Nov 2021 19:10:21 GMT
server: cloudflare
etag: W/"766c1926d96beee64f2c4e067a4d0185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 15 Dec 2021 21:28:32 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 290 KB
82 KB 46ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=ff47b79a154a94ab33fef02e5ff6f5e3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d3e07ec0b896d5b9a90eba7f9213a28d8ec84887e2bf6505f75d1c8ebc15f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Origin: https://www.cybereason.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: I4Eq0Va3g8XfZJlgJ23gqg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83482
x-fb-rlafr: 0
x-fb-debug: 1DjtmZWy1S9u9yZzPgFQQ69uooc9qbNIdF4ZeQZvqjbM6JKbOpc3YSVqtYGdc0GRzTp8kSSLNO3qmoqd8SZOrg==
x-fb-content-md5: 850f35091499b3fbc9ae0418088dad82
x-frame-options: DENY
date: Wed, 15 Dec 2021 21:23:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7f545e325bd8aa76ae527f13c5f137d5"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Dec 2022 20:12:23 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 8A82 319 KB
103 KB 54ms
54ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.cybereason.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 521830
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 15 Dec 2021 21:23:32 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 207ms
50ms Image
image/gif 2a02:26f0:12d:485::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=vyv2ljd&ht=tk&h=www.cybereason.com&f=32224.32226.32227.32228.32230.32231.10875.32265&a=657783&js=1.20.0&app=typekit&e=js&_=1639603412240
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:485::19fd Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:32 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8A82 232 B
447 B 222ms
154ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=708d916794281dd2872f2991c239a4275ac96a06

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.cybereason.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 112
date: Wed, 15 Dec 2021 21:23:32 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 21:23:32 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6ac38e1083520f9cf525f63b97bad2934ea9cdbce215e52bc52021a100a28768
content-length: 166

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
19ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6519
date: Wed, 15 Dec 2021 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 21:34:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
79 KB 76ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d781ba62a8ee04e276307aaf5fe6a615eb499a2b9f684ed3a4a270f17b3a0a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80036
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Dec 2021 21:23:33 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
525 B 141ms
140ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=3354902&pi=29780301346&ct=blog-post&ccu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&cpi=29780301346&cgi=5272851739&lpi=29780301346&lvi=29780301346&lvc=en&pu=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&t=Valak%3A+More+than+Meets+the+Eye&cts=1639603413298&vi=7078fdbd13d44b6b384603373928eb14&nc=true&u=85683782.7078fdbd13d44b6b384603373928eb14.1639603413294.1639603413294.1639603413294.1&b=85683782.1.1639603413294&pt=0&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 937266ac-8697-4df9-bfe2-0818e1d2d43f
cf-ray: 6be2bbd53d84d6ed-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrWSvXTBB5q5GF8pJt2lGLicu36iyah%2FcluuqyS2GIctn86%2BCSLUlX1XqmvCVMU%2Fsnx8DnIAmdLze6d2Cf%2FQPHuUj58YiK2k9glhp3HlElMPhVomSVfim7oRa%2FgLZVUuD6dChPs20PprGfezf3m8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 400ms
248ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3354902&utk=7078fdbd13d44b6b384603373928eb14&__hstc=85683782.7078fdbd13d44b6b384603373928eb14.1639603413294.1639603413294.1639603413294.1&__hssc=85683782.1.1639603413294&contentId=29780301346&currentUrl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5487184d301e501560341bcbfca8c103a140b89de229e31ec9d2c5a44ee894f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 57ad1a86-0b2b-4333-ae86-89043ca2cd4f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfUVxcJIJ8pIyuMmc%2BaekfCWKojY8oaaCsgNXOnVxd1B8mFYbZPXJYAUrolz6IF%2FAT8XH%2FwiFGWSXT70uYcZ78wQ%2BMxEXjF%2B26OdYcdhyBWB6PGWPiwFk50%2FTXYEc8DziaaT0jRHo%2BZ1I%2F%2BXkXXY"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6be2bbd65c865a0d-MXP
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 54ms
27ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1010077814&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&ul=en-us&de=UTF-8&dt=Valak%3A%20More%20than%20Meets%20the%20Eye&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=578105822&gjid=1146070708&cid=2004201336.1639603413&tid=UA-56367941-1&_gid=1908308180.1639603413&_r=1&_slc=1&z=333065387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 166 KB
61 KB 66ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbb42fb1a1dfc3c12c8516d7d6a5010f63993f5540864fce99813f2d0ea776f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62337
x-xss-protection: 0
expires: Wed, 15 Dec 2021 21:23:33 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 96ms
42ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 21:23:33 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 193ms
52ms Script
application/x-javascript 2a02:26f0:12d::6879:4c51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d::6879:4c51 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=37698
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 83ms
25ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100112-IAD, cache-fra19135-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 107ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13CA40A5C90F4E2AA9CD36A6C42AAC6D Ref B: FRAEDGE1517 Ref C: 2021-12-15T21:23:33Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3

200

activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak... Show response
10272547.fls.doubleclick.net/ Frame DBA7
Redirect Chain

https://10272547.fls.doubleclick.net/activityi;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fva...
https://10272547.fls.doubleclick.net/activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2...

526 B
439 B

63ms
35ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10272547.fls.doubleclick.net/activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

f91f3bd6034a5f4b992b18fa7522d979d7c8b7ad9d0c9249b738470ce47869a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10272547.fls.doubleclick.net/activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hotjar-704918.js Show response
static.hotjar.com/c/ 4 KB
2 KB 119ms
56ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-704918.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

4b2220d50338f50589a60fea18ac539525a8e1b891647caf85c19a02f7fc8549

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/c417f0755595cdc5f288dcba0cdda3e8
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1902
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-id: WVIUo3cqy5NevXefWEtX4ekqDlbIYq8RzH4_9kTVhQjuA9cGxKW3hw==

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 243ms
31ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H3

200

activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-m... Show response
10428681.fls.doubleclick.net/ Frame 0061
Redirect Chain

https://10428681.fls.doubleclick.net/activityi;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvala...
https://10428681.fls.doubleclick.net/activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%...

524 B
432 B

66ms
35ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10428681.fls.doubleclick.net/activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

6eb129a27cd418f2dc0dff837a9ecc0bd15a35f35dbfce720c31e12520e535af

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10428681.fls.doubleclick.net/activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 48ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: GUIZhVBpPfSlbkvQl1X5XVFicxtsf/FmVt0nMi5Zml1mWzd/3ogUbLH4lDz4kJ4k4M6lHWOl40djPYpVEr0vDg==
x-frame-options: DENY
date: Wed, 15 Dec 2021 21:23:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1cwYCUDAYD26hHzYzki9 Show response
ws.zoominfo.com/pixel/ 0
478 B 392ms
221ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/1cwYCUDAYD26hHzYzki9

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6be2bbd82b9c59bf-MXP
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

GET
H2 200 3354902.js Show response
js.hs-scripts.com/ 1 KB
963 B 335ms
204ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3354902.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14bde8a9ed463ff343937368555105c6e2e25bdefcccf034593b295579fe2b73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 1cb96b68-8403-4815-8a0b-af141b669b09
last-modified: Wed, 15 Dec 2021 21:18:50 GMT
server: cloudflare
x-trace: 2B5F92181B1E5E0AF474AB230265891F2DE8DEBC7F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cybereason.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6be2bbd7f9c459b9-MXP
expires: Wed, 15 Dec 2021 21:24:33 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 2 KB
1 KB 305ms
80ms Script
text/javascript 2606:4700::6812:15c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 14:31:37 GMT
server: cloudflare
age: 408
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Wed, 15 Dec 2021 21:26:45 GMT
cache-control: max-age=1200
cf-ray: 6be2bbd88c1259dd-MXP
cf-bgj: minify

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 194ms
26ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:20:35 GMT
content-encoding: gzip
age: 178
x-guploader-uploadid: ADPycds0lxtSgs9_BVGZlNpMImXZug-hteNlEkmHGHt0Hv4q5rKLEoGPLcAsisP8VkXcNuqOQIjhz0hTIBYNAJSpjfqESFF2xw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 15 Dec 2021 22:20:35 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 2 KB
1 KB 193ms
25ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 40398
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1041
x-llid: 3f78ca1516d369cc31e465c95abff6f5

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 126ms
63ms Script
text/javascript 23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1506452&mt_adid=241675&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0 /
Resource Hash: 7253749a2f8658ad9c6fc72495c07b0584822e9b153ef0d505ef927fd857fa4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:33 GMT
Server: MT3 4133 baa842e master zrh-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Wed, 15 Dec 2021 21:23:32 GMT

GET
H2 200 zdcd6x8yhg85.js Show response
js.driftt.com/include/1639603500000/ 218 KB
62 KB 380ms
151ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1639603500000/zdcd6x8yhg85.js

Requested by

Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

aa82097c9e8bddaf6321732c1cb749fe50fe87d246d967619fd78e7ffc738466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: rei7PN32G8Xi.TUkUUNOUz8pBMXFCEj9
content-encoding: gzip
etag: W/"b07c2cc0c072e7303b614224af6d4205"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 14 Dec 2021 14:21:34 GMT
server: nginx
date: Wed, 15 Dec 2021 21:23:33 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oJsb4hRRpeA0cMy8ScnM5QNsSYE1uQl4PO16Y0jZ2adkiSE2mqox8w==

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 622 KB
118 KB 94ms
40ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJVVB7C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

136d46843c14c2ae1e8a4d59f5690e6b2c55d567be7183fccaf54d4df3978065

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
vary: Accept-Encoding
age: 355
x-cache: HIT, HIT
content-length: 120512
x-served-by: cache-iad-kjyo7100041-IAD, cache-fra19177-FRA
access-control-allow-origin: *
x-browser-version: 96
last-modified: Mon, 13 Dec 2021 16:48:36 GMT
x-timer: S1639603414.697731,VS0,VE0
etag: "61b77964-1d6c0"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 26

GET
H2 403 lt-v2.min.js
lltrck.com/ 0
0 475ms
128ms Script
text/html 52.20.96.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/lt-v2.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.96.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-96-200.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 6e1424cff90e9cd4.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 177ms
47ms Script
application/javascript 143.204.98.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/6e1424cff90e9cd4.min.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-51.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2257044d49863eae7eef3d199fac4d11dc896ba05eebf2c153a0327331517abb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: EGEIhmN2vMRa51q7MC9AC1Cd5yfZNLBd
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 09:53:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"d89a3d6b8c275d2ff717e776016cf903"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Wed, 15 Dec 2021 21:23:33 GMT
x-amz-cf-id: xZqdbD91uwyd5rMQnYPbBpjj0UtS8fBQJ2POxUcoqUZ5GaAW8Ksdhg==

GET
H2 200 airpr.js Show response
px.airpr.com/ 7 KB
2 KB 176ms
26ms Script
application/javascript 143.204.98.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.airpr.com/airpr.js
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-16.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:37:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Apr 2018 18:03:55 GMT
server: nginx
age: 2785
etag: "5adb7d0b-853"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 2131
x-amz-cf-id: bsWe8BXefMbSZd9eyQlp9KcBT73iy7jt6db4I3W4jH27sJy40F8jag==
expires: Thu, 16 Dec 2021 08:53:11 GMT

GET
H2 200 activityi;register_conversion=1;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-m...
10272547.fls.doubleclick.net/ 0
0 30ms
30ms Image
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10272547.fls.doubleclick.net/activityi;register_conversion=1;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 activityi;register_conversion=1;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-mee...
10428681.fls.doubleclick.net/ 0
0 43ms
42ms Image
text/html 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10428681.fls.doubleclick.net/activityi;register_conversion=1;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

/
attr.ml-api.io/
Redirect Chain

https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID
https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dcybereason.com%26pId%3d%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dcybereason.com%2526pId%253d%2524UID
https://attr.ml-api.io/?domain=cybereason.com&pId=3576325908894317993

0
241 B

898ms
375ms

Image
application/json

2600:9000:2156:ea00:12:3734:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr.ml-api.io/?domain=cybereason.com&pId=3576325908894317993
Protocol: H2
Server: 2600:9000:2156:ea00:12:3734:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
apigw-requestid: KaNxrgpRoAMEJ0w=
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json
content-length: 0
x-amz-cf-id: ZNXMoMNQu1zDru3vPe4Pj139n1x5rrCsl2HoKtMlpUej5haTeu3BQQ==

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 21:23:34 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a42222dc-5f30-4ce9-95e6-225fd582041a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://attr.ml-api.io/?domain=cybereason.com&pId=3576325908894317993
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 111ms
42ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56367941-1&cid=2004201336.1639603413&jid=578105822&gjid=1146070708&_gid=1908308180.1639603413&_u=IEBAAEAAAAAAAC~&z=1313770320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Dec 2021 21:23:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/561371164/ 2 KB
2 KB 104ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/561371164/?random=1639603413617&cv=9&fst=1639603413617&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfc7330619560b7a5f1528b8ac12bbe2607491026861afac235ac74fa5e96388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/ 2 KB
1 KB 143ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934771702/?random=1639603413621&cv=9&fst=1639603413621&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb4f6b772cc942f2a1e049cc7ab4a3f3f08f73aad8439d0206a8ae348c59ce60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/401574070/ 2 KB
1 KB 68ms
31ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/401574070/?random=1639603413622&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4baa608b3754d5dc394e8b92056e3d872ae5276d3682b76040f85f00a3114f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1231
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
401574070.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/401574070/ 0
0 202ms
39ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://401574070.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/401574070/?random=1639603413622&cv=9&fst=1639603413622&num=1&fmt=3&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 198ms
143ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny0ol&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=9174e41b-d3fe-41cc-a0b3-a809e46c49ba&tw_document_href=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Wed, 15 Dec 2021 21:23:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 21864b1fdb3f1b8f12674d2ae86945158ed166e380be6dcd32599dbbbf790fe9
x-transaction: f4d306ad8dca9ab5
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
469 B 199ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny0ol&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=9174e41b-d3fe-41cc-a0b3-a809e46c49ba&tw_document_href=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Wed, 15 Dec 2021 21:23:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b50adc9daaed41adf02f8d6b2d35872a7d7644aa2f13997da234f5542a04caa2
x-transaction: 269d9acf17021ebb
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 119ms
35ms Ping
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-SSF38JVRVJ&gtm=2oec10&_p=1010077814&sr=1600x1200&_gaz=1&ul=en-us&cid=2004201336.1639603413&_s=1&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&dt=Valak%3A%20More%20than%20Meets%20the%20Eye&sid=1639603413&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 86ms
38ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SSF38JVRVJ&cid=2004201336.1639603413&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSF38JVRVJ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cybereason.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 121ms
52ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SSF38JVRVJ&cid=2004201336.1639603413&gtm=2oec10&aip=1&z=420582131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56273944.js Show response
bat.bing.com/p/action/ 682 B
735 B 195ms
194ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/56273944.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7069db6e08cf1a0478eba2451b59244b1b34b4e3967078a4b3b3b0391b50ff93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C1FCB812F8234EFD894C56C3D38DD079 Ref B: FRAEDGE1517 Ref C: 2021-12-15T21:23:33Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 584

GET
H2 204 0
bat.bing.com/action/ 0
150 B 44ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=56273944&tm=gtm002&Ver=2&mid=5fc79b38-626f-4ab9-891d-75a0a1e4dac4&sid=41f376c05ded11eca22289a33822f3db&vid=41f380b05ded11eca08c9da661879b5f&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Valak%3A%20More%20than%20Meets%20the%20Eye&p=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&r=&lt=4736&evt=pageLoad&msclkid=N&sv=1&rn=165315
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CE44A688AA1144EC8635F889EE6622C8 Ref B: FRAEDGE1517 Ref C: 2021-12-15T21:23:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.cbd9b920d05cd9e47f57.js Show response
script.hotjar.com/ 227 KB
60 KB 96ms
36ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 625648
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60953
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 15:35:08 GMT
etag: "7a85a2a595def8796a50e919e49cda7a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TIgixXczZguXX8sgtPZfneCyEJiJW0aKm63pexBW2H1_wmnvgHoZ9g==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D72596%26time%3D1639603413722%26url%3Dhttps%253A%252F%252Fwww.cybereason.com%252Fb...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&liSync=true&e_ipv6=AQK-5ik5cdjAbgAAAX2_-qWbK...

0
156 B

729ms
122ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&liSync=true&e_ipv6=AQK-5ik5cdjAbgAAAX2_-qWbKni21_tj6nml3x9lpS8G_04yxj61EVXYYMGh_6y9_1TdEu-kMw
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: WdczfZ4KwRZQTg6TPSsAAA==

Redirect headers

date: Wed, 15 Dec 2021 21:23:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E03340F039DE4D4EB2BB126B0E8182E3 Ref B: FRAEDGE1217 Ref C: 2021-12-15T21:23:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=72596&time=1639603413722&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&liSync=true&e_ipv6=AQK-5ik5cdjAbgAAAX2_-qWbKni21_tj6nml3x9lpS8G_04yxj61EVXYYMGh_6y9_1TdEu-kMw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTNesWtzow7BnAQVx7Cw==

GET
H3 200 116645602292181 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/116645602292181?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a64b82e493758422d59a77157bda12f280dec0f2105dbc7cfe789b373113b53

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: n2C2vVDFZgpoR0cUjQ36NoASXWqcIDR64z4Dc5iWcGy6CZZbbj0ILp8a3Kw9N8ZgNZLFPnZpb+uwv6GcKTd5Ng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Dec 2021 21:23:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 123ms
52ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=2004201336.1639603413&jid=578105822&_u=IEBAAEAAAAAAAC~&z=973734752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 74ms
73ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56367941-1&cid=2004201336.1639603413&jid=578105822&_u=IEBAAEAAAAAAAC~&z=973734752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than... Show response
adservice.google.com/ddm/fls/i/ Frame 3D32 525 B
883 B 140ms
62ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Requested by

Host: 10272547.fls.doubleclick.net
URL: https://10272547.fls.doubleclick.net/activityi;dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

322283c1388fbc185e2b599da8625e58b12f5b2897952937d1f0c209d2b9b745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10272547.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

/
www.google.de/pagead/1p-conversion/401574070/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

44ms
43ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=1Vy6YaX0Keqkx_APgJSTgAE&cid=CAQSKQCNIrLMY_JC_QdEc0GmABC0QNLUnG9i3_9HqoJ3T8iBPbfWeONmNoae&eitems=ChAIgMHmjQYQkd-s26Kuo8UeEh0AdKENUJOkEg9K1lSycCl0UNh2X83yvm8y-MEfBg&random=917142451&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/401574070/?random=1717465266&cv=9&fst=1639603413622&num=1&value=0&label=6wPaCOv09oACELaRvr8B&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&auid=974616558.1639603413&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=1Vy6YaX0Keqkx_APgJSTgAE&cid=CAQSKQCNIrLMY_JC_QdEc0GmABC0QNLUnG9i3_9HqoJ3T8iBPbfWeONmNoae&eitems=ChAIgMHmjQYQkd-s26Kuo8UeEh0AdKENUJOkEg9K1lSycCl0UNh2X83yvm8y-MEfBg&random=917142451&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-m... Show response
adservice.google.com/ddm/fls/i/ Frame 590B 523 B
477 B 141ms
64ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Requested by

Host: 10428681.fls.doubleclick.net
URL: https://10428681.fls.doubleclick.net/activityi;dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2be5d7842d3b80a4415ae6cee9e09357a01c10226397759dad5866feedbf22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10428681.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame D7A4 2 KB
1 KB 103ms
27ms Document
text/html 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-704918.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XEjU7dC-N0ADCGej5rl6VshL0pRIEUebRcISRfoOuF6aEjxg6lLp2Q==
age: 1143027

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 619ms
388ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1639603413772&id=t2_32cbm2fl&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=0b374343-6e16-4911-903a-b653b19064ef&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 223ms
163ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 47271d6eb966f4cb33571f8eca4cacda
function-execution-id: gsioy8e8ho85
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 275ms
144ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cybereason.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 93sjbztadaet
x-powered-by: Express
x-cloud-trace-context: 494e376f5ab368e454d81d35f144ae95
content-encoding: gzip
date: Wed, 15 Dec 2021 21:23:34 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 114ms
31ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=116645602292181&ev=PageView&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&rl=&if=false&ts=1639603413851&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1639603413847.1442599911&it=1639603413730&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 15 Dec 2021 21:23:34 GMT

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.30/ 52 KB
22 KB 356ms
112ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.30/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56273944.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:33 GMT
content-encoding: br
etag: "1d7ed4598a2cbb1"
last-modified: Thu, 09 Dec 2021 21:42:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=4ECF56D5B44A42A1A408C2D4CC89863A&RedC=c.clarity.ms&MXFR=1B39F3EF3A2F6C743E49E2E13E2F6231
https://c.clarity.ms/c.gif?CtsSyncId=4ECF56D5B44A42A1A408C2D4CC89863A&MUID=0088A08048596AE40CFEB18E49326B41

42 B
368 B

52ms
47ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=4ECF56D5B44A42A1A408C2D4CC89863A&MUID=0088A08048596AE40CFEB18E49326B41
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B77C14B18C3E49B8AF37C9C3380BDF51 Ref B: FRAEDGE1517 Ref C: 2021-12-15T21:23:34Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=4ECF56D5B44A42A1A408C2D4CC89863A&MUID=0088A08048596AE40CFEB18E49326B41
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than... Show response
adservice.google.de/ddm/fls/i/ Frame 4A89 194 B
870 B 130ms
63ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI_PqNje5vQCFcUbBgAdPDkP6g;src=10272547;type=landing;cat=allsite;ord=2126948270583;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:34 GMT
expires: Wed, 15 Dec 2021 21:23:34 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.google.com/pagead/1p-user-list/561371164/ 42 B
154 B 40ms
37ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/561371164/?random=1639603413617&cv=9&fst=1639602000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&async=1&fmt=3&is_vtc=1&random=2102760394&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/561371164/ 42 B
64 B 89ms
41ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/561371164/?random=1639603413617&cv=9&fst=1639602000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&async=1&fmt=3&is_vtc=1&random=2102760394&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activity.gif
apt.techtarget.com/activity/ 43 B
464 B 634ms
126ms Image
image/gif 206.19.49.24
ATT-CERFNET-BLOCK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16570449&version=2.1.1&ref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&r=1639603413911
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.19.49.24 , United States, ASN17225 (ATT-CERFNET-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:34 GMT
Last-Modified: Tue, 26 Mar 2019 18:30:29 GMT
ETag: "2b-5850384029cff"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 43

GET
H2 200 dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-m... Show response
adservice.google.de/ddm/fls/i/ Frame B089 194 B
242 B 125ms
63ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMmxqdje5vQCFdT8UQod20wFKg;src=10428681;type=cyber0;cat=cyber0;ord=4535703709534;gtm=2wgc10;auiddc=974616558.1639603413;ps=1;~oref=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 15 Dec 2021 21:23:34 GMT
expires: Wed, 15 Dec 2021 21:23:34 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AALYpU7DdLoAAD0SARysSg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AALYpU7DdLoAAD0SARysSg&verifyHash=174cd3d1212117e765220dc4bfbff1ffb2abd4cf

26 B
409 B

221ms
217ms

Image
image/gif

143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AALYpU7DdLoAAD0SARysSg&verifyHash=174cd3d1212117e765220dc4bfbff1ffb2abd4cf
Protocol: HTTP/1.1
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:34 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 92dfeee705089dd5
X-Amz-Cf-Id: 75LmbpCpd2aHaY5czTHyUgfcaxesorxnU_ICYXU2FePcyDoMtvyZ8g==

Redirect headers

Date: Wed, 15 Dec 2021 21:23:34 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AALYpU7DdLoAAD0SARysSg&verifyHash=174cd3d1212117e765220dc4bfbff1ffb2abd4cf
Connection: keep-alive
trace-id: 8da091344e94d247
Content-Length: 0
X-Amz-Cf-Id: PpU1bqeCenDlro_2smaCdJ7A1TA4sdcp0G7X-0RZJ1l3x3RTkpUa6w==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 102ms
36ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 452 B
948 B 178ms
119ms XHR
application/json 143.204.98.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&page_title=Valak%3A%20More%20than%20Meets%20the%20Eye&src=tag&auth=MOftAmbp2Aha4tkNEmeyvcipKYfCUyVJMXpCWBMS
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/6e1424cff90e9cd4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-59.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 69560229acb9c6f01744e0172bba17d68642703a1be7312a5f2a137ce4e22faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: 926331e5-6de5-4e96-b8d0-d55e817dc467
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.cybereason.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SM5B88XBhYcWLwETI8gbFdsXH1hrIejWAOpzaYekMPclNfLnTBrRZQ==
expires: Tue, 14 Dec 2021 21:23:34 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame D143 0
0 206ms
46ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Wed, 15 Dec 2021 21:23:33 GMT
server: AC1.1

GET
H2 200 6f002ab8596ff067
pixel.sitescout.com/up/ 43 B
267 B 48ms
47ms Image
image/gif 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/6f002ab8596ff067?cntr_url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:33 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame E938 631 B
994 B 58ms
58ms Document
text/html 23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=78d561ba-5cd5-4900-9908-e0a2456846ae&no_iframe=1&mt_adid=241675&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1506452&mt_adid=241675&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Response headers

Content-Type: text/html
Content-Length: 631
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 15 Dec 2021 21:23:32 GMT
Date: Wed, 15 Dec 2021 21:23:33 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 51ms
51ms Image
image/gif 23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:34 GMT
Server: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 21:23:33 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
26ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1010077814&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&ul=en-us&de=UTF-8&dt=Valak%3A%20More%20than%20Meets%20the%20Eye&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Demandbase&ea=API%20Resolution&el=IP%20API&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=2004201336.1639603413&tid=UA-56367941-1&_gid=1908308180.1639603413&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=Bot&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=Frankfurt%20am%20Main&cd13=HE&cd14=Germany&z=1682632908

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 23:32:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78655
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/934771702/ 42 B
64 B 82ms
37ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934771702/?random=1639603413621&cv=9&fst=1639602000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&async=1&fmt=3&is_vtc=1&random=3789332795&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/934771702/ 42 B
64 B 46ms
44ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934771702/?random=1639603413621&cv=9&fst=1639602000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&tiba=Valak%3A%20More%20than%20Meets%20the%20Eye&async=1&fmt=3&is_vtc=1&random=3789332795&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 21:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1010077814&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&ul=en-us&de=UTF-8&dt=Valak%3A%20More%20than%20Meets%20the%20Eye&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=airpr&ea=visitor%20hit&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=2004201336.1639603413&tid=UA-56367941-1&_gid=1908308180.1639603413&cd3=(Non-Company%20Visitor)&cd4=(Non-Company%20Visitor)&cd5=(Non-Company%20Visitor)&cd6=(Non-Company%20Visitor)&cd7=(Non-Company%20Visitor)&cd8=(Non-Company%20Visitor)&cd9=Bot&cd10=(Non-Company%20Visitor)&cd11=(Non-Company%20Visitor)&cd12=Frankfurt%20am%20Main&cd13=HE&cd14=Germany&cd16=2004201336.1639603413&z=1536378043

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Dec 2021 23:32:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78655
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

204

anpx
dpx.airpr.com/
Redirect Chain

https://dpx.airpr.com/px?hostname=www.cybereason.com&profile=660386&ga_account_id=UA-56367941-1&ga_account_type=UA&ga_c=2004201336.1639603413&an=true
https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4239298787
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D4239298787
https://dpx.airpr.com/anpx?adnxs_uid=3576325908894317993&airpr_id=4239298787

0
63 B

31ms
31ms

Image
text/plain

18.159.7.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpx.airpr.com/anpx?adnxs_uid=3576325908894317993&airpr_id=4239298787
Protocol: H2
Server: 18.159.7.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-7-124.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
cache-control: private
server: nginx

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 21:23:34 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b6f02a39-d571-42a9-a5c1-379f1845eea6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpx.airpr.com/anpx?adnxs_uid=3576325908894317993&airpr_id=4239298787
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 71B5 2 KB
1 KB 153ms
140ms Document
text/html 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1639603500000/zdcd6x8yhg85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9866e1a6b0931899aed27def0df2f66496529a063697495c69e91a0b4c604888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 14 Dec 2021 14:21:26 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ReCoSeP0ofcesPYN5RalkRrImRRXqHh8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 15 Dec 2021 21:23:34 GMT
cache-control: no-cache
etag: W/"1681096b18f37a28fcd4dd03770c3c92"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ShvR4HVqhWSdrcmt-8ILY55Ti0-13NyfmiuJ4RW_9XMlkTDCA4AocQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 973E 2 KB
1 KB 146ms
138ms Document
text/html 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1639603500000/zdcd6x8yhg85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9866e1a6b0931899aed27def0df2f66496529a063697495c69e91a0b4c604888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Tue, 14 Dec 2021 14:21:26 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: ReCoSeP0ofcesPYN5RalkRrImRRXqHh8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 15 Dec 2021 21:23:34 GMT
cache-control: no-cache
etag: W/"1681096b18f37a28fcd4dd03770c3c92"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Uc41iZ0ccRWpqMgZl3QZPYgR78g9wVzYDqsdr-RZpZpSHRrDswXicA==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame E938 43 B
525 B 46ms
46ms Image
image/gif 23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=78d561ba-5cd5-4900-9908-e0a2456846ae&no_iframe=1&mt_adid=241675&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=78d561ba-5cd5-4900-9908-e0a2456846ae&no_iframe=1&mt_adid=241675&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 21:23:34 GMT
Server: MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 21:23:33 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/704918/ 146 B
323 B 163ms
63ms XHR
application/json 63.34.251.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/704918/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.251.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-251-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 69ms
24ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=116645602292181&ev=Microdata&dl=https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye&rl=&if=false&ts=1639603414368&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Valak%3A%20More%20than%20Meets%20the%20Eye%22%2C%22meta%3Adescription%22%3A%22The%20Valak%20Malware%20is%20a%20sophisticated%20malware%20that%20can%20steal%20enterprise%20mailing%20information%20and%20passwords%20along%20with%20the%20enterprise%20certificate.%20This%20has%20the%20potential%20to%20access%20critical%20enterprise%20accounts%2C%20causing%20damage%20to%20organizations%2C%20brand%20degradation%2C%20and%20ultimately%20a%20loss%20of%20consumer%20trust.%C2%A0%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22The%20Valak%20Malware%20is%20a%20sophisticated%20malware%20that%20can%20steal%20enterprise%20mailing%20information%20and%20passwords%20along%20with%20the%20enterprise%20certificate.%20This%20has%20the%20potential%20to%20access%20critical%20enterprise%20accounts%2C%20causing%20damage%20to%20organizations%2C%20brand%20degradation%2C%20and%20ultimately%20a%20loss%20of%20consumer%20trust.%C2%A0%22%2C%22og%3Atitle%22%3A%22Valak%3A%20More%20than%20Meets%20the%20Eye%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.cybereason.com%2Fhubfs%2FValak-Hero-5.png%23keepProtocol%22%2C%22og%3Aimage%3Awidth%22%3A%221900%22%2C%22og%3Aimage%3Aheight%22%3A%22728%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cybereason.com%2Fblog%2Fvalak-more-than-meets-the-eye%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1639603413847.1442599911&it=1639603413730&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 15 Dec 2021 21:23:34 GMT

GET
H2 200 runtime~main.b5231fdb.js Show response
js.driftt.com/core/assets/js/ Frame 973E 6 KB
3 KB 29ms
23ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4497e8022e1a35c31ceb2f26213d77fef26de39398dfca2d5f6fda971149b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:25 GMT
content-encoding: gzip
age: 111729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:55 GMT
server: nginx
etag: W/"014bd97619cc8582278700d0a77d6d98"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GeeuvCj73tfrNARWJpRIp1y79WlKyrds
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: S_1nhzrnyufkELoghN04QFa76gtq2sZ9LH470JMtRSgXI6MH_QUWNA==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 58 KB
20 KB 35ms
30ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 11325077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zXAyBD35xTROcA1l9cFgByiY-dJqWtkufpyrph_MyTvNSkcp3Dll6g==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 6 KB
3 KB 36ms
31ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:03:57 GMT
content-encoding: gzip
age: 4461577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CDW0do1thFpbpUGZOeahqbD1T-3mxpfPUJ4kES31-XZlak_CdLJ6Mg==

GET
H2 200 runtime~main.b5231fdb.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 6 KB
3 KB 51ms
46ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4497e8022e1a35c31ceb2f26213d77fef26de39398dfca2d5f6fda971149b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:25 GMT
content-encoding: gzip
age: 111729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:55 GMT
server: nginx
etag: W/"014bd97619cc8582278700d0a77d6d98"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GeeuvCj73tfrNARWJpRIp1y79WlKyrds
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VVk6u0pDvc00b9GA0sSsOvSv0j0_osvINOZ8YWkPUSDjRPP9oxQcPg==

GET
H2 200 4.a93e53d9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 58 KB
20 KB 54ms
50ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.a93e53d9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
content-encoding: gzip
age: 11325077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 06 Aug 2021 18:47:25 GMT
server: nginx
etag: W/"fce0b3daf28dfa888be2818f43b06ef0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: imvxQz4ZQnCekVetyHrX84xCYV8ndGWZ
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tmtRIhpg15d_9TAvwTbve2yRJyWKzo1Gj5ddffh3xYcBgn1rCtbxOg==

GET
H2 200 main~493df0b3.580db5ef.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 6 KB
3 KB 55ms
51ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.580db5ef.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
Origin: https://js.driftt.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:03:57 GMT
content-encoding: gzip
age: 4461577
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:07:00 GMT
server: nginx
etag: W/"9b4aab2d855603fa59a09f8160eb7cb4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: SHbjo2Z875cq.BpS9ven0n3hNF1FVxPh
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BGWzhzRe-l4eMC53luEm9n0HOia61zJ8cZwZyi9uky7gUeI4xR6rsg==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 47 KB
14 KB 29ms
28ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 3868116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:08 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZvrGZ__CENehO4yWRJghqJAjDXfkpDfG
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9xIkd4q-PECchJb1HGUn0mblNdiN6z0M4ZTZV5EHfDcG2QBqZwynKg==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 44 KB
13 KB 37ms
37ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 3868116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: V1tQBeNhHuSP3Kq4PFVzDyqDvIlj_GeG
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uFSvHsql0DQZpaGA1Xe2QT4aZ60oLQPiOrWtIAbmovdDqnjzn4q_gQ==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 25 KB
8 KB 42ms
41ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:08:30 GMT
content-encoding: gzip
age: 3813304
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:57 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KfofLwvG14tKBpk6tXvFAfICf2R3Oaes
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fE9oPjl3v126zNpQ_-Tdoq9IGG2Y1BivmXc7s0yefT5lL0Dp3OOiYQ==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 16 KB
5 KB 45ms
45ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 06:18:05 GMT
content-encoding: gzip
age: 8694329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:32 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vLMtFICr__AmVbpyC1134yZVvjJr6q0Q
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VsU4uR_6WY1R2YF0_nJxb0o_nfvvMnd_Mp6otfQMyaluse1J0XyY9Q==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 72 KB
22 KB 49ms
46ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:55:04 GMT
content-encoding: gzip
age: 3868110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a9V2sG0hWPWT.cLrpxmLmJQEJHJ3pTch
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8h62pWX9C3iiI_NqOLUU85WVUoDCrokvShVyX0RxuG_3I27yByvDcw==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 16 KB
6 KB 50ms
47ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: juigjv2.842khaDjrzqiMoucoadLCjYk
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UsyTfqHxKEXpi7Sy8-jjJ0yx_V8Lk4r7887VAb6iiAqY2R6-5iVkcg==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 59 KB
19 KB 53ms
50ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:41:23 GMT
content-encoding: gzip
age: 1366930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Bes4ojoExyGtogevsaG2vPPgIGz3MINt
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r7rAw5F7eDbT7Sl3PbtjXiqBMuoNrpdwkrBCfM3123SsBZP9OZ13Fg==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 91 KB
28 KB 58ms
56ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 20:47:44 GMT
content-encoding: gzip
age: 6482149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Oct 2021 18:06:47 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8SLWCghXfnMEQiqJuVzEB4mWFfFgTeMA
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q7rlNCT_XhaJhqdYvX1EhsGih-Zsxy9yrnL3WU4v-N41lSb0xImHIQ==

GET
H2 200 9.cea5327f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 24 KB
7 KB 63ms
61ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.cea5327f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:01:38 GMT
content-encoding: gzip
age: 1318916
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:12 GMT
server: nginx
etag: W/"2db4f74e4d7ffda350b50dde6a07ed5e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XO6Gj_y9Dw4LqhxSapA287FNAF2AYGBn
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r2pH6pIEqQEOOe7gT8Jo2jUUp3FYlX9OjOxgN-mPV8QGeyhqRPsvRA==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 62 KB
20 KB 67ms
66ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UBqTGR_Kpp2cPp4uQTy5DkPbiTlHyHAU
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Da8U8LMvi_ZIZEURv6FQ706u9T3YxO6TsMBn8gGHf1XCL2rhO2ZINA==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 105 KB
34 KB 71ms
69ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:59 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2QdQNwJ4SDmpUoZVr7HrkjjZUMt.Wzuw
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JNtVahsKVct8dc2-mQ857VIXg8Q9f_gRoqzMdnVNjsxk2Y3wp-EffA==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 12 KB
4 KB 73ms
71ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 1879530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bXdSjY9CDnekLor1Q.RFbiIDqi7ulpJa
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YqQ8Su3b6FRxHbms9oKZOC4ueJtU64-vBuqb3mVKYX63tosDWl6J_w==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 12 KB
5 KB 73ms
72ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 1879530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q2g0zIRf_FIeqHbwx92fc3AdT0lCB1K6
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5jVUVGhvasFmDPeUGzGHIpgw1hz4IfOqOAfxQRbZjII3wwGyh_OlZQ==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 17 KB
7 KB 80ms
80ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:58:47 GMT
content-encoding: gzip
age: 3558287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 13:47:23 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wCl6QNbYqV3zaB4E280GBYT.UNDnPeJC
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: l7nCI6IhK90HAOj3dqKk7ISSAmd1XnqsX93EW9WNYDnqlroaNkn_ew==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame 973E 11 KB
3 KB 80ms
80ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 3812114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d2ceCtIxgb9tbYZ2O-0MCVoMrQHDegpGj72BxbrJ1Qg98j3EwYG02w==

GET
H2 200 7.892db701.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 69 KB
22 KB 80ms
80ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.892db701.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a85e6cc00b6521151a066190dfa2f0983135171fbc1845b0acfe09fddb245a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:53 GMT
server: nginx
etag: W/"59ff575cde5cbc57af07ef742efe8a77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6L5P_vHWmZADGUWpRUkNwqrHbIkXu6n5
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: i3EZqwIWud5tqLnoNQdkY46FXhxUm9AC_7mu3RdWKDNW7RtiDHJqIw==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 973E 24 B
667 B 91ms
90ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
age: 11325076
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VFl7FAe0m55YEP5-PqAkquBvHn5lNGclMpfp9g7u-A7k2plk4GQTcQ==

GET
H2 200 14.c25177a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 74 KB
19 KB 91ms
91ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.c25177a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d3cf67b9a5c82810aad30bbe1e7213ebf0e45879501938a34acbd5a1b39b3773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:50:48 GMT
content-encoding: gzip
age: 541966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 14:08:21 GMT
server: nginx
etag: W/"18403c312bd271177d0f9589bf9f8e63"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lOPAv9SDW_4LP.6rK6h_XISnbYxX1zW_
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hmJZDMxf74ZTE51o3ktTRj0vHrIqZMoZBPBTji_LU6d9LLta6RTAzA==

GET
H2 200 20.ead2182b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 47 KB
13 KB 93ms
92ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.ead2182b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:51 GMT
server: nginx
etag: W/"61892b29d94d646e4fe4c955206e953e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R.TDOsQ8XUx2f30jYVAP1aJfV9HUfplp
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YVWpd-Z63Tw0a1NMs5xh1WxxDBtVgY85uTGF-q72NaO_Y0vum_45bQ==

GET
H2 200 12.5fc8721e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 41 KB
13 KB 93ms
92ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.5fc8721e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d38c2d64e57da1a0cb467ef0cd7d85d2e841799ab839a579231300101ffa3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:25 GMT
content-encoding: gzip
age: 111729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:52 GMT
server: nginx
etag: W/"77b6063aad824ddaa4af9a2de2afca3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YYKVfxhFGccZ5ywGIrKDAtKa86md0_CT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: qpU0Fu8IuwCn8aQO39QgVG9wi21IxjlnPhbba29NsKN33ig3z6FjiA==

GET
H2 200 42.3b1c2441.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 47 KB
14 KB 40ms
3ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 3868116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:08 GMT
server: nginx
etag: W/"62fe06940598a98760a9eae46800ff59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ZvrGZ__CENehO4yWRJghqJAjDXfkpDfG
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UEhEY1XCE-GsFXwZRuAOWWE-34J6PGMGDVc25XX3oVu1XhpOohsCcw==

GET
H2 200 17.cce21c2a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 44 KB
13 KB 57ms
22ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.cce21c2a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:54:58 GMT
content-encoding: gzip
age: 3868116
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"565bf690dc82ce7e1f45c9647d892490"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: V1tQBeNhHuSP3Kq4PFVzDyqDvIlj_GeG
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: d7pUnKifQpsPATFTokk6y7Rb3rgISHBaa6Ubn_fTE5NcfId2f1Qfww==

GET
H2 200 35.3e4eba7e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 25 KB
8 KB 57ms
23ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.3e4eba7e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:08:30 GMT
content-encoding: gzip
age: 3813304
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:57 GMT
server: nginx
etag: W/"b1a0f364c9ad5137b5ab8e5237a825b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KfofLwvG14tKBpk6tXvFAfICf2R3Oaes
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zoiwub5mel4lmn6a-juJ-PI6WBMpIMVwPORy3y6YsukyaLmVuujgFQ==

GET
H2 200 15.8065fdbf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 16 KB
5 KB 58ms
24ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.8065fdbf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 06:18:05 GMT
content-encoding: gzip
age: 8694329
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 03 Sep 2021 14:38:32 GMT
server: nginx
etag: W/"db60664de2c8d54d23e359c94e68f6ce"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: vLMtFICr__AmVbpyC1134yZVvjJr6q0Q
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PUZFU7EUq0ii6_B8_8bgvS5VxQlM_mkNYj8iuW2BevE2s3ZAyo6e2w==

GET
H2 200 19.5937a5b2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 72 KB
22 KB 59ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.5937a5b2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:55:04 GMT
content-encoding: gzip
age: 3868110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:07 GMT
server: nginx
etag: W/"08aceb94bd26b0e431ca437d628e3c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a9V2sG0hWPWT.cLrpxmLmJQEJHJ3pTch
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ji17oy3n2yS2kZKUBwKRo4Ierp2P4HALxO9vHcy3t--wLMzaPGDXMA==

GET
H2 200 32.04864e7d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 16 KB
6 KB 59ms
28ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.04864e7d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"3b6707d602c1f7d03c4c8b0bdecb8e4e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: juigjv2.842khaDjrzqiMoucoadLCjYk
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GMDweGH8NiIa02wRJYWHgw8QVI3W7uihqEDfI5EjyCU8UjwVgyjSHQ==

GET
H2 200 23.a53d721f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 59 KB
19 KB 60ms
29ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.a53d721f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 01:41:23 GMT
content-encoding: gzip
age: 1366930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:10 GMT
server: nginx
etag: W/"fe96cb8c4c390342c29d3c8cb0a4ca14"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Bes4ojoExyGtogevsaG2vPPgIGz3MINt
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lVENGm5mbMAf2kLr8UTIVq7x5g3V4UKIFrH5yEXpF_rJStLFVK0Omg==

GET
H2 200 10.704ab67c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 91 KB
28 KB 61ms
31ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.704ab67c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 20:47:44 GMT
content-encoding: gzip
age: 6482149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 01 Oct 2021 18:06:47 GMT
server: nginx
etag: W/"50dcb170ca1ae1f4a09fe8f23065f2a8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 8SLWCghXfnMEQiqJuVzEB4mWFfFgTeMA
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KoGPJhSc_avsWfS-rspSZieashkwrEP9xvNT2YTkyeQdcjmbqgAfpw==

GET
H2 200 9.cea5327f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 24 KB
7 KB 79ms
49ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.cea5327f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:01:38 GMT
content-encoding: gzip
age: 1318916
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 29 Nov 2021 22:20:12 GMT
server: nginx
etag: W/"2db4f74e4d7ffda350b50dde6a07ed5e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XO6Gj_y9Dw4LqhxSapA287FNAF2AYGBn
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uqrQkqJDnJVODtvvOwwcPM7QKCorfylXAU86Bb7AC7FGdGafsUTcTg==

GET
H2 200 13.c2156fc2.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 62 KB
20 KB 80ms
50ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.c2156fc2.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:58 GMT
server: nginx
etag: W/"b94404e76324bd4454531b2e0a54f7bb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UBqTGR_Kpp2cPp4uQTy5DkPbiTlHyHAU
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ON9Pht1wnVU031x7X96pJHyVyw_HKbzClZ15JhyZkdxGSxT2Ysb0qA==

GET
H2 200 40.01f4f7b3.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 105 KB
34 KB 81ms
50ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/40.01f4f7b3.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:21 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:59 GMT
server: nginx
etag: W/"7dd9b27f83583b6d43567ed4b21eff8c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2QdQNwJ4SDmpUoZVr7HrkjjZUMt.Wzuw
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: c2BCTyKMWo0ut73AMDhh1xTVPRxBvdETFlpU8riyFst2ZKKHxb0uBw==

GET
H2 200 33.c1910d43.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 12 KB
4 KB 83ms
53ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.c1910d43.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 1879530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"0e451f1cf9656229ccd33dfa3ad0638d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: bXdSjY9CDnekLor1Q.RFbiIDqi7ulpJa
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _8MguBkGdU7TAfjgzaoMQRFF54hcRCLCuao5D1smKkC9xqPJKJDj0g==

GET
H2 200 25.b7a0bf53.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 12 KB
5 KB 83ms
54ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.b7a0bf53.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:18:04 GMT
content-encoding: gzip
age: 1879530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 19:33:19 GMT
server: nginx
etag: W/"808f7c7829001881a39cef6846a36ce0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Q2g0zIRf_FIeqHbwx92fc3AdT0lCB1K6
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TKNHQdl7Fr9HC-3NrjHsMxyJ2xTKFTicykDM__66J-Eds7My5sHdmw==

GET
H2 200 16.fab21cf4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 17 KB
7 KB 84ms
52ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fab21cf4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:58:47 GMT
content-encoding: gzip
age: 3558287
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 13:47:23 GMT
server: nginx
etag: W/"b451093ecfaa012f364641010ed13346"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: wCl6QNbYqV3zaB4E280GBYT.UNDnPeJC
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oINd-bY4Eq9IQ0cgibjaRK4Dps0rkSjX4yAQFkYAuu_oQcv0YV0puQ==

GET
H2 200 7.30af169a.chunk.css
js.driftt.com/core/assets/css/ Frame 71B5 11 KB
3 KB 83ms
51ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.30af169a.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 3812114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"bd798c00af88b7523deb5a8065993250"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i5VGTHkGJ3W10pB8.FdBO9KWoGwOWrOx
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iYupr70oHxHpKXWke3m2griumgX_W1wC4BDXYU_zx3i5u9JRoKmnxg==

GET
H2 200 7.892db701.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 69 KB
22 KB 85ms
52ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.892db701.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a85e6cc00b6521151a066190dfa2f0983135171fbc1845b0acfe09fddb245a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:53 GMT
server: nginx
etag: W/"59ff575cde5cbc57af07ef742efe8a77"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6L5P_vHWmZADGUWpRUkNwqrHbIkXu6n5
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P7_FMozuzAM5z4WvrPzzATGXbhvm8QbEOBokZTr9UmJ46QArO32HEw==

GET
H2 200 14.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 71B5 24 B
667 B 83ms
51ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/14.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 19:32:17 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
age: 11325076
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Fri, 06 Aug 2021 18:47:22 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TvxaskXeU1vX5QWjGFtspdoYt.ZZ_9cE
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KznsRJIxpkWOHmb_Ps7DnObAds_eyjPgD9L_gXcXHnXFiyuD9tQjhg==

GET
H2 200 14.c25177a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 74 KB
19 KB 86ms
54ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.c25177a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d3cf67b9a5c82810aad30bbe1e7213ebf0e45879501938a34acbd5a1b39b3773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:50:48 GMT
content-encoding: gzip
age: 541966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Dec 2021 14:08:21 GMT
server: nginx
etag: W/"18403c312bd271177d0f9589bf9f8e63"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: lOPAv9SDW_4LP.6rK6h_XISnbYxX1zW_
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ucBqEMmlA3Rf2XeQ2qHNfJzQT7FTYH-qrCoV5m64VfQKJlRD-tZaAA==

GET
H2 200 20.ead2182b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 47 KB
13 KB 87ms
56ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.ead2182b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:51 GMT
server: nginx
etag: W/"61892b29d94d646e4fe4c955206e953e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: R.TDOsQ8XUx2f30jYVAP1aJfV9HUfplp
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: b2h4zVzMNRAra2mTN8VCF4eI1htUx-wfDUUphPDhw4JAQvA7Vxewbg==

GET
H2 200 12.5fc8721e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 41 KB
13 KB 102ms
71ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.5fc8721e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d38c2d64e57da1a0cb467ef0cd7d85d2e841799ab839a579231300101ffa3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:25 GMT
content-encoding: gzip
age: 111729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:52 GMT
server: nginx
etag: W/"77b6063aad824ddaa4af9a2de2afca3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: YYKVfxhFGccZ5ywGIrKDAtKa86md0_CT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nsuSuj9NjwX2a2wicQ8BiPu_O3IBdzsD6CMndB8bFhacAdj_iyq0lA==

GET
H2 200 30.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 973E 3 KB
1 KB 26ms
26ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/30.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:28:20 GMT
content-encoding: gzip
age: 3812114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 17:24:54 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GBOBYZXPfE_Um1Sf_mqL4fDHmw8hrH5J
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vqELexrRUM8EIQ32CpZCNQD2eN6KHC7fCN0J5vi335BULX0CfxVcTA==

GET
H2 200 30.0383f092.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 3 KB
2 KB 27ms
27ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.0383f092.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a5e4d82414a2ca26ea7d94c8586c3c32363073ecb1214c884d302439f420913c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:52 GMT
server: nginx
etag: W/"62187322b72b1fa76d14e19526c132b8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: z3aE86SV2XLkllCr6fKLzNFXHsnbcDpg
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JJzWbMWAT3bhi9j5iWBLFJx214bfaiM-ZhhFesRRlztZrb3-oAsANA==

POST
H2 204 collect Show response
d.clarity.ms/ 0
95 B 125ms
124ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.30/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.cybereason.com
date: Wed, 15 Dec 2021 21:23:34 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 22.e10510b6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 42 KB
12 KB 32ms
31ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.e10510b6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 03:00:11 GMT
content-encoding: gzip
age: 930203
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 02 Dec 2021 19:39:10 GMT
server: nginx
etag: W/"a99459752bee496e4af7c45277fd9c26"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .p1WPnsH8XGSlb.mHBXCMu26rOKTD1WF
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bRtKP0ezg6aOPybyjxhtNwrbnVrO-_OFGEmolo7dMHrGuIb5CFSKgw==

GET
H2 200 24.49c6961c.chunk.css
js.driftt.com/core/assets/css/ Frame 71B5 8 KB
2 KB 33ms
32ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/24.49c6961c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 07:58:46 GMT
content-encoding: gzip
age: 5059488
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 15 Oct 2021 18:19:47 GMT
server: nginx
etag: W/"f80cd64e339375567091159cb077b941"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: t3wd1L70.jr_F45fRiZ9jDIt4M2lflSx
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _ju_WGqJJ9R-9OUh4InWyoDNBoaD80vlIkHN4HZfG4Fwt-Vj_Src3g==

GET
H2 200 24.abe2922c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 12 KB
5 KB 33ms
32ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.abe2922c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4d85222516f652c200ef03b89b4b755c6a54210c75ca599fb53e0a05d677e197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:52 GMT
server: nginx
etag: W/"04cf8ee37950ab9133d56182ac42f2d5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AKRAE85zxgA0Hp9dPNB1SHfTVkCdBA_K
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oxc_jrp365VoJKy6Yi5J5IoluWRoERMlLdbIScH6EPFbOBrSUK_Wcg==

GET
H2 200 18.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 71B5 365 B
1009 B 33ms
32ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/18.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:05:58 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
age: 6837456
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Mon, 27 Sep 2021 17:53:27 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2nl84_Ynkb7J4eflOi4MBL9RG1iL8udX
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TDDh_HDGXHOY4D8-0KmGbmVKOgcTE8rDsl7GOj2hYCA87yX3QIsv8g==

GET
H2 200 18.d26db4f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 71B5 84 KB
24 KB 33ms
33ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.d26db4f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9d7afdf8d1c1a87187c0ac284ec079f86acdbc289484bc8d4066dd4035b51d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core?embedId=zdcd6x8yhg85&region=US&forceShow=false&skipCampaigns=false&sessionId=16b91dd7-e8ec-4dee-b008-820f2f74dc3d&sessionStarted=1639603414.227&campaignRefreshToken=2968d273-ad5a-4f54-8c3b-9e9d73f9fc66&hideController=false&pageLoadStartTime=1639603410112&mode=CHAT&driftEnableLog=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:51 GMT
server: nginx
etag: W/"676cfbeadf3745138265730781f5f098"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: QXlXpncoHQvFxp5turnNkFrpF0Tp7Na2
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XMiYngEJUF6OXQdS_j2oYpuEVBiR5cAZ4031OJLTnHBaxQsB4txrlA==

POST
H2 204 collect Show response
d.clarity.ms/ 0
25 B 247ms
246ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.30/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.cybereason.com
date: Wed, 15 Dec 2021 21:23:34 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 1.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 973E 7 KB
2 KB 24ms
23ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:55:04 GMT
content-encoding: gzip
age: 3868111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 20:21:04 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K9l0WdnhS0.sb1iJQdTJni3xfVGcn633
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s4IcFva_Q6-sloPjsRi1mhHXJEfPvfLiaj4Pd1kK043wUpdopFX-vQ==

GET
H2 200 1.187c50a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 54 KB
16 KB 26ms
25ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.187c50a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:53:22 GMT
content-encoding: gzip
age: 4447813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 22 Oct 2021 17:06:57 GMT
server: nginx
etag: W/"eeccccb655ee3b6bcb8b1a9b1da4fd30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: T4NYA9GFrw0AOH7iks5Owut4YT_Q7yUg
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: At2ESiWQ-mYc93MmMskPzVxlacEBsgAV-RjopHG9rK-2ZypQSBRqnw==

GET
H2 200 0.ee2abab8.chunk.css
js.driftt.com/core/assets/css/ Frame 973E 44 KB
7 KB 25ms
24ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/0.ee2abab8.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5dbbdc87055e3735446865635b4678301f3e2a1a8796c5c8f9e6708aee679592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:26 GMT
content-encoding: gzip
age: 111729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:51 GMT
server: nginx
etag: W/"c00b54e499f71a56923e5c2db3c1ebfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 68ABimk3FXgiFdH1qEDL3xdLWSNdRuPT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: J8Gih7SJV4OdFXhjfwvxfNbXPJclRk82fbLT114GniyIg5Ft9fTzDg==

GET
H2 200 0.0d5304f8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 70 KB
24 KB 27ms
26ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0d5304f8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

7072e71c4451255d76dd060fa22d2372b336662caa03dad732c3e8c495e3722b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:26 GMT
content-encoding: gzip
age: 111729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 13 Dec 2021 22:15:52 GMT
server: nginx
etag: W/"2d1fa187641adb5aa5b2cb4ccf569a19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gDqGMN2zeYnveagEipdU6C7OXCRNYw0e
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZWWojmZPNHdvOofRdUqnZyfoT7zLniZtX1aXFI3oTfvQs_N52AZAQw==

GET
H2 200 29.a4eacd1c.chunk.css
js.driftt.com/core/assets/css/ Frame 973E 11 KB
2 KB 25ms
25ms Stylesheet
text/css 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.a4eacd1c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:12:40 GMT
content-encoding: gzip
age: 2423455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 19:25:04 GMT
server: nginx
etag: W/"5fcabdf983fd5bbf7cb199063137d146"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: k82F8FaNpkIB_WK109g86MbRHlA8U_6q
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tlt3Y3xvpU_wJpY3r6KuJDYm5uP8spwSaB2jnn8gwZLWkN0W2o-vyg==

GET
H2 200 29.dc469063.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 973E 11 KB
5 KB 28ms
27ms Script
application/javascript 143.204.98.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.dc469063.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b5231fdb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-70.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

b3e92729562bf7aa805f612b4f909f640cdcfe2ccdc9ee6cf78f710491208e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1639603410112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:07:51 GMT
content-encoding: gzip
age: 796544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 15:09:52 GMT
server: nginx
etag: W/"72171f9c0b9a4cd90bdf2440c1e572de"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: tOIlB4_T5WHhtdhh95vBpNvdrmWg4TVO
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lVV8eVc2dMG6WcXUp7RvD73JKP0hxOEDj3ASH5y3JjzrH93ZyHBBdA==

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 561ms
124ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift46f86294424920c9ad27a61e854
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 71B5 25 B
122 B 132ms
128ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
server: istio-envoy
requestid: da37efc2a3bd240
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 71B5 126 B
223 B 120ms
120ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

4ecc24b4e3b1ace9bfed2b1afd1844c33e4398566a0fc0c51c886a67783f641e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
server: istio-envoy
requestid: ccbb59663003900e
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 126
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 539ms
120ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift46b766a4ad8aefefd8b87611930
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 zdcd6x8yhg85.json Show response
embeds.driftcdn.com/embeds/ Frame 71B5 61 KB
13 KB 172ms
40ms XHR
application/json 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/zdcd6x8yhg85.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85471eec55fa99e7a62de2d9254f8385a9c21ddf9bf8ca959fb07b90ba1c84df

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 21:23:35 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 15 Dec 2021 20:46:09 GMT
server: AmazonS3
etag: W/"8d14439ab83cdc4ec000075c6549f88e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: lG-uqXK4rTlOioo5fbEThVSx3Kefso7WJgSmbHhHoeKYxy8u6ceb8g==

POST
H2 200 perf Show response
www.cybereason.com/_hcms/ 2 B
546 B 230ms
229ms XHR
text/plain 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cybereason.com/_hcms/perf
Requested by: Host: www.cybereason.com
URL: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 6be2bbe7f943f927-MXP
date: Wed, 15 Dec 2021 21:23:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: ccc1f5fe-a064-4f48-9bd8-6b60b0b26b48
x-trace: 2B88DCDD30932CD22D60B60C6CAD9F9FBC740F08A9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaZ8kYCqIHt%2BkTUmw2ijHPHIkW48IJ9vM5EHxYFRmm4Nwl4YOcYL1Gg2GAh6Def1fGZp9P7rg%2Fph97pgpQ3IwQ%2FL2Dhz3t2ADYOw6eQGL8FVbYEmCUM%2FU%2BxkdG3Ccdu8p5LNvd39xKBd0cmgBH2RwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 119ms
118ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 15 Dec 2021 21:23:37 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift25a786f4830a64d5a78fb5be0a9
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 71B5 25 B
88 B 131ms
130ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 21:23:37 GMT
server: istio-envoy
requestid: 6f2f7dfddedd3c91
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 71B5 25 B
85 B 113ms
113ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/42.3b1c2441.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 21:23:40 GMT
server: istio-envoy
requestid: 928f15fe47feac4b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 121ms
120ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 15 Dec 2021 21:23:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: driftf1a49324a51bf4de97875288129
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.cybereason.com/	1969-12-31 23:59:59	Name: __cfruid Value: 8a897f569249e1377bd1e0c3e9c2f628a9c8f3c6-1639603410
.hubspot.com/	1970-01-19 23:26:45	Name: __cf_bm Value: 2b3WXfvpCzTD29x0GpuI5O7QqPWdNRqSCNuFb5dlW6k-1639603412-0-AUKJaR8aBUW/y5/0mQnqY0fkr/A4g7nxYN9S/xWUeaLsXZR9fgzG6/N9odM+AvEo/EfJKk9HbwZdnHrxF1rfPus=
.cybereason.com/	1970-01-20 08:48:19	Name: __hstc Value: 85683782.7078fdbd13d44b6b384603373928eb14.1639603413294.1639603413294.1639603413294.1
.cybereason.com/	1970-01-20 08:48:19	Name: hubspotutk Value: 7078fdbd13d44b6b384603373928eb14
.cybereason.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cybereason.com/	1970-01-19 23:26:45	Name: __hssc Value: 85683782.1.1639603413294
.cybereason.com/	1970-01-19 23:28:09	Name: _gid Value: GA1.2.1908308180.1639603413
.cybereason.com/	1970-01-19 23:26:43	Name: _gat Value: 1
.cybereason.com/	1970-01-20 01:36:19	Name: _gcl_au Value: 1.1.974616558.1639603413
.bing.com/	1970-01-20 08:48:19	Name: MUID Value: 0088A08048596AE40CFEB18E49326B41
.cybereason.com/	1970-01-20 16:57:55	Name: _ga_SSF38JVRVJ Value: GS1.1.1639603413.1.0.1639603413.60
.cybereason.com/	1970-01-20 16:57:55	Name: _ga Value: GA1.1.2004201336.1639603413
.cybereason.com/	1970-01-19 23:28:09	Name: _uetsid Value: 41f376c05ded11eca22289a33822f3db
.cybereason.com/	1970-01-20 08:48:19	Name: _uetvid Value: 41f380b05ded11eca08c9da661879b5f
.mathtag.com/	1970-01-20 08:52:38	Name: uuid Value: 78d561ba-5cd5-4900-9908-e0a2456846ae
.cybereason.com/	1970-01-20 01:36:19	Name: _rdt_uuid Value: 1639603413771.0b374343-6e16-4911-903a-b653b19064ef
www.cybereason.com/	1970-01-20 08:12:19	Name: __pdst Value: faae3dbb5c2643dd8b226eb693402358
.cybereason.com/	1970-01-20 01:36:19	Name: _fbp Value: fb.1.1639603413847.1442599911
.techtarget.com/	1970-01-19 23:26:45	Name: __cf_bm Value: nmnFmfFkvBRGKdL4TiiQq7ndaFekPDvbId6.cr7qZr4-1639603413-0-AR6gO8RdFrj0gQDapaOuckWaB4MRMzJNIo+Y+c2SR9jM9xwC3XHYp/HHve9I2qTmUtSbJEcn6GOykhdR2jxq7yg=
.doubleclick.net/	1970-01-20 08:48:19	Name: IDE Value: AHWqTUlRnTJFm7XUe8Q-GFsd38QL8qD7k67XMEWBtpIDfwUgtcbtQ7A3mbuKAiaR
.ws.zoominfo.com/	1970-01-20 08:12:19	Name: visitorId Value: 50428fb88945ddb132822d63765e68ac0388f570acbd48394777cc4330ad598a
.twitter.com/	1970-01-20 16:57:55	Name: personalization_id Value: "v1_dh2T9h/uWwXiaAL2kODLpQ=="
.linkedin.com/	1970-01-20 00:09:55	Name: UserMatchHistory Value: AQLq59kFcu_-6gAAAX2_-qROhQrTOrfUD7r4lSHP5DFEs0EseosKKOe3EefUiDGoMgStZpMC0QXEqw
.linkedin.com/	1970-01-20 00:09:55	Name: AnalyticsSyncHistory Value: AQIKeyio4Pk_2wAAAX2_-qRO6fhlOBH_sx_QPqzA-LVLza730A00S4MkDXirP2nvgv8m4l8W3Qgpa9hJtXGKQA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:58:37	Name: bcookie Value: "v=2&ecd7adfb-9c2b-4ee3-8852-79fc2b5f6046"
.linkedin.com/	1970-01-19 23:28:09	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2519:u=1:x=1:i=1639603414:t=1639689814:v=2:sig=AQH2p5eVv92W2xy9GExV_uMzK6cl2oUO"
.facebook.com/	1970-01-20 01:36:19	Name: fr Value: 0c0dCdRZxYWen3a7m..BhulzW...1.0.BhulzW.
.mathtag.com/	1970-01-20 00:09:55	Name: mt_misc Value: mt_bt:1
www.cybereason.com/	1970-01-19 23:26:45	Name: drift_campaign_refresh Value: 2968d273-ad5a-4f54-8c3b-9e9d73f9fc66
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:58:37	Name: bscookie Value: "v=1&20211215212334d1ed9955-de4c-439a-839c-475c0218a13aAQEpp1LzXFp1MI7U7swLTT648Xa3hhs2"
.linkedin.com/	1970-01-20 16:56:19	Name: li_gc Value: MTswOzE2Mzk2MDM0MTQ7MjswMjEja2FR9+h3eO6rC0NqAXNH0hnhJnLvf7LlU/7LzAb+WA==
.cybereason.com/	1970-01-20 08:12:19	Name: _hjSessionUser_704918 Value: eyJpZCI6ImYxY2ExNTFhLTIzMWMtNTBmZS1hNGVkLTk5MGUyZTI0ZTE1MSIsImNyZWF0ZWQiOjE2Mzk2MDM0MTQyNTcsImV4aXN0aW5nIjpmYWxzZX0=
.cybereason.com/	1970-01-19 23:26:45	Name: _hjFirstSeen Value: 1
.cybereason.com/	1970-01-19 23:26:45	Name: _hjSession_704918 Value: eyJpZCI6IjQ3NmIxYjVjLWVlZDUtNDNiMy05ZTM1LTVkMzRjNjIzNDQwNCIsImNyZWF0ZWQiOjE2Mzk2MDM0MTQzNTN9
www.cybereason.com/	1970-01-19 23:26:43	Name: _hjIncludedInPageviewSample Value: 1
.cybereason.com/	1970-01-19 23:26:45	Name: _hjAbsoluteSessionInProgress Value: 0
www.cybereason.com/	1970-01-19 23:26:43	Name: _hjIncludedInSessionSample Value: 0
dpx.airpr.com/	1970-01-19 23:26:44	Name: an_airpr_recent_visit Value: 1
.c.bing.com/	1970-01-20 08:48:19	Name: SRM_B Value: 0088A08048596AE40CFEB18E49326B41
.bidr.io/	1970-01-20 08:55:13	Name: bito Value: AALYpU7DdLoAAD0SARysSg
.bidr.io/	1970-01-20 08:55:13	Name: bitoIsSecure Value: ok
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 08:48:19	Name: MUID Value: 0088A08048596AE40CFEB18E49326B41
.c.clarity.ms/	1970-01-19 23:26:44	Name: ANONCHK Value: 0
.adnxs.com/	1970-01-20 01:36:19	Name: uuid2 Value: 3576325908894317993
.cybereason.com/	1970-01-20 08:12:19	Name: _clck Value: 10ert3l\|1\|exa\|0
.company-target.com/	1970-01-20 16:57:55	Name: tuuid Value: c56c6358-4e82-4507-88ab-4fedec4ebf52
.company-target.com/	1970-01-20 16:57:55	Name: tuuid_lu Value: 1639603414
apt.techtarget.com/	1969-12-31 23:59:59	Name: TS01fac3f6 Value: 012c664659194e8c1abbcfd7cab331a49a5857a24a4a7805ae500b3b4ddaa6e074f493ac3942a04ee2b9389fb61dde6b40e6c8de76
.cybereason.com/	1970-01-19 23:28:09	Name: _clsk Value: w8q49z\|1639603415100\|1\|1\|d.clarity.ms/collect

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.cybereason.com/hubfs/dam/fonts/criteria/Criteria-CF-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://lltrck.com/lt-v2.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10272547.fls.doubleclick.net
10428681.fls.doubleclick.net
401574070.privacysandbox.googleadservices.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
app.hubspot.com
apt.techtarget.com
attr.ml-api.io
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
cdn.pdst.fm
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
d.clarity.ms
dpx.airpr.com
embeds.driftcdn.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
id.rlcdn.com
in.hotjar.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
lltrck.com
match.prod.bidr.io
metrics.api.drift.com
p.typekit.net
pixel.mathtag.com
pixel.sitescout.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px.airpr.com
px4.ads.linkedin.com
s.ml-attr.com
script.hotjar.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.demandbase.com
track.hubspot.com
trk.techtarget.com
up.pixel.ad
us-central1-adaptive-growth.cloudfunctions.net
use.typekit.net
vars.hotjar.com
ws.zoominfo.com
www.cybereason.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.131
104.244.42.197
104.244.42.200
108.174.10.14
142.250.184.230
142.250.185.226
143.204.98.123
143.204.98.16
143.204.98.39
143.204.98.40
143.204.98.51
143.204.98.57
143.204.98.59
143.204.98.70
143.204.98.93
151.101.1.140
151.101.12.157
178.79.242.16
18.159.7.124
2001:4860:4802:36::36
206.19.49.24
23.209.69.86
2600:9000:2156:ea00:12:3734:2a40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67e2
2606:4700::6810:135e
2606:4700::6810:a852
2606:4700::6811:46b0
2606:4700::6811:d6cc
2606:4700::6811:e9cc
2606:4700::6811:f1cc
2606:4700::6812:15bf
2606:4700::6812:15c
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9a
2a02:26f0:12d:485::19fd
2a02:26f0:12d::6879:4c50
2a02:26f0:12d::6879:4c51
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42::622
3.94.218.138
35.244.142.80
35.244.174.68
37.252.173.215
40.76.174.66
52.142.114.2
52.20.96.200
52.50.109.234
54.147.21.139
63.34.251.77
66.155.71.149
68.67.153.60
0187404aad265903ffc6dac965bc2f4e4d1100b6f0dadaefac03d27ce60a3745
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0a1db8e6cb7ae20e5ac308a25943b94734e7ad0f794b26eb778c7e38ae2b51e0
0ea7d23d55fdda4f42a373f9a16ddb9a744c682714a9516dc95e9acdc5b3ce40
0f8a16376fc58a7bef15158e27102c37d461897a3bc1e6ce8afb5b7e6f98dfef
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119bf322a2ce6d2a82422b51404bc54b375c881f12a120205598d1691fa48820
12127e3110351f54262db955bafe353593dd58c89c7f6b6fc159c10515e93c61
136d46843c14c2ae1e8a4d59f5690e6b2c55d567be7183fccaf54d4df3978065
14bde8a9ed463ff343937368555105c6e2e25bdefcccf034593b295579fe2b73
1612e3d01a9389defe81c28b91ee18b7b1f97b54f39dd8aa651667c25bce28e2
16296e596f42ebc081cce736f5dfcf3ca001c909b659b9c305f45f06606a6e78
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
1829207304c9dc4a4d3f08067a1f3024ff0d7e9c3d305259c4997212f6831839
1b7a50770485be8281befa17e0b6054466915401e8163c5319cd7791ed290ee7
1d21f451d964e9dc02c1ade6f0348001f7583bcb29c7d95ca44d9a3037f6ff45
1df7190cf4334bedc912330fbc4b3bee340bc60dd057ddb9bbb07ffa101a35cf
209ed113e72a399e9f971061807a1c7e2f2317709dde108d1dae8f2b737b5530
20e041cb509df34abb6a3ac62c3702931561a0dcbc2d683a5ad85adae7b88f15
2257044d49863eae7eef3d199fac4d11dc896ba05eebf2c153a0327331517abb
266d85b7ad351501b8651b0e659d6d74fbe07085d3226cd3f7601f6522fbdf97
2a5170dafa42d3393aa578540b806c68c9655d42cf4a34e5c0b5ff2f50c38821
2a64b82e493758422d59a77157bda12f280dec0f2105dbc7cfe789b373113b53
2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7
2b4d9e531f3302ad49380ce5e5e160925956edb55179c63ee2bac32ab040d1a5
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961
2fa3b76bcae9ae9e6b616b51f6451d62a49f7f8a8fa2961c1f577169df63112d
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
322283c1388fbc185e2b599da8625e58b12f5b2897952937d1f0c209d2b9b745
32c44b1bf97e8e11c656368a605c4c7740688c9fccf55bfd5fe2f13de5b5f620
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
3435ea8e0a22b4402b86aee2c20d86fc52d4ff266691be7bbe595e6d173289c4
3548fdd09c76e6d1a78dc0890d0da250339a5021ef499ac8b61f9d1bfae1a43b
359197d1e7ab63fe678db88914f31f1f9f6a37bd182e0de565fc7a68302a1f50
365a7ca6f52df29efedfdac2e08a9d0f03e4e2122dd9a49803bf8dacd58480fc
371d7d61fcb6139fc3a6d7a124e98aa200a4397e2dfaa5bc749ecf0c577b4dd4
38b865393cfa7c8e3d563d36d4a6bb5acabb407529e041e6d5c58ef646db8bca
3a45ea5b3d2f06d7dc15fbbd31895b161abb6c6803eecefb7916d109ede06cac
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f373d676c028ad1d152434937897bff566e9e1adb1dcf1b24513a38d044ac76
41f7afd6088c39cdc0d6f910f7f4b6afbf6a2133533847e960a8ca906fabc1c6
438769c80e34b84e797ecb4f4740158d9f56253bbc1cfebce0c59aaf04c1b355
4497e8022e1a35c31ceb2f26213d77fef26de39398dfca2d5f6fda971149b1ce
466d394a20d85dd055135496956dd49c2a2005d12f55502678b2bad9dfdf656d
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
4a9b0b449b77fd3cf250284f9c232b20dd193d8c538f059350594bc865847da9
4a9b9ef1e7b0e00b845a01494a94482ce95d5c24363f93e0e142e0901d0e5738
4b2220d50338f50589a60fea18ac539525a8e1b891647caf85c19a02f7fc8549
4baa608b3754d5dc394e8b92056e3d872ae5276d3682b76040f85f00a3114f48
4c2e4bab088925eaae4a38385ad599620fe3ad82cf313a59e42275c0b61d21a7
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4d85222516f652c200ef03b89b4b755c6a54210c75ca599fb53e0a05d677e197
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4ecc24b4e3b1ace9bfed2b1afd1844c33e4398566a0fc0c51c886a67783f641e
509e3e4cd0a56f878d9b5ab1c529b559ec003c505ef4551796de673259c1a536
51be4699c1f6d0ac31b6e46802f4f7d6e02131dde182739e1bd00de55d3b8885
52997a640c38c5915b6105ad464bf2bf8121f3fe40c72d70791f54c4be95971a
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
578cda2391db4e4d761ae5c4f05c03614d0ea8fec0b260edc036cc0bbdfcdd93
58332a4cc75a697eafeb1b4d9cb66326d6a29acb2f98afc1de3f1ef2401be056
5a2a361503e5af77a9fda0e38730101333d05edcd29741b6429743ea6e7559a5
5b7eeb2760475a956e132e38d772e4a2201db7d7e653ffaccd9a63905317acfe
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5dbbdc87055e3735446865635b4678301f3e2a1a8796c5c8f9e6708aee679592
5f03aa42c9abd16b80a2c8746abb9d53095adea2e3e92222461c143f471851e6
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
604f11b1aa0c94217abb80eb7a5c7de728f9463e4f045fe8a34339f438a50cec
63e0d1cf0ded40281f4b4c439d8c6e6630e3b31acf44d0d198e2513680c4bac9
64012cdd932ef13e83e2708af4d9b35bd4ac1416ca9473b7324eb851a2b93364
66b4fac9494bbeda177f4637fa3e7423fc8ef54b11a6875e68cdf3e472293b2a
66ba9d76c09ad6dd52135d52c368f6d87ac40b5b4ce418e41a105fb221c7e470
69560229acb9c6f01744e0172bba17d68642703a1be7312a5f2a137ce4e22faf
6a06dd8c689a6a52dcb00a0eaabf9b05609e98792fe24c12cbdbe9ad45747546
6af036a4ec23088a2e702e364d84320dbcd420a0c8c5ef82bac37006554e3ea6
6d3e07ec0b896d5b9a90eba7f9213a28d8ec84887e2bf6505f75d1c8ebc15f96
6eb129a27cd418f2dc0dff837a9ecc0bd15a35f35dbfce720c31e12520e535af
6f32653318cae3c5d724963003cc4757738fb9096a031a46cf14701241bf32ff
7069db6e08cf1a0478eba2451b59244b1b34b4e3967078a4b3b3b0391b50ff93
7072e71c4451255d76dd060fa22d2372b336662caa03dad732c3e8c495e3722b
71f918c131027703d4692c7e7cc9d46fc09554fc2b211e60f12e8fea8360deb7
7219936e6e56b9932b2f1dd06cfff09b655a729bb17d0aa6d757e14184512384
7253749a2f8658ad9c6fc72495c07b0584822e9b153ef0d505ef927fd857fa4e
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853
735e44959f60192ae3b93cfafd034f89a1cd8a95510fbac7aabaf9fa05d9465a
73d97ad2d1c4f2074aa5d6212a7fa5520803193da184052f69d550ac6c16d1e5
765097740b7490e6ab6a2d8624199ab7b147e8c6cec064b6cce257750fdb1985
7727399fe5d8441829176e6a661b540efaac1680120a1d7fb1235e258d70770b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7be72851ac250f7abb86afb92be94955289cf05179daea64e9a582966e28766c
809576ac31878ad8fbd13acf4ce46a6be0239ba19cf43fc4ae484fe008bdcb10
812ee60ba23d21a5005d12f49d255f00b27c47ed6b7881f661eafd281413d834
81c836c05ab1f2d37b7aa60d509a656c7a441e2a4fabf035c1b0666a4daa50fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8380529dce8f5097c8864a52c2609a5feda6d8f8cc9b9ce3ac47c30c09b317ed
843803aeba82f94da6f1cbe1f853ccd12f5d7cc6a3afa20923e57e5df60c412d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85471eec55fa99e7a62de2d9254f8385a9c21ddf9bf8ca959fb07b90ba1c84df
874bb052e7dd0496af71ff29da5ca6e2436ee44627584077ca56ddd9f701f748
8870bf0a64d39458b2e420c9d5306e37327dc78493f37c2c0d215d443589692e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88badf53b16ffe06a7c8c98815c8cb08635b4037feef05703226fa5b7c63a1fb
8a1329dc32b989df9f34a507fcb9d5cc08b8978535b4073e8ea0c69c22afe6be
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
90afb44945c375f756e14a22121ab9ba52f6c65e74590a84babed8500165f459
9204ccee4e342d8d594ddb8e9d22a9d3dd469c766ccd93fba35b1b71300770b6
9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b
97163b731eeaba18956ab2503090d85d58ef9cf7ec7d95dab7d872f188257963
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
9866e1a6b0931899aed27def0df2f66496529a063697495c69e91a0b4c604888
996d02a1dba9e22a12959ead6fa19686ebb9f02107b1fc78a3e5b3487680fe7e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d7afdf8d1c1a87187c0ac284ec079f86acdbc289484bc8d4066dd4035b51d8a
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a21965601cf53461e8b194087f8a15828d9e07728f0e6abbb58dbeac59246fa7
a23c7f59f882c33ed251242beb6d53ae3f0b351b21ae085d545ed36fd8e32248
a3075e2c162e41c4962a4221ae035dd607d895bd424e87aa4065a044c43763e4
a5e4d82414a2ca26ea7d94c8586c3c32363073ecb1214c884d302439f420913c
a85e6cc00b6521151a066190dfa2f0983135171fbc1845b0acfe09fddb245a68
a939b9fcb8cdec877464e6131704ef19effd6279467d48bd42afe7af8558391c
a97dee3ee495e4f1afdbc1cd7cb39ebdbabd3cb1d75f42ce095fcad1fa99e9ad
aa82097c9e8bddaf6321732c1cb749fe50fe87d246d967619fd78e7ffc738466
ac5000602bb127a5a07be117df96c48667d2e2a9fb1bb33d5ebb7c50e4480a88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acadd76a335e98061ef67610e2cc701027232396e26b593a2af78a6f027cef75
ad1a7004d4936e7e0f20ed0bed2e766c3cfbf20a7c20adfd39580242271d14ce
aeab2d464a59458f10747304223e23b90b41c656287cc7a85e06e4a77e1b8aaa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0ad47815cfcb0fc8402cf431dd782af68f2ba05752c66d9bb11a4354f65754
b0257060098cdc51166f35b62e7dd8f0c5f8d6cfa319901c0c51a629537e02fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3e92729562bf7aa805f612b4f909f640cdcfe2ccdc9ee6cf78f710491208e78
b48f9a7031474a0f73f92f2e6cbbfad730b5466cda96d86a4459c06efc986173
b5487184d301e501560341bcbfca8c103a140b89de229e31ec9d2c5a44ee894f
b5a0bc814f10fef2510c4f118fc4803b6e6db6d3f1dabf89771d23d84f53c535
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
bfc7330619560b7a5f1528b8ac12bbe2607491026861afac235ac74fa5e96388
c278771cd7c327c84117834bfad38a97db978889ba5ec32aecdfcbd05a656ed5
c29cb598eaea9ca58dbcac5eaf696895f96975dbf32bc0bd9b7f87e61b572754
c2d8b5ed5baf711d51629607797e32e5ff638637a0091598427eac4908dbae47
c3ec3ee440081d7e6941611ecfd74f881b68f6f420ae768c073bb5a30bcf0249
c5cea554b6ecfae067a6d7f03483584a6970d15baa0cc7d5281d785d7bf9dd82
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c763a7b86f4b8e21741d95bf307b2932555a20d4ad383adc764c99fdbb8e88d8
c78c8efad07ce7a5a21d2ff43ecb2328890e4d61e06c22c2ecc7f3527f1af3db
c87e0e31334c6998b90c83d48eff6252a248120d32b376414965e1421203c901
c9130ee8c979a74ab038cf5e8a06db5cb94253eab35ea5242f515d605f4781ad
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc175cc5f496a1790c3ec65d0f79ac4360987abe8c7124cbb9b48b56448d463f
cc8dad635c949a90c5393375fd62853de7e12c22f6e7d95b2abcdcdadc5f4c55
ccb7c3316ad37b3d3149422c5782cf05de60fd9e692055ecb82e9859b2b011b6
cda9b31d709444e003d3adbfbdec43f093e405b36841fde5c1d187e439585219
cf9971f57588bd4bdf0ca7e8e213a1f7ac70e246f96702c5f31bff5e41bd9af9
d120a85c209c9b3bec4d3cae2e6bbbbebd666a74238e77c7ea5b31670464540c
d124f797fd1fd1c237f42df284ae0725a62bd2fd0549fd59e9ea226938f0f131
d38c2d64e57da1a0cb467ef0cd7d85d2e841799ab839a579231300101ffa3840
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d3cf67b9a5c82810aad30bbe1e7213ebf0e45879501938a34acbd5a1b39b3773
d4edfb8595e3ac241138afb0ba0ee1a43dfe72d5b6889c5d60c6523e8654a271
d62c8ecbad928763726e683c07fce5e3b41a91d5ceb23327b802d310d4bff0dd
d781ba62a8ee04e276307aaf5fe6a615eb499a2b9f684ed3a4a270f17b3a0a30
d82231820461c83d1b0966caae71bd2732bd89e9a910fdb90d193c3dca16dbc7
d8cf126d75f99bd82c6d6628074ac7935a193951c7bc97350929f9433eb4856f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc4b47acf268b1d6f0c30b0fc796c625c073600c4c5f8b9979f9ddbabbe9ad48
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd4716b9e24e02f14e46229f383fa0c0bd3305d4cd93a25b7c235e43799ac3c7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e2b835cee12f876f7f1d54d3c3de53c2381fe7489fba360c6e5df216ce771e3c
e2be5d7842d3b80a4415ae6cee9e09357a01c10226397759dad5866feedbf22e
e2c3d9638e0fdab99199438de06f94d2bdee6f6dc9b7a1331a9f35dc8b923fbe
e2fc570495ce9f73780336d692d1caf5d299d81a0208243f97dacb7f345cdf15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e78aa920659b720cf324d22d8fc497d09bfb072650acfd43c5189e1023a2f390
ebb9be20a82426fc379a29e4ae95b7a403e9d228feb0bbac4b516ff0dd4e8201
ebe3fc0a11c25bb8fb48fea36f6bf64c19ab5f727dc61b9e609fdf4fce9579b8
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef04e8e205bdda8d39cf639606e0ec1d1cc3bba2cec6c6c6dd517f702d60e989
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15b9e259259b31a0a0c2aaaf0ecaea63d2c825e0c8d09b3f0538e25dde39b5e
f32ab45c529a2f3f62c3cf64b7195cacb9a818f552525537102c15e9d4e33b55
f48829864ffd155da0360e19be956282b6875173f8990394e93bc7c30c97a3ed
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f903f416e22249cfab4769b65c97a216746ff7d579fc7fa983740943240a9362
f91f3bd6034a5f4b992b18fa7522d979d7c8b7ad9d0c9249b738470ce47869a2
f94ce8666bf003756c16b56edad5a0121b3516222d4f093bdb771afabfb2cc5f
f978da291f493e64d4420d2cfab5c2bdc736c53f11c8d61c6da1efdb7df1155d
f9db6465a204cc4186368b72a0ba4f063e64569aa4fc96e0f40c7ac69423121b
fa110ac06915e913fea0ad440e557cd75b95101504acc6a865efb5d7f0f34d95
fb0e6512bf681048ba8f82af0b5b165eb8aa47c3f26385888553fab5c6b3d022
fb372bf086a350fc14b803de31af04857aaf0b0e18bf7de76737715efa2ce57f
fb4f6b772cc942f2a1e049cc7ab4a3f3f08f73aad8439d0206a8ae348c59ce60
fbb42fb1a1dfc3c12c8516d7d6a5010f63993f5540864fce99813f2d0ea776f8
fc06a84e4736309bbd566bfeec5a46f2844fb22b20480cd49a6297c61eaf4ed7
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.cybereason.com Open in urlscan Pro 2606:2c40::c73c:67e2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

274 Requests

98 %HTTPS

51 %IPv6

49 Domains

74 Subdomains

64 IPs

5 Countries

9028 kBTransfer

14035 kBSize

52 Cookies

49 Outgoing links

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cybereason.com Open in urlscan Pro
2606:2c40::c73c:67e2 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

98 %
HTTPS

51 %
IPv6

49
Domains

74
Subdomains

64
IPs

5
Countries

9028 kB
Transfer

14035 kB
Size

52
Cookies

274 HTTP transactions
0 data transactions