urlscan.io logo urlscan.io
SecurityTrails logo

go.cybereason.com Open in urlscan Pro
2606:2c40::c73c:671e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Effective URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Submission: On May 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 51 HTTP transactions. The main IP is 2606:2c40::c73c:671e, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is go.cybereason.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 4th 2021. Valid for: a year.
This is the only time go.cybereason.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 2606:2c40::c7... 209242 (CLOUDFLAR...)
9 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
51 12
26    2606:2c40::c73c:671e (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go.cybereason.com
www.cybereason.com
9    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2606:4700::6811:f2cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Domain Requested by
25 go.cybereason.com 1 redirects go.cybereason.com
9 use.typekit.net go.cybereason.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com go.cybereason.com
3 cdnjs.cloudflare.com go.cybereason.com
cdnjs.cloudflare.com
1 p.typekit.net go.cybereason.com
1 js.hs-analytics.net go.cybereason.com
1 js.hsadspixel.net go.cybereason.com
1 js.hsleadflows.net go.cybereason.com
1 js.hs-banner.com go.cybereason.com
1 www.cybereason.com go.cybereason.com
1 cdn2.hubspot.net go.cybereason.com
51 12

This site contains no links.

Subject Issuer Validity Valid
go.cybereason.com
Cloudflare Inc ECC CA-3		 2021-01-04 -
2022-01-03		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.cybereason.com
Cloudflare Inc ECC CA-3		 2020-08-16 -
2021-08-16		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Frame ID: 85EF96F5AFCE133C3013512ADE4A131D
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf; HTTP 301
    https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf; Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

51
Requests

98 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

1863 kB
Transfer

2907 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf; HTTP 301
    https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf; Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
go.cybereason.com/rs/996-YZT-709/images/
Redirect Chain
  • http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
  • https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
35 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0678287426530056fd281bc1d147be83a60949e8b9c67c06dde1889317c99e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
go.cybereason.com
:scheme
https
:path
/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
content-type
text/html;charset=utf-8
cf-ray
6560bf468ccc2b1e-FRA
cache-control
s-maxage=5,max-age=5
strict-transport-security
max-age=0
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0a5055e01900002b1e5407e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hs-reason
No view mapper found to handle request
x-hubspot-correlation-id
2c520e5a-eb9f-4cfe-8f7e-4f3761171f02
x-hubspot-notfound
true
x-trace
2BEEF707EEBA9A8C25DF81828047E001EB9AEB0291000000000000000000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7Eo%2BmecPya59AfwEoqCtFr8Dq5fa95oXZGzZXKtFxRFgBQ6mgCDKyL%2FrsJihfjjcuO9%2FcLWuKomhipeduhpSHBm%2FQLpOyNrhkV3s5pq1rvU2WQeAYb7z6qEGeMqg29pIf6YwSBT%2Bd8Gi%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Thu, 27 May 2021 16:51:18 GMT
Content-Length
0
Connection
keep-alive
Location
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Cache-Control
s-maxage=3600,max-age=120
X-Hs-Https-Only
worker
cf-request-id
0a5055dfe000004dd0eb1ab000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NJIwrRrnCJ2Qxk6lp1ktobfHaZnCytJUEuUAA7zdQeGPgY2ULN8pK6vrapcKyhYvuY6o%2FixKctwd3cPBJxTaby8WCWXgGsbcmmnELkn1vdKuAOgcjmmyFZvbi68FwXwueyn39qiAKJ5l2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Set-Cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278; path=/; domain=.go.cybereason.com; HttpOnly
Server
cloudflare
CF-RAY
6560bf463a994dd0-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.2.js
go.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 fc6dca2df1221c0bec817610bc20e505.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5687175
cf-ray
6560bf4d7cf918e5-FRA
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5055e471000018e575067000000001
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9AK32mnyDvABcNmv38%2FGIAJcZa%2BWwAmHrePtPBZmM2FaTzO4WUU9GL3vkZ9G%2BS%2F7iuh3DYnlvgkYjOhPsIgvtTWiIlOxTBDMbmf9GXSPSPrYndq2dEMaxyOpPZXl%2BlmIAxPuHQnSap9T0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
j0uxu44Fmw6l7XI0jwNOqLWvnvA6bO55qT4moDX0Y1npxbcu592mAg==
expires
Fri, 27 May 2022 16:51:19 GMT
cr-framework__bulma.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35291999472/1614661129976/__CR_Web_Platform_2020/CSS/bulma/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35291999472/1614661129976/__CR_Web_Platform_2020/CSS/bulma/cr-framework__bulma.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1db8e6cb7ae20e5ac308a25943b94734e7ad0f794b26eb778c7e38ae2b51e0

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/35291999472/1614661129976/__CR_Web_Platform_2020/CSS/bulma/cr-framework__bulma.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1614661129976
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 a251e31740a6e166e8fdccf296c41645.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQG94SB57NJFJA7
x-amz-id-2
uFk1YPChrL16AbTh3pEhehR0/jUqZmLoq1f0dbVq3Thp8YFVFL29dDfqh1o1lL9/2MjoXgj2vm4=
last-modified
Tue, 02 Mar 2021 04:58:50 GMT
server
cloudflare
etag
W/"88605a5e2df657681a0605d62c89a631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wdACiQzUEs90nDpd4QQ7%2F4UBbY8HzZ2%2FTU8gkkvlSLqw6us6L8UQHKGpCLnAKRCUpzVw4hUCBy33rh6Ig2fDL5UekTT3bEk%2FV8TnRJb7LK8Zw%2FKQWpNPgUHP9%2BOpciM8oH8CGXcILAucvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
tAd3t.xCRJ6C07U_zCfDzg5hCYB7E5P1
cf-request-id
0a5055e470000018e518965000000001
cf-ray
6560bf4d7cee18e5-FRA
x-amz-cf-id
7aSYC97RH8C44UMmcWtSVBaK0eLHt0ByN6duk-o0FzmH0flDilL5WQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
cr-framework__bulma-columns.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470224480/1614969030468/__CR_Web_Platform_2020/CSS/bulma/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470224480/1614969030468/__CR_Web_Platform_2020/CSS/bulma/cr-framework__bulma-columns.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb23edf11fd3b59074aa91afab71072500344c5cdab4bf8ce021ac254a8c4742

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/34470224480/1614969030468/__CR_Web_Platform_2020/CSS/bulma/cr-framework__bulma-columns.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1614969030468
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 0fbab52df0695e2a561cd26eb7f9484d.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQV38WCDRABZ61H
x-amz-id-2
IhO1OrxhNBCftF25cCKeP3phjSBy8OxP71ubw5Ka3t8HtF1obww6bPBIRMzGVdEw590YJyT3+OM=
last-modified
Fri, 05 Mar 2021 18:30:31 GMT
server
cloudflare
etag
W/"08ba286e60d03eb430fabcff4f2e8558"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q8z4ojei5J7hqht9El3eeamKTo6SILCKuTTEar0yLsPAtiPDQ4hBwviSQRF6oJ5iay%2F221rC%2Fw2nk7hLBMeyq9Myyvm6ULLBI22VBypNJgMZh6o1cUiUVTvx381%2FeHP0K2dDAfMTngxzRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
jXolnUCUE0L38Uw1.WY6lvIU6GvZ47Q5
cf-request-id
0a5055e46f000018e56a3fc000000001
cf-ray
6560bf4d7ceb18e5-FRA
x-amz-cf-id
OpAQ4CdFUmHgWIPjRedelMMj3zenjrJ1s9hgDLX7b_7RI_SJEaIYVg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
ionicons.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1600880367101/__CR_Web_Platform_2020/CSS/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1600880367101/__CR_Web_Platform_2020/CSS/ionicons.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/35275979682/1600880367101/__CR_Web_Platform_2020/CSS/ionicons.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1600880367101
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 5195de19cbc5ce842ac6538e9a6850cb.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQT7BBR9169Z2FV
x-amz-id-2
9v7jksNYZ4olPmVr4Jk1j0GVRmOKF02YJWQ9ygY2XoD5jXqM+Z3WMphWekVBV2rWAntYlzC/Jg4=
last-modified
Wed, 23 Sep 2020 16:59:28 GMT
server
cloudflare
etag
W/"71c8c946791f3411c42a4cb1e9cdb5ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OSyvjLH8ucyTPFOHfcROT9uJds0zD8Re5FuWVnctZj1qvBQFtWEGAGLKIfSJ7UYwmIMVtvABhCdtmtENDjYeSlu9QimuJQyHiduZw9qfa86CEYvnT9L%2FkC%2FolfHohYu9A62CHapwClYbpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
sBk0NTXt5JC0boW_cB8Js8IeL5M2sXdU
cf-request-id
0a5055e472000018e563904000000001
cf-ray
6560bf4d7d0818e5-FRA
x-amz-cf-id
ulV9G1hI6TwFve6c0zEdxm25yGXSoqAGjvN71SrFIvQQESV04X1NEg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
cr-master__cta.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/CSS/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/CSS/cr-master__cta.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
485cccdd8ff15cbd62137df080aa75d0c9488d4f39923f839332a11a6bc1e2da

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/CSS/cr-master__cta.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1613710752320
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 f88487c9214731db4c82619c9183bf7b.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQHV80M9PEPH9Q6
x-amz-id-2
nM3YooxTQqPcFLR8ejly8mbRN7qP6q8iT8HbesDg3hwb4CrZ56H8FfE/oHgazw/f3pKYru2pbtc=
last-modified
Fri, 19 Feb 2021 04:59:13 GMT
server
cloudflare
etag
W/"811a12fcf23cdd941bc9da65e10dfde6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C972sB39AmO2HS0YekGpGONDslawrNoofSAh0hrpDudieNPZJHrP6ZRD2ZaR3PHaQ8P%2BU3SUZs7rbicgYEVUosSi1G9qGwUfz0IizI%2B8o6Pov1ZudRCDweFoHAN%2FhBL%2BK5ycapyssZ7lOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
dwMgVVpKySSXtvCgt6bEyNoKjlsSgetv
cf-request-id
0a5055e474000018e56db8a000000001
cf-ray
6560bf4d7cf218e5-FRA
x-amz-cf-id
xsIaqtL3diSq3M0BJGX4Lc9k4pLq6JBBv8YLNGC-yJYsZ7IhRQ7s5w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_35291897097_CR_-_Main_Nav_Full__en-US.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/35291897097/1618340252015/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/35291897097/1618340252015/module_35291897097_CR_-_Main_Nav_Full__en-US.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9216ae202024ea2e59d024b9e1d25299f40878a27689eef73b21f786534a14e

Request headers

:path
/hs-fs/hub/3354902/hub_generated/module_assets/35291897097/1618340252015/module_35291897097_CR_-_Main_Nav_Full__en-US.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1618340252015
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 5195de19cbc5ce842ac6538e9a6850cb.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQHVBH7X2J9AH8H
x-amz-id-2
fEiPS2JYDpW1k0gXrOy/bUuKA88IdMTfaUMVNtSEvYbhsBxJqK3ENSWsCOX0UU+P5EVITc4GJm0=
last-modified
Tue, 13 Apr 2021 18:57:33 GMT
server
cloudflare
etag
W/"0a49db1f018ab4b8fc6887bb60a01e3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tnwcsYP5m41BOxXZT718gLq1bpA%2BPz00%2B6I6BM0aPiZ357EDWMzm4OTv5To4TdeGpir6QYBzF9l6vITAHd6Z8V%2BxavSEFACx8teJIdv%2F96y4p1SHQkGpRLm0ThYbDQ7TZia7nExp83y8sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
hIdDqVl8wVCl.k_1V9vLsCqg5z2ONPA6
cf-request-id
0a5055e472000018e53c8c8000000001
cf-ray
6560bf4d7d0618e5-FRA
x-amz-cf-id
HJbNwDzcQ50_IJM8WQznlekq6oaD2gm5hvC-Aj8yqJMpaew15OdW0w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_34473990280_CR_-_Footer_Full__en_US.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/34473990280/1617772255567/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/34473990280/1617772255567/module_34473990280_CR_-_Footer_Full__en_US.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97831ff4832c4f000e924a97b5730bebd91816c3282cc2502fca83feebd993a8

Request headers

:path
/hs-fs/hub/3354902/hub_generated/module_assets/34473990280/1617772255567/module_34473990280_CR_-_Footer_Full__en_US.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1617772255567
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 6b8cdd1ce925ccd88cc918dd35811d07.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQGFWERGXD5TNG4
x-amz-id-2
lj69ZOrajiQLbopGrdTAPZow0uM0cPQakUgJ8BER4rFOsYNJGKOqTWusb/bQsk4E5AY/ThmCHI0=
last-modified
Wed, 07 Apr 2021 05:10:56 GMT
server
cloudflare
etag
W/"62e33551763d4b79d6470cf52ea33112"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CZQ9315b9ONB0eew9liy45AbjlVpgFVLZ2EZPehWtXkEKHaAOAKdyxXGnOecfnQqC91h%2BGQCJRGSTfko6Uc5sfzodrayHimKNqgkQJ3RW8RirayTmXsdoSCs%2FPsMV4ZiexbaMIh0ZvxVEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
vvQxo65_yjPjSOAULQFixDRc0QuGv3di
cf-request-id
0a5055e471000018e55d25b000000001
cf-ray
6560bf4d7cf718e5-FRA
x-amz-cf-id
qbW196jP2I2m6CSr5LZf5GMmk8n1JKX6ch09VFql_a2LNLGDATl_tQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
vyv2ljd.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/vyv2ljd.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8150eac82f94042cd505764e4d41d05bd10704a0b526f0775d8f5083a5b3dfe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 27 May 2021 16:51:19 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7019
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1622103821961/hubspot/hubspot_default/shared/responsive/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1622103821961/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1622103822019
date
Thu, 27 May 2021 16:51:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30286
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
cf-request-id
0a5055e475000005d07582a000000001
last-modified
Thu, 27 May 2021 08:23:43 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cV2J9RWYnhsLSNHaFxDUiJHyUHWt7l5MKwci%2BO4IYbRNFC75BdGBL4Pl0NKet10vUeAicOmV48dCwmIblr9kN3mfQtB5YmCl00wDbDvGq92J74YljdkivrLdx8HGimMVgLP1XGHoY4Rf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-C1
cf-ray
6560bf4d8e9405d0-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
cybereason-product.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5350675680/1569776472016/Custom/page/web_page_basic/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5350675680/1569776472016/Custom/page/web_page_basic/cybereason-product.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdacf704d25985f21e496696895dc3006cdaf8ad5ff0fbc2b9b2b82a720ec45

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/5350675680/1569776472016/Custom/page/web_page_basic/cybereason-product.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 b4346add631a498bf6cdbf88cbc5ff13.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQKQW78WCS617PB
x-amz-id-2
1NEBKB8FB2hfhmzUnzXoqps4bqYsmEq7dtgxaE+W1yNJf9tJn8ee9k49bKZBU/yzsXsz/2rVOns=
last-modified
Sun, 29 Sep 2019 17:01:13 GMT
server
cloudflare
etag
W/"f9e1f4154bf18a46db5c0d5339be1eae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9tFN%2BgELC49tOmxcVhSYheU4ztgE12cROcmPucFXV3Lu1mFqc7iBvVYc7Z%2BT2UNHiviFH4Ri920SPcc541V%2BmGUtpGcW668mvlzcXF95v2JfFvXO2KDEYGGKy%2BMPNODKKAPkyIHfuX8E5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
.jyPJU5MUnjZZbvo9tuoNMCxcUUQxu8b
cf-request-id
0a5055e470000018e568035000000001
cf-ray
6560bf4d7cf318e5-FRA
x-amz-cf-id
5_hGEVS1CTyIh944P1cU7VPf3bTb9rgMKiNHlnEdOkEL7cu5fnlLYw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
cr-error-page-style.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5456085634/1611720393121/Custom/page/web_page_basic/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5456085634/1611720393121/Custom/page/web_page_basic/cr-error-page-style.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87645ed89f2832034041bb2a092ec6e4d5f5419720e5048f640b72b6cb57ce7a

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/5456085634/1611720393121/Custom/page/web_page_basic/cr-error-page-style.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1611720393121
date
Thu, 27 May 2021 16:51:20 GMT
via
1.1 88b63cb2f8aab28c7291262ffc15282f.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQS7NQ3KGEWFMKQ
x-amz-id-2
xEI1Vr8vGukC8lzT3kiNVjlcp/fSUNNVlnNIrscKaNyA1vkUrgLS0pORxKIAKSB+DzW90yhfJCM=
last-modified
Wed, 27 Jan 2021 04:06:34 GMT
server
cloudflare
etag
W/"85c3cf92cd8fc92ae11c40f747913547"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HMj7BbDjDlHWv2CL8id3l65T7MSM%2BrKHziB52e9Ce2Sw9EwA2RP7Sv3ha1gxM21mwRnY6MCU6JlEHmufGZB3cB6eRoJrEN9bbVoK5KWOR2ZXIXZi%2BZ2qEvSakzGbTApcE3kNrb2iwi25fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
k9nlJPbkTaOtQ_rosGervego0mkEB1xc
cf-request-id
0a5055e472000018e54a9a9000000001
cf-ray
6560bf4d7d0418e5-FRA
x-amz-cf-id
KKOCyt1kp75bXpqm8deUBTYaiXrZnWbPT7Pa8w95m4wda_3N44Xm1w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
cr-master__main.min.css
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/cr-master__main.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34847399b27934d3ea3184a3069a153c3d37577a2a9c4249b37fdb3bc712637

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/cr-master__main.min.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1621270587746
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 841dfa6074cf4b3b0718988f088a4ac2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RQQNJ3MYAFFB3ZB9
x-amz-id-2
k5yqLg04wwyBY5bC8BGb7s0jBaIdmLD6HJgQxBijIIQDLoKfCAGOoPBkb2Ac/Pa2lImQWMjUoWo=
last-modified
Mon, 17 May 2021 16:56:28 GMT
server
cloudflare
etag
W/"07f8fbf277d09873a56f7cf251a7f288"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R32N%2FPDj0cqJba9soA1aOkBxHTBoXwWlkhmDQt6MilZ2ATSitY7RpsctSG%2F6wIupnq1CAUV8%2Fdc72Qf%2FuFIsSjL0pgBnkZrcM0K%2FAo7Dv773rnHNx18lhro8b1utbnH25bi8vKkyHtnlfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
J26ZzyKVR5Pfbj87_AOPFZA6nFcqEs8S
cf-request-id
0a5055e472000018e5119f4000000001
cf-ray
6560bf4d7d0218e5-FRA
x-amz-cf-id
DwdlMVXCk7vhE_Prp36qgz2YouP19Ozk82L2aOnvNmaM53H8RFnZFg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
animate.css
go.cybereason.com/hubfs/Cybereason%20Files/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hubfs/Cybereason%20Files/animate.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Request headers

:path
/hubfs/Cybereason%20Files/animate.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-5350556817,P-3354902,FLS-ALL
age
592528
edge-cache-tag
F-5350556817,P-3354902,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
T7BX8ZAJKSY0Z8FF
cf-request-id
0a5055e471000018e54b16a000000001
x-amz-id-2
8cOkeGhNnYtWIS64qC5JNFgYhiI37PEBje1TnwKmfGRuvUlGrO0zd0ZPtYQuP99IwElUzrob5Ws=
last-modified
Sun, 08 Oct 2017 14:12:46 GMT
server
cloudflare
etag
W/"07f146141537e04ee282a965d8053198"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i%2FzZSwDSke2p5InswPpgUEx%2F1kq96ymfv6t7af5fO66Q8Xy%2F6AGrOYSFA22n2GO%2FPJqqx9FVD00t0CwaNeA%2B4MGyzMLCz7PmEJVDqSalQrl1uiCpEAWGcdnLDN9aISL9AQj%2Fqu1bf0jsKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-amz-meta-edge-cache-tag
F-5350556817,FD-5348465344,P-3354902
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
obfNN9HIvzQju6mWvHM.vbfWve767qSn
x-amz-cf-pop
TXL52-C1
cf-ray
6560bf4d7d0018e5-FRA
x-amz-cf-id
95I4ZnaNJckL_Dxy_4_lK-8B4cwVVSPGT3Mj4_24isUyxIMwp9dpOA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
77637
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
cf-request-id
0a5055e4650000c295460dd000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yflnwztOJvBu1KFDY4ec5d0VUkDiEEWXYckR56%2FPMVtHNECDI2PGPdluPuRCETzQnY%2B7D4fRHN31ZYvxArrpgDsRKfGqW%2B5U9F2XfQ5qEGdRQuy%2B8Ot0CCkQwVGSYXBZdHuFmGekfgDKg0tXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6560bf4d6f68c295-FRA
expires
Tue, 17 May 2022 16:51:19 GMT
hamburgers.css
go.cybereason.com/hubfs/Cybereason%20Files/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hubfs/Cybereason%20Files/hamburgers.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d2c69dd090f9e7939e843b439d1fcec1969f8f3a03eee39bc15e5aae11a7d2

Request headers

:path
/hubfs/Cybereason%20Files/hamburgers.css
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-5363488069,P-3354902,FLS-ALL
age
592527
edge-cache-tag
F-5363488069,P-3354902,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CNK7Q0GVF5TS8VGA
cf-request-id
0a5055e471000018e57fa1c000000001
last-modified
Sun, 08 Oct 2017 14:13:25 GMT
server
cloudflare
etag
W/"f460b27b7f43507f41d1e073135f17a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M68tWm0RZd0yzhqnVc5fIZElZoldWJJMqRnY3zKzyvaxlzH6xLVrDIKgwK5hdb7i4bPrlPSDlntKuRxA0aUH1yG58qPZ5NZ2DEZ8at%2BE%2Fl9u5m0RSjaISzUXmvi1JKGbr%2Byh7lYtp4%2FmQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-amz-id-2
KVrEK/tJqfTUpw5enpT6zVDrW5g0aE7u1Erf8OwzoMqmS+sCel7hmz7+g1+D652zHLf2CUoDvEE=
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
j00H_hHfEv0esfOFOi.DmEbkn25fJDN1
x-amz-cf-pop
TXL52-C1
cf-ray
6560bf4d7cfe18e5-FRA
x-amz-cf-id
5YloyVhqZ3XsTF7z-p4VPHOTgjUuwsIjDjOKX455wPxK4l8ZS9eijw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
cr-logo-web-horizontal-black-500px.png
go.cybereason.com/hubfs/dam/images/images-web/logos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.cybereason.com/hubfs/dam/images/images-web/logos/cr-logo-web-horizontal-black-500px.png
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2311b7d2f30a6ab89191098f12c99253267df7219477c0702d58bf4999f4a703

Request headers

:path
/hubfs/dam/images/images-web/logos/cr-logo-web-horizontal-black-500px.png
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a5055e5f2000018e5770e3000000001
x-amz-meta-cache-tag
F-36668407494,FD-35695393279,P-3354902,FLS-ALL
age
595844
x-amz-server-side-encryption
AES256
edge-cache-tag
F-36668407494,FD-35695393279,P-3354902,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="cr-logo-web-horizontal-black-500px.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
XFRFJGJMMGENB6S8
cf-bgj
imgq:85,h2pri
etag
"acbeba65a7e33212196b1386c365e1fb"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1603732670207
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=9553
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5062
x-amz-id-2
XCn70AOP2cj4lu5Xz7T7k3o/apnQdNNBXYZOdH1puozBaz2eZS7T2Thp2E1tnPyN4N1e3c7gFLA=
last-modified
Mon, 26 Oct 2020 17:18:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mMJSvOgHYOxagO1SNwZvsGA3%2Bt7HI2LDBZ4Grs2dvujh0Y0PsUQMHpcpjKCRBcavlvzN%2FLyn3txQXUAAOgp3S7qmL0pje1soDI18R0VB7gNH4j5y6f5Aw2tq6dcxM6MHe0Izih39xeJ%2B8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Fi99aeAoW1lKCRBa1uJA0OV6mR9Vcx_U
accept-ranges
bytes
cf-ray
6560bf4fe95718e5-FRA
x-amz-cf-id
lTWsx0tRzJVwOK1vdwbX0PJ05mO0ocKicHw5Tp47jK7GtzvKnmLZJg==
Cybereason%20Blog%20Template%20%281%29-1.png
go.cybereason.com/hubfs/ 		529 KB
531 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.cybereason.com/hubfs/Cybereason%20Blog%20Template%20%281%29-1.png
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04dd055d876e33cd855216a182ed10c8b7bddee72c386b56fc0b83f2c2dc355f

Request headers

:path
/hubfs/Cybereason%20Blog%20Template%20%281%29-1.png
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a5055e5f2000018e54b188000000001
x-amz-meta-cache-tag
F-47805177130,P-3354902,FLS-ALL
age
13678
x-amz-server-side-encryption
AES256
edge-cache-tag
F-47805177130,P-3354902,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Cybereason%20Blog%20Template%20(1)-1.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
KWZTWZV16GBHMZ5F
cf-bgj
imgq:85,h2pri
etag
"774f6eef5a618357c7086afe8c74ffbc"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1621857948282
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 e2db66d51cfc219a484e76f40ebcabfd.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FCO50-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=841333
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
542170
x-amz-id-2
kEtSGYdM0nytsQ251mdmoSeR5nexik8eM0VqN05y/Qj8PqJJV+3uKC1NDeN7jPyhd5/oFOIo5CI=
last-modified
Mon, 24 May 2021 12:05:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IkytQgSxDEz0uUVNQHuA3zGeIyYJAh0nAcWmYTWbREApjLXX8UoTJDVG%2FWbKy736BpmieSo0OhKCSqwZtQL7C4QAx4pEaaK3YKyh5zzKR22PX2o0s0NmaMD0duSu9IQAQ5ydytxNoLBYTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
HxvBw0RyUoDdA48fB56QO.awboHMSRAz
accept-ranges
bytes
cf-ray
6560bf4fe95918e5-FRA
x-amz-cf-id
XVGzeAYXLIUBiApvYtN6_vxH6qyejIKxFclaoJO2XvxZeTJWAhO3Og==
Cybereason%20Blog%20Template%20%286%29.png
go.cybereason.com/hubfs/ 		225 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.cybereason.com/hubfs/Cybereason%20Blog%20Template%20%286%29.png
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
864ec376217df4a0d84e0febe3c40894da585c9dc28ce736708a3f541176232c

Request headers

:path
/hubfs/Cybereason%20Blog%20Template%20%286%29.png
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a5055e5f3000018e53192d000000001
x-amz-meta-cache-tag
F-47929290351,P-3354902,FLS-ALL
age
100651
x-amz-server-side-encryption
AES256
edge-cache-tag
F-47929290351,P-3354902,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Cybereason%20Blog%20Template%20(6).webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
K5X900R87YVNR85D
cf-bgj
imgq:85,h2pri
etag
"8611800d9e97d4d7ab471512f4fabe7c"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1622033485715
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 3e54eeb04035e3584145be33441ccbba.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG53-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=399347
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
230404
x-amz-id-2
5iG0VW8/zD+d3lHbdl7FNSwb+yUHSQ0YZWADgqEd9gHGTBf/uGVHb0Qabs7fXfiol4JHVamfFBk=
last-modified
Wed, 26 May 2021 12:51:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SfEARID%2Brx6XFxNYG8lBrGNm1tWkFs%2FhTEcTINleNlm0172EaFPl91UT0yAP1Zzy6Ki1Oaoe0A%2FI%2BaU3%2F%2Bqgisag8VhNbhFWqdnDp925%2F8X6MSc0y%2FPuNOHIpoLXGu587CdkTwwJdxobWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
BTQxEJGQwhWD5dkKsPW039bRokrJO0d.
accept-ranges
bytes
cf-ray
6560bf4fe95c18e5-FRA
x-amz-cf-id
i_ldht3WXsM0KjDCZ9eti6BWIwTypM6IKFf5p1K0WxE3-rtiYFl0BA==
Cybereason%20Blog%20Template%20%285%29-1.png
go.cybereason.com/hubfs/ 		526 KB
528 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.cybereason.com/hubfs/Cybereason%20Blog%20Template%20%285%29-1.png
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c52e8791a542bfaa4a3dfb738cbc6839d2f74158b37d8a4d34ea00479bb3f33

Request headers

:path
/hubfs/Cybereason%20Blog%20Template%20%285%29-1.png
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a5055e5f3000018e54a9c7000000001
x-amz-meta-cache-tag
F-47887167903,P-3354902,FLS-ALL
age
175617
x-amz-server-side-encryption
AES256
edge-cache-tag
F-47887167903,P-3354902,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Cybereason%20Blog%20Template%20(5)-1.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
ETZ30WGKVWWFASDH
cf-bgj
imgq:85,h2pri
etag
"35fce52bee3b2bb6a85b549c561af6bc"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1621957404424
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=815849
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
538790
x-amz-id-2
lOtWqvvDoH21CDtnkhpcjmvEDWkUH8WxBOaOSf5bsb4uG5gZnxrYZ65SnCznwu9MuhLvMRgzMbY=
last-modified
Tue, 25 May 2021 15:43:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YbJSVILkMnM8sDM%2F8h6Exh25qP4vzhzFF1kba%2FBnSeUP63eDw5%2BPUlmx2bFqK5xBVzO1kF7s3eDI7OnUXy9cyEJG4VQAmwWKoLKPQLJY7En%2BbHnYQEJbW66%2FVVnBwh%2Fl59iVH0h%2FWtnb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
YDOMh5tozrNblmc22py8APqyT69EXzJ_
accept-ranges
bytes
cf-ray
6560bf4fe96018e5-FRA
x-amz-cf-id
yh5P4LzYHclHJLvENUrcu56_hsxYsWSaw1HNhx9ciHcv3kbdlekYuw==
cr-logo-web-horizontal-white-500px.png
go.cybereason.com/hubfs/dam/images/images-web/logos/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.cybereason.com/hubfs/dam/images/images-web/logos/cr-logo-web-horizontal-white-500px.png
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25be07e98d8af6966a317f09b01392cce60447ed768a034ec1b18843ee6dcbc

Request headers

:path
/hubfs/dam/images/images-web/logos/cr-logo-web-horizontal-white-500px.png
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a5055e5f3000018e5ffb12000000001
x-amz-meta-cache-tag
F-36665664687,FD-35695393279,P-3354902,FLS-ALL
age
180974
x-amz-server-side-encryption
AES256
edge-cache-tag
F-36665664687,FD-35695393279,P-3354902,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="cr-logo-web-horizontal-white-500px.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
G74SR22VEXWBA2RV
cf-bgj
imgq:85,h2pri
etag
"767db0928e354898ad0d5be0b8913d27"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1603732670178
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=9464
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5068
x-amz-id-2
QDFrLceGGg/buG8uDv43uIiQxEE13vw7XtxzJFs/fLA2lFD8UWqVCtcTbFtFQLu+VZdzGa9E/1w=
last-modified
Mon, 26 Oct 2020 17:18:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sGGjp0cj%2BC7BuExMO9M7%2FWueVmRvrt2T5W71p3poXueDLmjKfDQT5WtL2HE15lUSmkD3pJrIO4E%2FKV380zTxWDjo5%2BL10WfaxlDYsZ8d%2BXKiKwdWl74WYEIL6vWedjML07modqoqPyYzEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
rUG6Di0oDG3X0PJdHQ7Od_mXd6h0OgSj
accept-ranges
bytes
cf-ray
6560bf4fe96218e5-FRA
x-amz-cf-id
fyM5jeUAeKO22EkT8HtsdQUpAlcVbOGl6TJkpsnUt6oDtzJyqRUEYA==
project.js
go.cybereason.com/hs/hsstatic/cos-i18n/static-1.27/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs/hsstatic/cos-i18n/static-1.27/bundles/project.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/cos-i18n/static-1.27/bundles/project.js
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5687413
x-amz-server-side-encryption
AES256
cf-ray
6560bf4fe95018e5-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5055e5f1000018e54f345000000001
last-modified
Wed, 19 Aug 2020 22:31:39 GMT
server
cloudflare
etag
W/"d0cd32f08bf823a0389da03beed61887"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bDcVltpups4ahHzS19vNY2uYaqJHAhwW1rY2QY%2B8ubt4fTRD44jKz5s6kQTPkaTccvFiAhh53wKznMAkSndkSuSieyEOJYnCCyRFNGd%2B2C8eR6hWX1f4xr8rBb9JgCXAoDbg1aEq%2BEDJ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
2tzxWhBqhFrbWNOKYsoHIauxtaBoTuuO
cache-control
public, max-age=31536000
x-amz-cf-pop
MUC50-C1
content-type
application/javascript
x-amz-cf-id
yBH2LZ_ZdDJNtDdNJsQYMRsIPcfsMVQU-SNjo8ptPnU7rd26RePkoQ==
expires
Fri, 27 May 2022 16:51:19 GMT
sticky.min.js
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/36760482340/1603911178438/__CR_Web_Platform_2020/JS/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/36760482340/1603911178438/__CR_Web_Platform_2020/JS/sticky.min.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a8920d4462889e5f31774efff79ab1f3f2c1005ade3e2be379599502d6f61b

Request headers

:path
/hs-fs/hub/3354902/hub_generated/template_assets/36760482340/1603911178438/__CR_Web_Platform_2020/JS/sticky.min.js
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1603911178438
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7K0NK70DENX5896P
x-amz-id-2
9Fmn3e2GrDK2gPG8v+jmDCJfR1mnlwgnQXK/u7NRD8eyZR60NykEfHExLdXbGwzW05PAxO/+PmQ=
last-modified
Wed, 28 Oct 2020 18:52:59 GMT
server
cloudflare
etag
W/"50eedd17efd9f3a3523d9db9cc724d49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FMxETpD6PRUWcgoE3Q6ijuOzGiiadSNvdZgdMWfIjpA1Mk8J3ERX0z2QoqySCiV9o0hF74jkFvtPrdcKE6J559itXjGKCDYKeayxXR4lqeQHPjMiPI80yeuNWh4Nhzr6NMZNGfF%2F%2FMK2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
rocmamUG0ItrF2mXjAJxhzOB5tqm.MoC
cf-request-id
0a5055e5f1000018e57fa3b000000001
cf-ray
6560bf4fe95318e5-FRA
x-amz-cf-id
CZ1UYM0VXD1dVuwOm8_yC5a6u6HaXB7AVJQx4NW1RnBfFtrxi1SFnA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_35291897097_CR_-_Main_Nav_Full__en-US.min.js
go.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/35291897097/1618340251943/ 		679 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/module_assets/35291897097/1618340251943/module_35291897097_CR_-_Main_Nav_Full__en-US.min.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2371c06e7b8e71a61051e8304ef99a5a2ca16744fa10602a120e37186e44efdf

Request headers

:path
/hs-fs/hub/3354902/hub_generated/module_assets/35291897097/1618340251943/module_35291897097_CR_-_Main_Nav_Full__en-US.min.js
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1618340251943
date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 6b8cdd1ce925ccd88cc918dd35811d07.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7MDFNSB2VDY3T6AA
x-amz-id-2
yhq4626551HWWSEDJFXFvGbvJ2vodOmnjRTY4NOAFF/+gOpx+YU1ECeIsbwfg3d2X37vdekNZR4=
last-modified
Tue, 13 Apr 2021 18:57:32 GMT
server
cloudflare
etag
W/"b5634ac848b8c3d4e33d1907c6433a18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O8lAMsZd7SCZfRgqiI%2FRnxhFNpRsD752vY6ZWibKHPDn5rLjjL7JqaMuK3eXzZh%2F9qsNe5bOv8HqDEz16BAnmFej1YClmHj43%2FtoVQdE3HuVo4AnhdS3nWufqm2lgGk8jRT9yeL%2Bt%2BZ0ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
JCx4INd2Rz7xNjRgrN3A9e2cXQKpRoPn
cf-request-id
0a5055e5f3000018e51eba5000000001
cf-ray
6560bf4fe95518e5-FRA
x-amz-cf-id
i_4t4eniND8rcjhDH1awKqbUcwE5Mkbkg6QjUY8aqqtX4Clvr7iPBg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
3354902.js
go.cybereason.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs/scriptloader/3354902.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27424207917ddbd8f4f474a411c729c790e5f979dbb4af62c05ad9f9e0f34f0

Request headers

:path
/hs/scriptloader/3354902.js
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
56
cf-polished
origSize=2029
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5055e5f4000018e55d275000000001
x-hubspot-correlation-id
6b2e0777-4a0e-404a-a9c7-2904031de08f
cf-bgj
minify
server
cloudflare
x-trace
2B2784AC25C3F4120CEFC1B856CF2F64225710DD95000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gOZDEVtmNXWL7kR%2B0WhIKxFZJ5t1tIfypP4MQqI4hU%2F1R4NAHGgP2YtWk23qfSDCML%2FI45DtNwhVClIhvDZNs4DmzoBpyVyhZUdEmgXUsZvkYWcfnLtfuV4Nbs1aoUSPzs2JCJsIV0WP0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6560bf4fe96418e5-FRA
expires
Thu, 27 May 2021 16:52:19 GMT
index.js
go.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.103/js/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs/hsstatic/HubspotToolsMenu/static-1.103/js/index.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a38b04932e2ad77d85997f5cef0de384ecc1bb0b854cf619cb32501158692e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/HubspotToolsMenu/static-1.103/js/index.js
pragma
no-cache
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
go.cybereason.com
referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
via
1.1 9c7e5857d78c5dc89042979317de5843.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1139575
x-amz-server-side-encryption
AES256
cf-ray
6560bf4fe96518e5-FRA
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5055e5f4000018e5028c6000000001
last-modified
Fri, 14 May 2021 12:13:32 GMT
server
cloudflare
etag
W/"006946e614d6ef469f5c9e46b4836d15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RWfQK25Ze6fEVGsK%2FSf44eSTPuCDUcxFI1Ecopuc9sXpCb8jJ5TKeKY3YhrWgKbmG7mu2CvtHg72TP9ZuSG45EQXdSAPKniFnh4k3O6odtTS2%2F3lwyZkUNVov2noxDJ0vSuCtKnUf8lNMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
NS5brkaR0OO1ViABjiLPNZKumB_gwu3c
cache-control
public, max-age=31536000
x-amz-cf-pop
DEN50-C2
content-type
application/javascript
x-amz-cf-id
I1j6RqtXQalDbXMhdqYXqor4a2LFOh4E-WrqLmy0b_M1v_wzGxNReA==
expires
Fri, 27 May 2022 16:51:19 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/cr-master__main.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
81652
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
cf-request-id
0a5055e6dc00004e267db67000000001
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uBQS4p3JznW6RhbMCdlhJUO7dKgIp6%2B6kD9Km4hpQsjtYyaOXns8RRhanEPHU8mo5wtFhI6JLzx5VXjkTG%2Fdc9vXCQsPDx3QrFmdm9gkVHkUjbrpIY51ZvHcI0Ez9zeUQZCwUU8OxPzd9uuy8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6560bf515c6b4e26-FRA
expires
Tue, 17 May 2022 16:51:19 GMT
css2
fonts.googleapis.com/ 		19 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/cr-master__main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6af036a4ec23088a2e702e364d84320dbcd420a0c8c5ef82bac37006554e3ea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 May 2021 15:20:03 GMT
server
ESF
date
Thu, 27 May 2021 16:51:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 May 2021 16:51:19 GMT
css2
fonts.googleapis.com/ 		20 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/cr-master__main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ea7d23d55fdda4f42a373f9a16ddb9a744c682714a9516dc95e9acdc5b3ce40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 May 2021 16:51:19 GMT
server
ESF
date
Thu, 27 May 2021 16:51:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 May 2021 16:51:19 GMT
css2
fonts.googleapis.com/ 		41 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470477360/1621270587578/__CR_Web_Platform_2020/CSS/cr-master__main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dab25a15b65d931fa52f9962befdcf09504b69cb626092fe3bfccfcb5d9db3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 27 May 2021 16:51:19 GMT
server
ESF
date
Thu, 27 May 2021 16:51:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 27 May 2021 16:51:19 GMT
cr-bg-hexagon-lines-hero.png
www.cybereason.com/hubfs/dam/images/images-web/backgrounds/ 		21 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cybereason.com/hubfs/dam/images/images-web/backgrounds/cr-bg-hexagon-lines-hero.png
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/5456085634/1611720393121/Custom/page/web_page_basic/cr-error-page-style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c770fd3e2614d990f2dc9e2369305bdbda4a3adb905f643f268ed3a59199e62a

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id
0a5055e7ea00002c366e849000000001
x-amz-meta-cache-tag
F-36610310692,FD-35190309106,P-3354902,FLS-ALL
age
592801
x-amz-server-side-encryption
AES256
edge-cache-tag
F-36610310692,FD-35190309106,P-3354902,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="cr-bg-hexagon-lines-hero.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
ESMA9NQRJCCS92YV
cf-bgj
imgq:85,h2pri
etag
"e56569eaa6512181d8acb1e9f9538bc4"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1603560409915
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Thu, 27 May 2021 16:51:20 GMT
via
1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TXL52-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=37998
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21970
x-amz-id-2
o5MrscnUU9x7n9Tm6KbzY8eZM9uz7ufmM5Xg0704teZ6/PeDJZFxAVZJ3ree3g+N6Y2O8a2oRts=
last-modified
Sat, 24 Oct 2020 17:27:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=b5haE0zQ3xyBa1xbN2TGB0GBacouTDRcXc6JoKzgHqvUGi8Z6fvfWe4i07wHm8wJsk55hpNWAkxOdEhCv7mH%2BbODtJQPKw6KzIIleBDmTA0nHAim9nEjtIo2mrgAMEnj4x%2FBOo8VkvVmrM0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
Lp15kD8w5bIV89S1Y9dYRVhJmOUgqFkR
accept-ranges
bytes
cf-ray
6560bf530e0a2c36-FRA
x-amz-cf-id
3rLfB7D8jw0iO0mKcSA8AaFMVLieqXLOpbqOri-LSHqXrWo628cEww==
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://go.cybereason.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
155940
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:20 GMT
ionicons.ttf
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/fonts/ionicons.ttf
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/CSS/cr-master__cta.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:671e , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://go.cybereason.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__cfruid=3158c4a0da9f38f8a44269661b26ddc60c4759c9-1622134278
:path
/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/fonts/ionicons.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
go.cybereason.com
referer
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/CSS/cr-master__cta.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/CSS/cr-master__cta.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
via
1.1 1448f69604d5be1f9c9f0c64cfa90595.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
cf-ray
6560bf52ff9d18e5-FRA
x-cache
Error from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5055e7de000018e573251000000001
last-modified
Tue, 19 Feb 2019 20:12:00 GMT
server
cloudflare
etag
W/"f6e4b6cdb45684ca8239a8161901d7ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FHGTlPSsU4Rh5ry4StJSuR84Rw7hAMXAVcU1yeN5xjNITPYTvHdF9IbKaskuxoIxs8NDRChXnQug5lfbrtvjFeg8smaMqFrLk74MMZMbID3qzcgpCIp%2B0qR5tLUdkzPY%2FQ3GoympzwOTcA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
oQ5g.LoAEFK3mdk3M1pWALQQ6oLrzuy3
cache-control
s-maxage=300, max-age=600
access-control-allow-credentials
false
content-type
text/html; charset=utf-8
x-amz-cf-id
WP59BMtOZK6P5Iann-ETzgm7aQEEQWRsYw8g3cFcLd3SYRKbJaj6tw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://go.cybereason.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
age
155931
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:29 GMT
HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v5/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlowcondensed/v5/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979ddb6f0c77e6744b104f96e9d7ab0f8fc56d7f24ab10d853e4e96fa425e9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://go.cybereason.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:44:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
age
3993
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19724
x-xss-protection
0
expires
Fri, 27 May 2022 15:44:47 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://go.cybereason.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 01:14:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:46 GMT
server
sffe
age
229014
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20444
x-xss-protection
0
expires
Wed, 25 May 2022 01:14:26 GMT
l
use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/abc1c3/00000000000000003b9b0ac9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
359197d1e7ab63fe678db88914f31f1f9f6a37bd182e0de565fc7a68302a1f50

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"8c3ee2b4e977df4e0f73e1b985c24fba9611fc49"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16652
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://go.cybereason.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2486680
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
0a5055e7df000016f2170b8000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7RAIGHtEwNR55ulU%2Bq2AF2QFuOgMRz4R%2BSvlsurrJ5TSiaD5LisT2W19f0TgRuy2WbiuZvE6LxjOgRgLNG2JKhxPeTSiSuf6CMevfqccWGTkUqJ2foS%2BELQEDg5qhd%2FURodDf3Vxj3Ta%2FDelrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6560bf52fc6c16f2-FRA
expires
Tue, 17 May 2022 16:51:20 GMT
l
use.typekit.net/af/343335/00000000000000003b9b0ad0/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/343335/00000000000000003b9b0ad0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"eedb93b5a9ba82f97df21a2548066c304a8baad8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16112
l
use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4b34d2/00000000000000003b9b0acf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7219936e6e56b9932b2f1dd06cfff09b655a729bb17d0aa6d757e14184512384

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"2d91046573f0e4458e7737f18f00bb9c13388e11"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16252
l
use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cb6232/00000000000000003b9b0ad8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"865da7d2ecc4da3cb6bd5574f01738cfc5c8bb11"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15448
l
use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/62203f/00000000000000003b9b0ac8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
66b4fac9494bbeda177f4637fa3e7423fc8ef54b11a6875e68cdf3e472293b2a

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"7b5be73a29b093f7ae3c099f5a521c9274f6db28"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17148
l
use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/19a2f0/00000000000000003b9b0ac7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"b9e1ecdf0fe601a7e9dfc362b400290203e7b31c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16456
l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cfbead/0000000000000000000146b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
365a7ca6f52df29efedfdac2e08a9d0f03e4e2122dd9a49803bf8dacd58480fc

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"122498e3424e674610da39fb441d661549879239"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23248
l
use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/f50d41/00000000000000003b9b2c84/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
765097740b7490e6ab6a2d8624199ab7b147e8c6cec064b6cce257750fdb1985

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
server
nginx
etag
"13c2813ff67959226aaa4eccfcdd1399bd756b8d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15336
3354902.js
js.hs-banner.com/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/3354902.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs/scriptloader/3354902.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623b83b7a124ff66f8e313564579cb6669fcd6e1f72d2401e549dc0607be7fd0

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
content-encoding
br
cf-cache-status
HIT
age
167
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
ZMKX7NZPBK3RP849
x-amz-id-2
YS49ZeBb8Klw1mvu65BzaTTwMBwB1DlNOC4D1m6Tqt7HAhO5vYUZgQ3Wne6IP1L2oG90PIp67II=
timing-allow-origin
*
last-modified
Thu, 27 May 2021 16:46:15 GMT
server
cloudflare
etag
W/"3266b6e97a385a9f6538cda7d744dcd9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
QoIiFdPwwM9nOV6ri5Eol0uqg06pdIHp
access-control-allow-origin
https://www.cybereason.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
0a5055e83e00004a55da02a000000001
cf-ray
6560bf539c064a55-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 27 May 2021 16:53:33 GMT
leadflows.js
js.hsleadflows.net/ 		471 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs/scriptloader/3354902.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e5ad8f6aab7933888e789f5b9eed29f6064a9a256fe35c384c8da0b648d3dc

Request headers

Origin
https://go.cybereason.com
Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
via
1.1 600860a2fda807ac628822c14b5de861.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
IAD89-C3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1019/bundle/main/lead-flows-release.js&cfRay=6560bf539da4dfb7-EWR
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0a5055e8420000dfb778332000000001
cf-ray
6560bf539da4dfb7-FRA
last-modified
Mon, 10 May 2021 01:50:02 UTC
server
cloudflare
etag
W/"a0422ceeab86db6e0c81719033b4bab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
vzNq8gdJKWGHBPoJ4NIykDa1nlgXs_sz
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
tIUKIVEZB9wmqQARDMjwnVmlJjv5AQfwBOGK-UEALzdqhlIJxtg_MA==
x-hs-target-asset
lead-flows-js/static-1.1019/bundle/main/lead-flows-release.js
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs/scriptloader/3354902.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b2305414c9bf43fa92261bef6e29c905907a74dac72bd4db0bc7c0564c2a1cf

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
via
1.1 ddeb8679359f033dad405557c487bfdd.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
202
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.236/bundles/pixels-release.js&cfRay=6560ba642bb164bb-EWR
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0a5055e83e000017726bab9000000001
last-modified
Wed, 26 May 2021 04:03:26 UTC
server
cloudflare
etag
W/"9bf4a7e463a03f7ef4d23adef96f0eb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
7qr9esS2QpE6nCtS.kIl1u2Oe.WmUioR
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
6560bf539a241772-FRA
x-amz-cf-id
41F0exAYEP4hW1-RXvleWB4VMxQsAOP6aIev7hGRd1vp-O1ee3KkmQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.236/bundles/pixels-release.js
3354902.js
js.hs-analytics.net/analytics/1622134200000/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1622134200000/3354902.js
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/hs/scriptloader/3354902.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c950d2f6280e424541ed091a19d486456637ab7ae5ec002384789c6a2d22a7

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
content-encoding
br
cf-cache-status
HIT
age
12
x-amz-server-side-encryption
AES256
x-amz-request-id
9SGSQAAH4QXXQN4R
x-amz-id-2
SUJ6dC0D1ZtE1srmBx8NaMZoH/IpXRDtXyD1M4YoAki9dZp0idLZ/PWKhDTcyLLZFfY5ylOI4To=
last-modified
Wed, 12 May 2021 19:22:05 GMT
server
cloudflare
etag
W/"847c44da0c08099c02c1f3a38ef873ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
0a5055e842000096bcc19b4000000001
cf-ray
6560bf539a8d96bc-FRA
expires
Thu, 27 May 2021 16:56:08 GMT
ionicons.woff
go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/fonts/ 		0
0
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=vyv2ljd&ht=tk&h=go.cybereason.com&f=32224.32226.32227.32228.32230.32231.10875.32265&a=657783&js=1.20.0&app=typekit&e=js&_=1622134280395
Requested by
Host: go.cybereason.com
URL: https://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://go.cybereason.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 16:51:20 GMT
last-modified
Wed, 02 Sep 2020 03:58:21 GMT
server
nginx
etag
"5f4f185d-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go.cybereason.com
URL
https://go.cybereason.com/hs-fs/hub/3354902/hub_generated/template_assets/34470223313/1613710752320/__CR_Web_Platform_2020/fonts/ionicons.woff

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn2.hubspot.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
go.cybereason.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
p.typekit.net
use.typekit.net
www.cybereason.com
go.cybereason.com
2606:2c40::c73c:671e
2606:4700::6810:135e
2606:4700::6811:45b0
2606:4700::6811:73b0
2606:4700::6811:e9cc
2606:4700::6811:f2cc
2606:4700::6812:14bf
2a00:1450:4001:802::200a
2a00:1450:4001:829::2003
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
04dd055d876e33cd855216a182ed10c8b7bddee72c386b56fc0b83f2c2dc355f
0a1db8e6cb7ae20e5ac308a25943b94734e7ad0f794b26eb778c7e38ae2b51e0
0c52e8791a542bfaa4a3dfb738cbc6839d2f74158b37d8a4d34ea00479bb3f33
0ea7d23d55fdda4f42a373f9a16ddb9a744c682714a9516dc95e9acdc5b3ce40
10e5ad8f6aab7933888e789f5b9eed29f6064a9a256fe35c384c8da0b648d3dc
2311b7d2f30a6ab89191098f12c99253267df7219477c0702d58bf4999f4a703
2371c06e7b8e71a61051e8304ef99a5a2ca16744fa10602a120e37186e44efdf
2e96bf761583273e370136ed0b934a38ad1e08b386accb37277252b37b9c9961
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
359197d1e7ab63fe678db88914f31f1f9f6a37bd182e0de565fc7a68302a1f50
365a7ca6f52df29efedfdac2e08a9d0f03e4e2122dd9a49803bf8dacd58480fc
3e0678287426530056fd281bc1d147be83a60949e8b9c67c06dde1889317c99e
485cccdd8ff15cbd62137df080aa75d0c9488d4f39923f839332a11a6bc1e2da
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
623b83b7a124ff66f8e313564579cb6669fcd6e1f72d2401e549dc0607be7fd0
66b4fac9494bbeda177f4637fa3e7423fc8ef54b11a6875e68cdf3e472293b2a
6af036a4ec23088a2e702e364d84320dbcd420a0c8c5ef82bac37006554e3ea6
7219936e6e56b9932b2f1dd06cfff09b655a729bb17d0aa6d757e14184512384
72fe18777ebf37b44d58c82be9b67edceefb88c2c6984c614c72991d6e3b8853
765097740b7490e6ab6a2d8624199ab7b147e8c6cec064b6cce257750fdb1985
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b2305414c9bf43fa92261bef6e29c905907a74dac72bd4db0bc7c0564c2a1cf
8150eac82f94042cd505764e4d41d05bd10704a0b526f0775d8f5083a5b3dfe9
864ec376217df4a0d84e0febe3c40894da585c9dc28ce736708a3f541176232c
87645ed89f2832034041bb2a092ec6e4d5f5419720e5048f640b72b6cb57ce7a
87c950d2f6280e424541ed091a19d486456637ab7ae5ec002384789c6a2d22a7
9607506688417bb09b8d6c29362c2fe29bc1b047b793cccddfce876d927fa57b
97829f8a6f2a471117ed06d0b06a81d543b091a262192369c531380779148c5c
97831ff4832c4f000e924a97b5730bebd91816c3282cc2502fca83feebd993a8
979ddb6f0c77e6744b104f96e9d7ab0f8fc56d7f24ab10d853e4e96fa425e9c5
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a9216ae202024ea2e59d024b9e1d25299f40878a27689eef73b21f786534a14e
b34847399b27934d3ea3184a3069a153c3d37577a2a9c4249b37fdb3bc712637
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3f99c65ea3d6186991a21add80eeea6d79500fcb3c9d8263680e0de270e0753
c770fd3e2614d990f2dc9e2369305bdbda4a3adb905f643f268ed3a59199e62a
d27424207917ddbd8f4f474a411c729c790e5f979dbb4af62c05ad9f9e0f34f0
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
dab25a15b65d931fa52f9962befdcf09504b69cb626092fe3bfccfcb5d9db3bf
e25be07e98d8af6966a317f09b01392cce60447ed768a034ec1b18843ee6dcbc
e2a8920d4462889e5f31774efff79ab1f3f2c1005ade3e2be379599502d6f61b
e4a38b04932e2ad77d85997f5cef0de384ecc1bb0b854cf619cb32501158692e
eb23edf11fd3b59074aa91afab71072500344c5cdab4bf8ce021ac254a8c4742
f9d2c69dd090f9e7939e843b439d1fcec1969f8f3a03eee39bc15e5aae11a7d2
fbdacf704d25985f21e496696895dc3006cdaf8ad5ff0fbc2b9b2b82a720ec45