info.zscaler.com Open in urlscan Pro
104.17.72.206  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://hello.zscaler.com/api/mailings/click/PMRGSZBCHIYTGNRWHE4DGNBMEJ2XE3BCHIRGQ5DUOBZTULZPNFXGM3ZOPJZWGYLMMVZC4Y3PNUXXOZLCNFXGC4RNOJQW443PNV3WC4TFFV2GQ4TFMF2C25LQMRQXIZJNMRSWMZLOMQWWCZ3BNFXHG5BNORUGKLLMMF2GK43UFVQXI5DBMNVS25DSMVXGI4Z7OV2G2X3TN52XEY3FHVYHE33NN5OHKMBQGI3HK5DNL5WWKZDJOVWT243EOIRCYITPOJTSEORCGY3GGYZUGZRWILLEGE4WELJUMRRTQLLBGNRTILLGG4YTINJZGU4TSNRZG4RCYITWMVZHG2LPNYRDUIRUEIWCE43JM4RDUITINRWG6SRWJZLW653QNQ3WU5SFNZBU45DTIZ3VK4KPPJBU4TZZINMDA5KSOE2UC2TMLBAT2IT5 HTTP 302
   https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

• https://s.adroll.com/j/exp/ULSJHTPGTZGY3EPPZSKHKS/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 74

• https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

Request Chain 95

• https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&upid=27hmsyx&upv=1.1.0 HTTP 302
• https://match.adsrvr.org/track/upb/?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&upid=27hmsyx&upv=1.1.0

Request Chain 96

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1695654446500%26url%3Dhttps%253A%252F%252Finfo.zscaler.com%252Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%253Futm_source%253Dpromo%2526utm_medium%253Dsdr%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cookiesTest=true&liSync=true

Request Chain 145

• https://d.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cookie=&adroll_s_ref=&keyw=&p0=1264 HTTP 302
• https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js

Request Chain 158

• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
• https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 159

• https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dee0e08e9-fb73-47a0-8862-2e9360d2fa9e HTTP 302
• https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7935351974986845344&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e

Request Chain 160

• https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZWUwZTA4ZTktZmI3My00N2EwLTg4NjItMmU5MzYwZDJmYTll&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e HTTP 302
• https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&google_gid=CAESEBu1MpKsh6GyknojEMe78_g&google_cver=1

Request Chain 163

• https://d.adroll.com/cm/b/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU

Request Chain 164

• https://d.adroll.com/cm/g/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=otSl8ATZXGYnkgkWZIe4dQ HTTP 302
• https://d.adroll.com/cm/g/in

Request Chain 165

• https://d.adroll.com/cm/index/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expiration=1727190446 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expiration=1727190446&C=1

Request Chain 166

• https://d.adroll.com/cm/l/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=a2d4a5f004d95c66279209166487b875 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzUQABoNCK_ExqgGEgUI6AcQAEIASgA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=fb84fca323a3abd7d0c29338db335c0110adc4cdce1faf141b94845168c73184791426b5417dce21&_=2 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmYjg0ZmNhMzIzYTNhYmQ3ZDBjMjkzMzhkYjMzNWMwMTEwYWRjNGNkY2UxZmFmMTQxYjk0ODQ1MTY4YzczMTg0NzkxNDI2YjU0MTdkY2UyMRAAGgwIr8TGqAYSBAgCEABCAEoA HTTP 302
• https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmYjg0ZmNhMzIzYTNhYmQ3ZDBjMjkzMzhkYjMzNWMwMTEwYWRjNGNkY2UxZmFmMTQxYjk0ODQ1MTY4YzczMTg0NzkxNDI2YjU0MTdkY2UyMRAAGgwIr8TGqAYSBAgCEABCAEoA&google_gid=CAESEFSyTewMJBBvPy-odkvqEL4&google_cver=1 HTTP 307
• https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
• https://idsync.rlcdn.com/458249.gif?partner_uid=f3172656-31d7-412d-bd73-483d2803673a

Request Chain 167

• https://d.adroll.com/cm/n/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expires=365

Request Chain 168

• https://d.adroll.com/cm/o/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=a2d4a5f004d95c66279209166487b875&gdpr=0&gdpr_consent= HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a2d4a5f004d95c66279209166487b875&gdpr=0&gdpr_consent=

Request Chain 169

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 170

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 171

• https://d.adroll.com/cm/r/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 172

• https://d.adroll.com/cm/taboola/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU

Request Chain 173

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&dongle=c85e HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=

Request Chain 174

• https://d.adroll.com/cm/x/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&advertisable=ULSJHTPGTZGY3EPPZSKHKS HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU

Request Chain 194

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=3d2e0bcc-5bb5-11ee-880d-095df7e24732&gdpr=&gdpr_consent= HTTP 302
• https://px.steelhousemedia.com/tdsync?tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&shguid=3d2e0bcc-5bb5-11ee-880d-095df7e24732

Request Chain 195

• https://insight.adsrvr.org/track/evnt/?adv=80b7kxf&ct=0:zz65l7w&fmt=3 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
• https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e HTTP 302
• https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request webinar-ransomware-threat-update-defend-against-the-latest-attack-trends Show response info.zscaler.com/ Redirect Chain https://hello.zscaler.com/api/mailings/click/PMRGSZBCHIYTGNRWHE4DGNBMEJ2XE3BCHIRGQ5DUOBZTULZPNFXGM3ZOPJZWGYLMMVZC4Y3PNUXXOZLCNFXGC4RNOJQW443PNV3WC4TFFV2GQ4TFMF2C25LQMRQXIZJNMRSWMZLOMQWWCZ3BNFXHG5BN... https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr	40 KB 11 KB	372ms 319ms	Document text/html	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd5769e3a532d5c749d001101b971620672f23cae49105217d3a7e6dc480775b Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control stale-while-revalidate=60, max-age=300, public cf-cache-status DYNAMIC cf-ray 80c42d37888d5425-YYZ content-encoding gzip content-type text/html; charset=utf-8 date Mon, 25 Sep 2023 15:07:25 GMT p3p CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT" server cloudflare vary *,Accept-Encoding x-asset-type LP x-content-type-options nosniff Redirect headers content-length 156 content-type text/html; charset=utf-8 date Mon, 25 Sep 2023 15:07:24 GMT location https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/	152 KB 25 KB	73ms 17ms	Stylesheet text/css	151.101.1.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff content-encoding br age 9177688 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 25360 x-served-by cache-fra-eddf8230097-FRA, cache-yyz4547-YYZ x-jsd-version-type version etag W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	gatedTemplate.css info.zscaler.com/rs/306-ZEJ-256/images/	11 KB 3 KB	67ms 67ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec6dac416ec8cebb3d7c7eec1390369f9791e2ea6f6b4b3c3f72ddf3619abc7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 13 Sep 2023 18:59:47 GMT server cloudflare etag "563cd0-2dc5-6054229ca75c5" vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d399bdf5425-YYZ content-length 2745 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	vendor.css info.zscaler.com/rs/306-ZEJ-256/images/	76 KB 16 KB	61ms 61ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/vendor.css Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61b5f44d9fdad188b568f4b1d186038c9f490b7dd1d4bc1d5dae9bcff26b26fe Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:11:11 GMT server cloudflare etag "563a7d-12fc3-604e39b61fe2b" vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d399be15425-YYZ content-length 15801 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	customForm.css info.zscaler.com/rs/306-ZEJ-256/images/	3 KB 1 KB	68ms 68ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/customForm.css Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4feb9df115c65b7e83d09a3e965c69e7184ca9884d71c7d187a32f2bf0593965 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Thu, 21 Sep 2023 18:53:57 GMT server cloudflare etag "563aa4-d4c-605e303b02829" vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d399be25425-YYZ content-length 955 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	ZLogo.svg info.zscaler.com/rs/306-ZEJ-256/images/	4 KB 2 KB	58ms 56ms	Image image/svg+xml	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/ZLogo.svg Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 143b7d3b556bf7e8d2fa4638665df0c567d0225ad794f829f8125817ebc2805b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:14:12 GMT server cloudflare etag W/"563aa5-107a-604e3a62adb63" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=60 cf-ray 80c42d3a5cfd5425-YYZ expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	forms2.min.js Show response info.zscaler.com/js/forms2/js/	208 KB 69 KB	51ms 51ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/js/forms2/js/forms2.min.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f244fcb6b0aeadba8f41f30a7f451c0aaa06445ec854c3d9bbef1c485a036424 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Thu, 07 Sep 2023 05:56:12 GMT server cloudflare age 7044 etag "340de4-34099-604be84687700" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 80c42d3a0c8b5425-YYZ expires Mon, 25 Sep 2023 19:07:25 GMT
GET H2	200	Checkmark.svg info.zscaler.com/rs/306-ZEJ-256/images/	333 B 352 B	66ms 65ms	Image image/svg+xml	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/Checkmark.svg Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19393506f78f80c508c1695ba7b61c3de9072959797ca74db4337470c7dd91ce Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:14:12 GMT server cloudflare etag W/"563aa6-14d-604e3a62b0a43" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=60 cf-ray 80c42d3a5d005425-YYZ expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	dummyImg1.png info.zscaler.com/rs/306-ZEJ-256/images/	4 KB 4 KB	115ms 114ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/dummyImg1.png Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca8e240238bfb1728172ce63eea342c5720f9f2fa28c9f9364045769c36e456d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:14:15 GMT server cloudflare etag "563aa9-f4c-604e3a658774c" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d3a5d035425-YYZ content-length 3916 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/	84 KB 27 KB	62ms 24ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 424965 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27198 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1514f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9MsdvwYqsHx0FuxW%2B2rS6DjrSRzwyuWqwZSULC%2B%2BeuShTbJAhzXHwyFBZOBM6ohwcB3wIEyfI54lSz%2F9t%2FVjt3yO587RTSsNlDGL3ryjnUpNOd3OsFBJ88to4Io3Kr6eHh1ekAn"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 80c42d3a6b3d53fb-YYZ expires Sat, 14 Sep 2024 15:07:25 GMT
GET H2	200	marketo-templates.min.js Show response info.zscaler.com/rs/306-ZEJ-256/images/	41 KB 14 KB	60ms 58ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/marketo-templates.min.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 801eac795320a48086509fd7a88a899aa1f6c6a057a50f435053c651efcd3424 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:11:12 GMT server cloudflare etag "563a80-a369-604e39b7372f7" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d3a5cf85425-YYZ content-length 14383 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/	77 KB 24 KB	19ms 16ms	Script application/javascript	151.101.1.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff content-encoding br age 10803640 x-jsd-version 5.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 23943 x-served-by cache-fra-eddf8230080-FRA, cache-yyz4547-YYZ x-jsd-version-type version etag W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	teknkl-formsplus-tag-0.2.4.js Show response info.zscaler.com/rs/306-ZEJ-256/images/	1 KB 695 B	61ms 59ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/teknkl-formsplus-tag-0.2.4.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac856e91e268f402a471b7a6a8f6aec4d4e9dc9e7172abb4b19eb797a395b322 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:16:31 GMT server cloudflare etag "563ab6-4dc-604e3ae74283e" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d3a5cfa5425-YYZ content-length 588 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	customJs.js Show response info.zscaler.com/rs/306-ZEJ-256/images/	518 B 369 B	66ms 64ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/customJs.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff5e56b6406e542aa7245f70676bfaaf6d63de3055f17475a3127aa73dbfead0 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:16:31 GMT server cloudflare etag "563ab5-206-604e3ae73b30d" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d3a5cfb5425-YYZ content-length 285 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net//	1 KB 1 KB	108ms 34ms	Script application/x-javascript	104.96.251.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net//munchkin.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.251.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-251-185.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 15:07:25 GMT Content-Encoding gzip Last-Modified Fri, 17 Mar 2023 01:24:48 GMT Server AkamaiNetStorage ETag "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 729
GET H2	200	stripmkttok.js Show response info.zscaler.com/js/	2 KB 767 B	39ms 37ms	Script application/x-javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/js/stripmkttok.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT last-modified Thu, 07 Sep 2023 05:56:12 GMT server cloudflare age 6968 etag "4e2db7-602-604be84687700" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 accept-ranges bytes cf-ray 80c42d3a5cfc5425-YYZ content-length 678 expires Mon, 25 Sep 2023 19:07:25 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	462 KB 123 KB	117ms 44ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash cf12750b1229744a58dbdf00c26317bc7a5fdb6d84d9ef33c88fc6dcbcb9a527 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 125975 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 25 Sep 2023 15:07:25 GMT
GET H2	200	thank-you-for-registering-blue-green-2x-min.jpg info.zscaler.com/rs/306-ZEJ-256/images/	76 KB 77 KB	107ms 106ms	Image image/jpeg	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/thank-you-for-registering-blue-green-2x-min.jpg Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7f51762baf3b0f78c567d5bee59d152e09f44f7bcfcf9fd373fba1502069ecd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff cf-cache-status REVALIDATED cf-bgj h2pri last-modified Sat, 09 Sep 2023 02:40:56 GMT server cloudflare etag "563ac7-13162-604e405d21c46" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d3a5d065425-YYZ content-length 78178 expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	GT-Haptik-ZS-Medium.woff2 info.zscaler.com/rs/306-ZEJ-256/images/	39 KB 40 KB	57ms 57ms	Font text/plain	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/GT-Haptik-ZS-Medium.woff2 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f26acd8ebaeb0c33a2e9c7100c104345e547f12de89db3b427eb0e87f946df2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Origin https://info.zscaler.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:14:13 GMT server cloudflare etag W/"563aa7-9d48-604e3a63bd717" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control public, max-age=60 cf-ray 80c42d3a5d075425-YYZ expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	GT-Haptik-ZS-Bold.woff2 info.zscaler.com/rs/306-ZEJ-256/images/	39 KB 40 KB	146ms 146ms	Font text/plain	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/GT-Haptik-ZS-Bold.woff2 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a70ddae090fbab4f249a50c1e46f4d69f36da3b962404ffd4547a4e7c5e16979 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Origin https://info.zscaler.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:14:13 GMT server cloudflare etag W/"563aa8-9d90-604e3a646a0d7" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control public, max-age=60 cf-ray 80c42d3a5d085425-YYZ expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	GT-Haptik-ZS-Regular.woff2 info.zscaler.com/rs/306-ZEJ-256/images/	37 KB 37 KB	66ms 65ms	Font text/plain	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/rs/306-ZEJ-256/images/GT-Haptik-ZS-Regular.woff2 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e78918cb8089e7b23099d739b5fef9a75284d3fec8d8c4167b43a7a2e919882 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/rs/306-ZEJ-256/images/gatedTemplate.css Origin https://info.zscaler.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED last-modified Sat, 09 Sep 2023 02:11:12 GMT server cloudflare etag W/"563a7f-93f4-604e39b72bb5f" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control public, max-age=60 cf-ray 80c42d3a7d2a5425-YYZ expires Mon, 25 Sep 2023 15:08:25 GMT
GET H2	200	getForm Show response info.zscaler.com/index.php/form/	23 KB 5 KB	607ms 607ms	XHR application/javascript	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/index.php/form/getForm?munchkinId=306-ZEJ-256&form=8637 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b5b8081724ff971c7832bde9d287da1e1bc4944162ab0e771d9d4e4c99c0e20 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/javascript; charset=utf-8 x-form-service-request-id be4#18acce1814a x-marketo-source Form Service cf-ray 80c42d3aad7d5425-YYZ cached false
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/163/	11 KB 5 KB	36ms 36ms	Script application/x-javascript	104.96.251.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/163/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net//munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.251.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-251-185.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 15:07:25 GMT Content-Encoding gzip Last-Modified Fri, 06 Jan 2023 02:26:40 GMT Server AkamaiNetStorage ETag "ea7826f34518d7c2295738f39c7640fa:1672972000.238769" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Length 4741 Expires Wed, 03 Jan 2024 15:07:25 GMT
POST H/1.1	200 OK	visitWebPage 306-zej-256.mktoresp.com/webevents/	2 B 318 B	153ms 39ms	Ping text/plain	192.28.144.124 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://306-zej-256.mktoresp.com/webevents/visitWebPage?_mchNc=1695654445334&_mchCn=webinar-ransomware-threat-update-defend-against-the-latest-attack-trends&_mchId=306-ZEJ-256&_mchTk=_mch-zscaler.com-1695654445333-78497&_mchWs=j1RR&_mchHo=info.zscaler.com&_mchPo=&_mchRu=%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=utm_source%3Dpromo__-__utm_medium%3Dsdr Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/163/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.144.124 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 15:07:25 GMT Content-Encoding gzip Server nginx/1.20.1 Transfer-Encoding chunked Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive X-Request-Id f241b2b2-29a2-4f2e-9a10-686468134350
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/973777747/	3 KB 2 KB	157ms 80ms	Script text/javascript	142.251.111.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973777747/?random=1695654445413&cv=11&fst=1695654445413&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&auid=706515576.1695654445&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f154.1e100.net Software cafe / Resource Hash 28b290b6523b56416d3cd93b6f45232620cf9fb2041a1f66924540f332e1968e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1396 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	109ms 35ms	Script text/javascript	142.251.16.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f113.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 25 Sep 2023 14:05:40 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 3705 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 25 Sep 2023 16:05:40 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/	3 KB 2 KB	285ms 212ms	Script text/javascript	142.251.111.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1695654445421&cv=11&fst=1695654445421&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&auid=706515576.1695654445&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f154.1e100.net Software cafe / Resource Hash bb996b4c39d5b426d903d362f7457cb75c06795f472b003f948bcddcfee54ac5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1393 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget.js Show response app.hushly.com/runtime/	1 KB 2 KB	320ms 103ms	Script text/javascript	35.81.206.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.hushly.com/runtime/widget.js?aid=5287 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.81.206.252 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-81-206-252.us-west-2.compute.amazonaws.com Software / Resource Hash 517381e9702df6a6b6bf7921e93447d4b7d626a45fc55d31934a8392946b79c5 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-type text/javascript;charset=utf-8 pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT cache-control no-cache, no-store, must-revalidate expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	288 KB 95 KB	51ms 50ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 6dc8cc9196c29ddec11d92eab47242938f53e77d38f3288588a9cf03a8993dd6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96685 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 25 Sep 2023 15:07:25 GMT
POST H2	204	collect analytics.google.com/g/	0 245 B	98ms 41ms	Ping text/plain	216.239.38.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je39k2&_p=1897460890&_gaz=1&cid=1300014578.1695654446&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695654445&sct=1&seg=0&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&ep.content_group=Resources Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.181 Los Gatos, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	115ms 44ms	Ping text/plain	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-10SPJ4YJL9&cid=1300014578.1695654446&gtm=45je39k2&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	120ms 47ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-10SPJ4YJL9&cid=1300014578.1695654446&gtm=45je39k2&aip=1&z=1610351815 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 208 B	44ms 43ms	XHR text/plain	142.251.16.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1897460890&t=pageview&_s=1&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&ul=en-us&de=UTF-8&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=724907935&gjid=562351210&cid=1300014578.1695654446&tid=UA-6177009-1&_gid=1924790707.1695654446&_slc=1&gtm=45He39k2n715SLZFK&z=1840216499 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f113.1e100.net Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	86ms 43ms	XHR text/plain	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6177009-1&cid=1300014578.1695654446&jid=724907935&gjid=562351210&_gid=1924790707.1695654446&_u=YCDAiEABBAAAAGAAI~&z=1614950613 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/973777747/	42 B 455 B	123ms 49ms	Image image/gif	172.253.115.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/973777747/?random=1695654445413&cv=11&fst=1695654000000&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&fmt=3&is_vtc=1&random=2582494378&rmt_tld=0&ipr=y Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/973777747/	42 B 154 B	91ms 48ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/973777747/?random=1695654445413&cv=11&fst=1695654000000&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&fmt=3&is_vtc=1&random=2582494378&rmt_tld=1&ipr=y Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	48ms 48ms	Image image/gif	172.253.115.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6177009-1&cid=1300014578.1695654446&jid=724907935&_u=YCDAiEABBAAAAGAAI~&z=232597144 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 107 B	49ms 49ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6177009-1&cid=1300014578.1695654446&jid=724907935&_u=YCDAiEABBAAAAGAAI~&z=232597144 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/812494211/	42 B 108 B	50ms 49ms	Image image/gif	172.253.115.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/812494211/?random=1695654445421&cv=11&fst=1695654000000&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&fmt=3&is_vtc=1&random=544353857&rmt_tld=0&ipr=y Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/812494211/	42 B 108 B	48ms 48ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/812494211/?random=1695654445421&cv=11&fst=1695654000000&bg=ffffff&guid=ON&async=1&gtm=45He39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&fmt=3&is_vtc=1&random=544353857&rmt_tld=1&ipr=y Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:25 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget-6ea6e06aafd7e8688a9682af475fc7db.js Show response app.hushly.com/assets/	423 KB 126 KB	166ms 166ms	Script application/javascript	35.81.206.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.hushly.com/assets/widget-6ea6e06aafd7e8688a9682af475fc7db.js Requested by Host: app.hushly.com URL: https://app.hushly.com/runtime/widget.js?aid=5287 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.81.206.252 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-81-206-252.us-west-2.compute.amazonaws.com Software / Resource Hash 50727bb494fe5a7a0caa0f700d257698e7b4cc84171e6658ba286a1e42f59178 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip last-modified Sat, 09 Sep 2023 08:46:16 GMT etag "widget-6ea6e06aafd7e8688a9682af475fc7db.js" vary Accept-Encoding content-type application/javascript;charset=UTF-8 cache-control public, max-age=31536000 content-length 128357
GET H2	200	forms2.css info.zscaler.com/js/forms2/css/	13 KB 3 KB	31ms 30ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/js/forms2/css/forms2.css Requested by Host: info.zscaler.com URL: https://info.zscaler.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63113904 cf-cache-status HIT age 7043 content-length 2623 last-modified Thu, 07 Sep 2023 05:56:12 GMT server cloudflare etag "340ddc-3437-604be84687700" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 80c42d3e8b4b5425-YYZ expires Mon, 25 Sep 2023 19:07:25 GMT
GET H2	200	forms2-theme-shadow.css info.zscaler.com/js/forms2/css/	3 KB 1 KB	53ms 52ms	Stylesheet text/css	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/js/forms2/css/forms2-theme-shadow.css Requested by Host: info.zscaler.com URL: https://info.zscaler.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f25b000c1ea5d6263d7758d8e40302bc221d902b330473486a7be58c9e79e057 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Thu, 07 Sep 2023 05:56:12 GMT server cloudflare etag "340de1-d84-604be84687700" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 80c42d3e8b4e5425-YYZ content-length 945 expires Mon, 25 Sep 2023 19:07:25 GMT
GET H2	200	css fonts.googleapis.com/	717 B 888 B	119ms 46ms	Stylesheet text/css	172.253.122.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato Requested by Host: info.zscaler.com URL: https://info.zscaler.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f95.1e100.net Software ESF / Resource Hash eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 25 Sep 2023 14:36:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 25 Sep 2023 15:07:25 GMT
GET H2	200	getKnownLead Show response info.zscaler.com/index.php/form/	5 B 129 B	383ms 383ms	XHR application/json	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.zscaler.com/index.php/form/getKnownLead?form=8637&lpId=86429&munchkinId=306-ZEJ-256&filledFields=true&_mkt_trk=id%3A306-ZEJ-256%26token%3A_mch-zscaler.com-1695654445333-78497 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0a34da0d1630ff2b9a40b845e83c3f5219ccfb993afa54ef93b32a11a04b916 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 80c42d3e8b545425-YYZ content-length 25
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	43ms 43ms	XHR text/plain	142.251.16.113 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1897460890&t=event&ni=1&_s=1&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&ul=en-us&de=UTF-8&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=10%25&el=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_u=aCDACEABBAAAAGAAI~&jid=458079445&gjid=626899317&cid=1300014578.1695654446&tid=UA-6177009-1&_gid=1924790707.1695654446&_r=1&gtm=45He39k2n715SLZFK&z=1235121810 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f113.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	36ms 35ms	Image image/gif	142.251.16.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1897460890&t=event&ni=1&_s=1&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&ul=en-us&de=UTF-8&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=25%25&el=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_u=aCDACEABBAAAAGAAI~&jid=&gjid=&cid=1300014578.1695654446&tid=UA-6177009-1&_gid=1924790707.1695654446&gtm=45He39k2n715SLZFK&z=689365555 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f113.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 02:00:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 47202 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	36ms 36ms	Image image/gif	142.251.16.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1897460890&t=event&ni=1&_s=1&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&ul=en-us&de=UTF-8&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=50%25&el=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_u=aCDACEABBAAAAGAAI~&jid=&gjid=&cid=1300014578.1695654446&tid=UA-6177009-1&_gid=1924790707.1695654446&gtm=45He39k2n715SLZFK&z=569456835 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f113.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 02:00:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 47202 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	37ms 36ms	Image image/gif	142.251.16.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1897460890&t=event&ni=1&_s=1&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&ul=en-us&de=UTF-8&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=75%25&el=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_u=aCDACEABBAAAAGAAI~&jid=&gjid=&cid=1300014578.1695654446&tid=UA-6177009-1&_gid=1924790707.1695654446&gtm=45He39k2n715SLZFK&z=1891599309 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f113.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 02:00:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 47202 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	6934ae2b-4c76-4229-97d0-8f637b004b88.js Show response j.6sc.co/j/	4 KB 2 KB	213ms 85ms	Script application/javascript	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash fcd0d01f674bf8bc63ee2236eb16f008bdfaa10ff622806b05b762a88ac3498c Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id uLuCr1hhLpJjZt0sFSB89FSJa4YqIrE7 content-encoding gzip date Mon, 25 Sep 2023 15:07:26 GMT x-amz-cf-pop IAD79-C3 x-amz-server-side-encryption AES256 x-amz-meta-content-type application/json content-length 1178 pragma no-cache last-modified Tue, 02 May 2023 17:36:47 GMT server AmazonS3 etag "afb8c61166e7f50fe6d7ab7b6377733c" vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-cache, no-store accept-ranges bytes x-amz-cf-id H88ajU1DY7SeQp_pl55jHt9S4GPGtgHjUG7rvu0kg036_BY51_MDvQ== expires Mon, 25 Sep 2023 15:07:26 GMT
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	75 KB 24 KB	111ms 35ms	Script text/javascript	3.162.103.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.162.103.36 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-103-36.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 0e7ad47a4bc6ddbb17cb8cbe6167dae4717d0b5962a1d63de2e93e6dc201b9e8 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers X-Amz-Version-Id 2W0nFhLgp3U9gUvvEzXT9GuNEpd6A6yg Content-Encoding gzip Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Date Mon, 25 Sep 2023 14:48:59 GMT Age 1108 X-Amz-Cf-Pop IAD61-P1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Thu, 03 Aug 2023 19:17:31 GMT Server AmazonS3 Etag W/"67e54a60303cfbf4c3b977aa390ad408" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id _tlLO9fVzY4VeES_POhuhPhPWj9rZgBP0MRUD37qLyb_FMR-4dHLow==
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	156ms 44ms	Script application/x-javascript	23.49.5.135 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.49.5.135 , United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-49-5-135.deploy.static.akamaitechnologies.com Software / Resource Hash 28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Sep 2023 13:41:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=72241 accept-ranges bytes content-length 3822
GET H2	200	bat.js Show response bat.bing.com/	44 KB 13 KB	118ms 49ms	Script application/javascript	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 25 Sep 2023 15:07:25 GMT last-modified Wed, 06 Sep 2023 22:41:28 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 37597C6D88E44CF385A0F057BA9F5BB6 Ref B: YTO01EDGE0707 Ref C: 2023-09-25T15:07:26Z etag "09cc4613e1d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 12981
GET H2	200	bizible.js Show response cdn.bizible.com/scripts/	67 KB 25 KB	118ms 30ms	Script application/x-javascript	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/scripts/bizible.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/81BC) / Resource Hash 02b61494e4641343cce5b0cc64b3306561abf604e64efe05a91224c92e94dc20 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip last-modified Fri, 22 Sep 2023 03:20:21 GMT server ECS (cha/81BC) age 59302 etag "aadd39b83edd91:0" vary Accept-Encoding x-cache HIT content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes content-length 25471
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	197 KB 53 KB	104ms 35ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 25 Sep 2023 15:07:26 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53243 x-xss-protection 0 pragma public x-fb-debug dc6iFka5n9atQeP3sBlgT+x90hva5mITjIeE4P3g5aBIt6si6aW/rra4/KRSPDPMKf4Qd6JvdVBDiqylw2EPnQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	2ykw9843t99d.js Show response js.driftt.com/include/1695654600000/	215 KB 61 KB	141ms 66ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1695654600000/2ykw9843t99d.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 6b59be2f48490e7fab65a6fa43c99851ed0026b9c651ffa9937f49ad57cc2a22 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-amz-version-id l.B85eaiR5sX7u8JchWT4_t6lV2e1Zf2 strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip date Mon, 25 Sep 2023 15:07:26 GMT via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 31 last-modified Tue, 19 Sep 2023 20:16:03 GMT server istio-envoy etag W/"cfd0f6983bb181a781dd1c9ca318f995" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id DaqALCevbWPXwcIPoHgN8p_8H_JcMcapZNAzZUoAiFzRa4tWsre1IA==
GET H2	200	tracking.js Show response trk.techtarget.com/	3 KB 2 KB	105ms 64ms	Script text/javascript	104.18.36.196 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trk.techtarget.com/tracking.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.36.196 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT via 1.1 google content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 13 Dec 2022 15:01:39 GMT server cloudflare age 2855 vary Accept-Encoding content-type text/javascript cache-control public, max-age=1200 cf-ray 80c42d40eeb439fc-YYZ expires Mon, 25 Sep 2023 15:27:26 GMT
GET H/1.1	200 OK	spx Show response dx.mountain.com/	20 KB 6 KB	158ms 44ms	Script application/javascript	34.238.149.65 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cb=17625584547961748term=value Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.238.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-238-149-65.compute-1.amazonaws.com Software istio-envoy / Resource Hash d08879a0a185c594dbc4df51a79d55c8bb178861e3f695cab28316c0c2644802 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip server istio-envoy vary origin,access-control-request-method,access-control-request-headers,accept-encoding transfer-encoding chunked content-type application/javascript;charset=utf-8 x-envoy-upstream-service-time 4 be spx-prod expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	ping.min.js Show response cdn.pdst.fm/	26 KB 6 KB	55ms 18ms	Script application/javascript	35.244.142.80 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.pdst.fm/ping.min.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.142.80 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 80.142.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 14:44:16 GMT content-encoding gzip age 1390 x-guploader-uploadid ADPycdu9KRo3mYx5B8zVbLndF7jryCqSjgDHOkajtOhxdMXOsseLvXEqmU9d64LeHkucdlTQUFyZAnfyRPARKittNFM79Q x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5774 last-modified Fri, 28 May 2021 20:34:03 GMT server UploadServer etag "d001d1c9f5a942fa5524eeacb047e819" vary Accept-Encoding x-goog-generation 1622234043862937 x-goog-hash crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ== access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=3600 x-goog-stored-content-length 5774 accept-ranges bytes content-type application/javascript; expires Mon, 25 Sep 2023 15:44:16 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	243 KB 82 KB	54ms 53ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-812494211 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 4a46c97b81e9306fbfc84169d5df9a3804e433c79518fdea8469a6be60430183 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84005 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 25 Sep 2023 15:07:26 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	106ms 33ms	Script application/x-javascript	18.67.60.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SLZFK Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.67.60.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-60-119.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Sun, 24 Sep 2023 20:50:09 GMT Content-Encoding gzip Via 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront) Last-Modified Tue, 01 Aug 2023 20:10:44 GMT Server AmazonS3 X-Amz-Cf-Pop IAD89-P1 Age 65838 x-amz-server-side-encryption AES256 ETag W/"b7474eac210849250426a8f6a39d00f3" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id hMI7R51qocDz3wkKR0MkWjdmb41jCE8tmqXT-fIx4-vX9aZTfocS2g==
GET H2	403	sf14g.js t.sf14g.com/	0 0	197ms 37ms	Script text/html	54.80.42.4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://t.sf14g.com/sf14g.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.80.42.4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-80-42-4.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	34ms 34ms	Script application/x-javascript	104.96.251.185 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.96.251.185 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-96-251-185.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 15:07:26 GMT Content-Encoding gzip Last-Modified Fri, 17 Mar 2023 01:24:48 GMT Server AkamaiNetStorage ETag "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 729
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	45ms 44ms	XHR text/plain	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6177009-1&cid=1300014578.1695654446&jid=458079445&gjid=626899317&_gid=1924790707.1695654446&_u=aCDACEABBAAAAGAAI~&z=1481974220 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	widget-365e4fc9661820c90743b852a36fef3c.css app.hushly.com/assets/	69 KB 12 KB	93ms 93ms	Stylesheet text/css	35.81.206.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.hushly.com/assets/widget-365e4fc9661820c90743b852a36fef3c.css Requested by Host: app.hushly.com URL: https://app.hushly.com/assets/widget-6ea6e06aafd7e8688a9682af475fc7db.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.81.206.252 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-81-206-252.us-west-2.compute.amazonaws.com Software / Resource Hash d8b080802cba44025db6515c924fd17cfba0f2d9123093aaa779d43f8a04a522 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip last-modified Sat, 09 Sep 2023 08:46:16 GMT etag "widget-365e4fc9661820c90743b852a36fef3c.css" vary Accept-Encoding content-type text/css;charset=UTF-8 cache-control public, max-age=31536000 content-length 11756
POST H2	200	5287 Show response app.hushly.com/runtime/widgets/	60 B 789 B	296ms 117ms	XHR application/json	35.81.206.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.hushly.com/runtime/widgets/5287 Requested by Host: app.hushly.com URL: https://app.hushly.com/assets/widget-6ea6e06aafd7e8688a9682af475fc7db.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.81.206.252 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-81-206-252.us-west-2.compute.amazonaws.com Software / Resource Hash a8331d520e307081359e060643052b00e5529d0062b5ce516c251f4da1b9fae2 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin https://info.zscaler.com date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip access-control-allow-credentials true x-robots-tag noindex vary Accept-Encoding content-type application/json
GET H2	200	5287 Show response app.hushly.com/runtime/visitor/	39 B 642 B	113ms 113ms	Script text/javascript	35.81.206.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.hushly.com/runtime/visitor/5287?callback=hushlyVisitorCallback&sid=e2d2f309-172d-4cda-a590-12d914a366d8&vid=d41ca714-9e27-43cd-a632-9378022de6e0&version=2&hly-ip-address=&_=1695654446084 Requested by Host: app.hushly.com URL: https://app.hushly.com/assets/widget-6ea6e06aafd7e8688a9682af475fc7db.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.81.206.252 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-81-206-252.us-west-2.compute.amazonaws.com Software / Resource Hash 3a1d742089020f72ed02e3dd0abe6bd4f1559c9dbac372414baef2d6e606b91a Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT cache-control max-age=31536000, public content-encoding gzip x-robots-tag noindex vary Accept-Encoding content-type text/javascript
GET H2	200	arrow-down-bk.png info.zscaler.com/js/forms2/images/	1 KB 1 KB	58ms 58ms	Image image/png	104.17.72.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://info.zscaler.com/js/forms2/images/arrow-down-bk.png Requested by Host: info.zscaler.com URL: https://info.zscaler.com/js/forms2/css/forms2-theme-shadow.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/js/forms2/css/forms2-theme-shadow.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Thu, 07 Sep 2023 05:56:12 GMT server cloudflare etag "340da2-415-604be84687700" vary Accept-Encoding content-type image/png cache-control public, max-age=60 accept-ranges bytes cf-ray 80c42d40ffda5425-YYZ content-length 1045 expires Mon, 25 Sep 2023 15:08:26 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	50ms 49ms	Image image/gif	172.253.115.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6177009-1&cid=1300014578.1695654446&jid=458079445&_u=aCDACEABBAAAAGAAI~&z=1525442895 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	49ms 48ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6177009-1&cid=1300014578.1695654446&jid=458079445&_u=aCDACEABBAAAAGAAI~&z=1525442895 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	pdst-events-prod-sink us-central1-adaptive-growth.cloudfunctions.net/	0 0	77ms 76ms	Fetch text/html	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink Requested by Host: cdn.pdst.fm URL: https://cdn.pdst.fm/ping.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 Los Gatos, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept application/json Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/json Response headers date Mon, 25 Sep 2023 15:07:26 GMT server Google Frontend etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" x-powered-by Express access-control-allow-methods GET, POST content-type text/html access-control-allow-origin * x-cloud-trace-context 054f53997dcdd0803c27cdb178fcbb3b function-execution-id 1j0f0ukzo1pb access-control-allow-headers Content-Type, Accept content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	200	pdst-events-prod-sink us-central1-adaptive-growth.cloudfunctions.net/ Frame	0 0	103ms 48ms	Preflight text/html	216.239.36.54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.36.54 Los Gatos, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://info.zscaler.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-headers Content-Type, Accept access-control-allow-methods GET, POST access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding gzip content-length 22 content-type text/html; charset=utf-8 date Mon, 25 Sep 2023 15:07:26 GMT etag W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ" function-execution-id a6k2nkpa9o5y server Google Frontend x-cloud-trace-context 967c018f77c2ce30a3e5b536215dba80 x-powered-by Express
GET H2	200	gif.gif Show response ibc-flow.techtarget.com/a/	43 B 463 B	64ms 64ms	XHR image/gif	34.111.208.231 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1695654446300&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&version=2.4 Requested by Host: trk.techtarget.com URL: https://trk.techtarget.com/tracking.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.208.231 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 231.208.111.34.bc.googleusercontent.com Software nginx/1.20.2 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers ibc_rate_tier 2334982 Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT via 1.1 google x-guploader-uploadid ADPycdvx_RkIXY5dvdpS5QA2nMxE-AznpGzydHRo03rH5NxWemt0SmeoYsFAwu9U_XWJUY-9Rt4-O3rLlspX3g9xDL2t x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 last-modified Thu, 08 Dec 2022 21:19:29 GMT server nginx/1.20.2 etag "fc94fb0c3ed8a8f909dbc7630a0987ff" vary Origin x-goog-generation 1670534369365034 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w== cache-control public, max-age=3600 access-control-allow-methods GET, POST, OPTIONS x-goog-stored-content-length 43 accept-ranges bytes access-control-allow-headers ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range expires Mon, 25 Sep 2023 16:07:26 GMT
OPTIONS H2	200	gif.gif ibc-flow.techtarget.com/a/ Frame	0 0	90ms 50ms	Preflight text/html	34.111.208.231 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=2334982&r=1695654446300&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&version=2.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.208.231 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 231.208.111.34.bc.googleusercontent.com Software nginx/1.20.2 / Resource Hash Request headers Accept */* Access-Control-Request-Headers ibc_rate_tier Access-Control-Request-Method GET Origin https://info.zscaler.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-headers ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-length 0 content-type text/html; charset=UTF-8 date Mon, 25 Sep 2023 15:07:26 GMT expires Mon, 25 Sep 2023 15:07:26 GMT server nginx/1.20.2 vary Origin via 1.1 google x-guploader-uploadid ADPycdv9J_nlF2MQXk0dYPky3Hm0ovVQN0UD8VTX6ayHEIf-gBgzR1slQhIWeQQh8k_-NJ9srCwC5qNcEXA_lAW2vhUB
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/ULSJHTPGTZGY3EPPZSKHKS/index.js https://s.adroll.com/j/exp/index.js	28 B 784 B	60ms 35ms	Script application/javascript	3.162.103.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Protocol HTTP/1.1 Server 3.162.103.36 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-103-36.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers X-Amz-Version-Id e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK Date Mon, 25 Sep 2023 14:45:23 GMT Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Age 1324 X-Amz-Cf-Pop IAD61-P1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28 Last-Modified Thu, 03 Aug 2023 18:30:18 GMT Server AmazonS3 Etag "5816cced8568d223aa09d889f300692b" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id SZvpkW7YhiBXroGC2s3H9NZDDYI7Fwd2--g3K2YLsh5Rd7KwQ4txuQ== Redirect headers Date Mon, 25 Sep 2023 14:54:01 GMT Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Age 804 X-Amz-Cf-Pop IAD61-P1 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/exp/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id MMiwsbubzaTBPh-t16-IaNL70jGfjOvb_KW7cWPoYupqdTVLuA-tng==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/fpconsent.js https://s.adroll.com/j/pre/index.js	0 756 B	36ms 34ms	Script application/javascript	3.162.103.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Protocol HTTP/1.1 Server 3.162.103.36 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-103-36.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Date Mon, 25 Sep 2023 11:14:42 GMT Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Age 13965 X-Amz-Cf-Pop IAD61-P1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id LKW4iLgU2uFL93W_kp8gZmIob_XN8BlsGVNr2Qe_prOS3BQRrJSNVg== Redirect headers Date Mon, 25 Sep 2023 14:54:01 GMT Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Age 804 X-Amz-Cf-Pop IAD61-P1 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/pre/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id dDwkdGhMciI2wUlNI8QHmhtrDIlvsGDM93GJEXYcXiIdT_NNtvCoWA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/	0 808 B	100ms 36ms	Script text/javascript	3.162.103.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.162.103.36 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-103-36.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers X-Amz-Version-Id bOc6RCh80c10suh7IIjGPmn2ORRwVBrb Date Mon, 25 Sep 2023 14:59:39 GMT Via 1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront) Age 468 X-Amz-Cf-Pop IAD61-P1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Sun, 17 Sep 2023 12:25:10 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id T8h3OvN_2n_9FLhmPv-Ex5--qxTCJDgfB_1HmRZxu0z5msZwdAzVLA==
GET H2	204	26354555.js Show response bat.bing.com/p/action/	0 118 B	49ms 48ms	Script text/plain	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/26354555.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Mon, 25 Sep 2023 15:07:25 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 22389993EC96463B9683D9A9AF8D364D Ref B: YTO01EDGE0707 Ref C: 2023-09-25T15:07:26Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 359 B	102ms 102ms	Image text/plain	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=26354555&tm=gtm002&Ver=2&mid=2abbf1c7-4b5a-449a-9bc5-c306cd7a2f5a&sid=3cda3ef05bb511ee95aa9500ca221afe&vid=3cda48405bb511eea0de13ce70b14277&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&p=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&r=&lt=1767&evt=pageLoad&sv=1&rn=25677 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 25 Sep 2023 15:07:25 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 17129D244CA144149A74D54B00D8E978 Ref B: YTO01EDGE0707 Ref C: 2023-09-25T15:07:26Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1778897272132032 Show response connect.facebook.net/signals/config/	145 KB 37 KB	90ms 88ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1778897272132032?v=2.9.128&r=stable&domain=info.zscaler.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash e69b2d456e800b6714ae748777f9120dbb7e6eebf39956bd506afb11c794dd83 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 25 Sep 2023 15:07:26 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug N976WdRO/rYfjENEIK8nosLqzbhzgjcJlHxjwJ5G+QVLvjQ/V//fdcyXUouAw03qw4wjTjAPlnoeWiEKJELWiw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	insight.beta.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 40 KB	44ms 44ms	Script application/javascript	23.49.5.135 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.49.5.135 , United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-49-5-135.deploy.static.akamaitechnologies.com Software / Resource Hash 3ac17d461ee8b27503b79e7141b02cffef51873f0f27d5c18b4454ee16a0d97a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff x-check-cacheable YES last-modified Tue, 12 Sep 2023 05:14:46 GMT x-serial 4813 x-cdn AKAM x-amz-server-side-encryption AES256 content-type application/javascript;charset=utf-8 cache-control max-age=27937 accept-ranges bytes content-length 40568
GET H/1.1	200 OK	is Show response 52.22.50.55/	32 B 437 B	143ms 38ms	Fetch text/plain	52.22.50.55 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://52.22.50.55/is Requested by Host: dx.mountain.com URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cb=17625584547961748term=value Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.22.50.55 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-50-55.compute-1.amazonaws.com Software istio-envoy / Resource Hash 9e31768b524e53e3df975d7966e41c8be1c7e5057499ed222e5b7394d9ed0624 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT server istio-envoy access-control-allow-methods GET, POST, OPTIONS content-type text/plain;charset=utf-8 access-control-allow-origin * x-envoy-upstream-service-time 1 connection close access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header content-length 32 x-application-context application:prod:8080
GET H2	200	core Show response js.driftt.com/ Frame 50E4	2 KB 1 KB	50ms 50ms	Document text/html	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1695654600000/2ykw9843t99d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 014c54f9c69b24966b07631c7e8e558f5539ec546d75a475defe14337d28e152 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://info.zscaler.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Mon, 25 Sep 2023 15:07:26 GMT etag W/"00133a3cf34b34b4e4ff44f62b5986b1" last-modified Tue, 19 Sep 2023 20:15:27 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-id -Hi-jgwwyFgGVgyCCEivjWTcEI8cae_-XQz26C2OYvBdGAycj0iRBw== x-amz-cf-pop IAD12-P4 x-amz-server-side-encryption AES256 x-amz-version-id ZNXLNC0ssKOxmDh5pl9NDq6HqHehrwEr x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 23
GET H2	200	chat Show response js.driftt.com/core/ Frame 4D70	2 KB 1 KB	55ms 55ms	Document text/html	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1695654600000/2ykw9843t99d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 014c54f9c69b24966b07631c7e8e558f5539ec546d75a475defe14337d28e152 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://info.zscaler.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html; charset=utf-8 date Mon, 25 Sep 2023 15:07:26 GMT etag W/"00133a3cf34b34b4e4ff44f62b5986b1" last-modified Tue, 19 Sep 2023 20:15:27 GMT server istio-envoy strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-id 1gNWmxcJJu1OrjuPkIaKlSAJ77ifCTayOF2PSz7uPNRZjE1xmcgPbQ== x-amz-cf-pop IAD12-P4 x-amz-server-side-encryption AES256 x-amz-version-id ZNXLNC0ssKOxmDh5pl9NDq6HqHehrwEr x-cache RefreshHit from cloudfront x-envoy-upstream-service-time 12
GET H2	200	6si.min.js Show response j.6sc.co/	51 KB 15 KB	35ms 35ms	Script application/javascript	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: j.6sc.co URL: https://j.6sc.co/j/6934ae2b-4c76-4229-97d0-8f637b004b88.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 24 Aug 2023 22:29:49 GMT server nginx/1.14.0 (Ubuntu) etag "64e7d9dd-cc38" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 14993 expires Mon, 25 Sep 2023 15:07:26 GMT
GET H2	200	ipv cdn.bizible.com/m/	43 B 203 B	30ms 29ms	Image image/gif	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=d628312d08534af2b862727895d26e2b&_biz_s=15381f&_biz_l=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_biz_t=1695654446389&_biz_i=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&_biz_n=0&rnd=951190&cdn_o=a&_biz_z=1695654446390 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/80C2) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT last-modified Fri, 22 Sep 2023 01:13:03 GMT server ECS (cha/80C2) age 309263 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	u cdn.bizibly.com/	43 B 305 B	29ms 28ms	Image image/gif	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizibly.com/u?_biz_u=d628312d08534af2b862727895d26e2b&_biz_s=15381f&_biz_l=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_biz_t=1695654446394&_biz_i=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&rnd=580278&cdn_o=a&_biz_z=1695654446394 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/818C) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT last-modified Thu, 21 Sep 2023 01:12:54 GMT server ECS (cha/818C) age 395672 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/	3 KB 2 KB	302ms 301ms	Script text/javascript	142.251.111.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812494211/?random=1695654446417&cv=11&fst=1695654446417&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&hn=www.googleadservices.com&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&auid=706515576.1695654445&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-812494211 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS bk-in-f154.1e100.net Software cafe / Resource Hash c7184b9537c245753e5bf72b30a7a2ee626a9c0e8231376610389af67b403f62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1412 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runtime~main.250b8c3b.js Show response js.driftt.com/core/assets/js/ Frame 50E4	6 KB 3 KB	34ms 34ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash ab6259024d508e82f2100726285def9d2c67211afc10f9450dbb9efee58db5de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:15:27 GMT x-amz-version-id INmBWBUTI7s8HQHrQELARWPZPG_qc8WA content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 499919 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 59 last-modified Fri, 15 Sep 2023 20:51:10 GMT server istio-envoy etag W/"187268a131d0fc1896127a07856617bb" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id yMBpJu7ZpmGuXenEeo5-fhutGCRzr-gIsqGKxyeoXaJ2bIqLx2DDnw==
GET H2	200	9.4a3e9801.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	35 KB 13 KB	37ms 36ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 17 Jul 2023 08:54:28 GMT x-amz-version-id j9wMK55lq0iLj26rdsSCzkFzouWdiy6V content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 6070378 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 18 last-modified Wed, 12 Jul 2023 14:36:18 GMT server istio-envoy etag W/"c6f58dd3d60f07462254b842dd4f9ca1" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id xAIza_1t1ivALQgv7MRQsbeffBNYbd751cCNGBS4ZnfsPKaN7tNpUQ==
GET H2	200	main~493df0b3.d2a43907.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	7 KB 3 KB	37ms 37ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 08:39:28 GMT x-amz-version-id h8FtHV0i381FW4g4vgS0pDflX8vL7fXX content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1751278 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 23 last-modified Mon, 04 Sep 2023 22:46:03 GMT server istio-envoy etag W/"e094b276ad2035c3a46871991c258c2d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id s5eeFZhpMY3JNmsRXlOrQoOniqiLuKx5wWHJ-J8INV_0lr7noYcfvw==
GET H2	200	runtime~main.250b8c3b.js Show response js.driftt.com/core/assets/js/ Frame 4D70	6 KB 3 KB	36ms 36ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash ab6259024d508e82f2100726285def9d2c67211afc10f9450dbb9efee58db5de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:15:27 GMT x-amz-version-id INmBWBUTI7s8HQHrQELARWPZPG_qc8WA content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 499919 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 59 last-modified Fri, 15 Sep 2023 20:51:10 GMT server istio-envoy etag W/"187268a131d0fc1896127a07856617bb" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id syKc9D0NBy0Yz9ZYe2xOz6hCt6soS_vtEWLyOVB0VpntVwtU_bLtQA==
GET H2	200	9.4a3e9801.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	35 KB 13 KB	39ms 38ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/9.4a3e9801.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 2a8a441d8086f20a64563edc759aba1de84d932e34ff77b8bb0279a730cdb428 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 17 Jul 2023 08:54:28 GMT x-amz-version-id j9wMK55lq0iLj26rdsSCzkFzouWdiy6V content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 6070378 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 18 last-modified Wed, 12 Jul 2023 14:36:18 GMT server istio-envoy etag W/"c6f58dd3d60f07462254b842dd4f9ca1" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id nCoks9e09lCNY4kxPPH2sYRQ5lAPpdSSPu6twYkdqV1Hz8lzr6DVMA==
GET H2	200	main~493df0b3.d2a43907.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	7 KB 3 KB	40ms 40ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/main~493df0b3.d2a43907.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 481baffabb9011ae6ffd10103983908ebc2c06e6f6be7797d226ccee04c2172f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 08:39:28 GMT x-amz-version-id h8FtHV0i381FW4g4vgS0pDflX8vL7fXX content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1751278 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 23 last-modified Mon, 04 Sep 2023 22:46:03 GMT server istio-envoy etag W/"e094b276ad2035c3a46871991c258c2d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id IbzcwGYbkTkCuJp2w8-I4YB-t3Ih1DCHGqqdh2gdFt9aDl70CDU4YQ==
GET H2	200	ULSJHTPGTZGY3EPPZSKHKS Show response d.adroll.com/consent/check/	494 B 980 B	108ms 35ms	Script application/javascript	54.87.66.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/ULSJHTPGTZGY3EPPZSKHKS?pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_s=821a7f1f133b0f02110730c3ad360a58&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.87.66.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-87-66-5.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash 6e13060678b4b556c44b1b3b03266bdbda26305749b962b60ce0bf2dfa49e358 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 494 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	xdc.js Show response cdn.bizible.com/	84 B 316 B	58ms 58ms	Script text/javascript	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/xdc.js?_biz_u=d628312d08534af2b862727895d26e2b&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.09.21 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8123) / Resource Hash 6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:25 GMT content-encoding gzip server ECS (cha/8123) etag EFEDFBC3 vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 content-length 186
GET H2	200	/ Show response match.adsrvr.org/track/upb/ Frame 73B3 Redirect Chain https://insight.adsrvr.org/track/up?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr... https://match.adsrvr.org/track/upb/?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr...	938 B 969 B	39ms 38ms	Document text/html	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/upb/?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&upid=27hmsyx&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 7c9002241a4cf26cb1e47c88687039cea150a8892e3ae20b0ccbd5b46c0e8890 Request headers Referer https://info.zscaler.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-encoding gzip content-type text/html date Mon, 25 Sep 2023 15:07:26 GMT server Kestrel vary Accept-Encoding Redirect headers content-length 491 date Mon, 25 Sep 2023 15:07:26 GMT location https://match.adsrvr.org/track/upb/?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&upid=27hmsyx&upv=1.1.0 server Kestrel
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_sourc... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_sourc... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D33962%26time%3D1695654446500%26url%3Dhttps%253A%252F%252Finfo.zscaler.com%252Fweb... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_sourc...	0 398 B	112ms 112ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cookiesTest=true&liSync=true Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 941EE966E62847F1B0E21DB6EECD7486 Ref B: YTO01EDGE0809 Ref C: 2023-09-25T15:07:26Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYGMFD560AtQ0sL27jDMQ== Redirect headers strict-transport-security max-age=31536000 content-security-policy default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default x-content-type-options nosniff date Mon, 25 Sep 2023 15:07:26 GMT linkedin-action 1 x-cache CONFIG_NOCACHE content-length 0 x-li-uuid AAYGMFD4EpQGTi4ooIE5hQ== pragma no-cache x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 68E7BDD1D149418BBA2B5026887F081E Ref B: YTO01EDGE0809 Ref C: 2023-09-25T15:07:26Z x-frame-options sameorigin x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=33962&time=1695654446500&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cookiesTest=true&liSync=true cache-control no-cache, no-store x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	5287 Show response app.hushly.com/runtime/countries/	75 KB 20 KB	97ms 97ms	Script text/javascript	35.81.206.252 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.hushly.com/runtime/countries/5287?callback=hushlyCountriesCallback&_=1695654446085 Requested by Host: app.hushly.com URL: https://app.hushly.com/assets/widget-6ea6e06aafd7e8688a9682af475fc7db.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.81.206.252 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-81-206-252.us-west-2.compute.amazonaws.com Software / Resource Hash 68b4b6fc343811ef9268a786ba1a6d45532277051d2db7804896df2b58a9b429 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT cache-control max-age=31536000, public content-encoding gzip x-robots-tag noindex vary Accept-Encoding content-type text/javascript
GET H2	200	getuidj Show response secure.adnxs.com/	11 B 572 B	116ms 43ms	XHR application/json	68.67.160.184 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.184 , United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT an-x-request-uuid 914267c6-39ec-4df2-a624-ddab932090ed server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://info.zscaler.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 86.48.15.168; 86.48.15.168; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 11 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 193 B	35ms 34ms	XHR text/html	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://info.zscaler.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	4 B 283 B	120ms 39ms	XHR text/html	96.7.74.59 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.59 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-59.deploy.static.akamaitechnologies.com Software / Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT vary Origin content-type text/html access-control-allow-origin https://info.zscaler.com cache-control max-age=0, no-cache, no-store 6si-ipv6 null server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695654446551_1611090487_699158147_20_1162_15_54_219";dur=1 content-length 4 expires Mon, 25 Sep 2023 15:07:26 GMT
GET BLOB	200 OK	6ad81250-6d88-4650-a072-e182cfcd441e https://info.zscaler.com/	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL blob:https://info.zscaler.com/6ad81250-6d88-4650-a072-e182cfcd441e Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Length 43 Content-Type image/gif
GET H2	200	u cdn.bizible.com/m/	43 B 120 B	29ms 29ms	Image image/gif	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A306-ZEJ-256%26token%3A_mch-zscaler.com-1695654445333-78497&_biz_u=d628312d08534af2b862727895d26e2b&_biz_s=15381f&_biz_l=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&_biz_t=1695654446394&_biz_i=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&_biz_n=1&rnd=488873&cdn_o=a&_biz_z=1695654446509 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8092) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT last-modified Sun, 24 Sep 2023 22:47:12 GMT server ECS (cha/8092) age 58814 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	/ www.facebook.com/tr/	0 185 B	105ms 34ms	Image text/plain	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1778897272132032&ev=PageView&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&rl=&if=false&ts=1695654446520&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695654446518.242845663&cs_est=true&it=1695654446337&coo=false&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.35 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 25 Sep 2023 15:07:26 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	51.558be3c5.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	23 KB 8 KB	35ms 33ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 23 Jul 2023 08:01:55 GMT x-amz-version-id FJkK9YMx2OWsNKBc6KbuqpS2wZqwn2Ni content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5555131 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 16 last-modified Fri, 21 Jul 2023 20:53:09 GMT server istio-envoy etag W/"fa281fcbe4b2e35558d60fae3e316367" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id qONRtJUfxmFbnSxtSj2eX5SzvML1mcXKaP8gZhSicFmTBDIh4q2ALg==
GET H2	200	35.d0f1ccda.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	36 KB 10 KB	36ms 33ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 07:40:27 GMT x-amz-version-id K1zPvVrEzo3SK2xmkNUYjBRjm43Mu3Rp content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1322819 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 29 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"46fa5a7bc37a22544a908e4ad950309c" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 607ri7N3jl8er2cnsULRlZFLHNgFtxhbJCl3KF2fxPl3FclbCrLthQ==
GET H2	200	22.6b9a301a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	32 KB 11 KB	39ms 36ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 07 Aug 2023 18:32:33 GMT x-amz-version-id Iq6q_gvY8pNzoTs.Gj7cRHHiJM4JZUUq content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4221293 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Fri, 28 Jul 2023 18:55:10 GMT server istio-envoy etag W/"d8739a9fe9a3a42936f5cd86c8727494" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9W7GIi9ZDBviNMQjmsu-cyjvFwKuOltFT7BPw9-Qz-H4cCPsl1bSUA==
GET H2	200	19.6f85b843.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	17 KB 6 KB	40ms 36ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:10 GMT x-amz-version-id WENkdivzhJuLviZwdQRIJi.Zsf7DJcNd content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 16 last-modified Wed, 13 Sep 2023 15:34:32 GMT server istio-envoy etag W/"e28ebc3391b56e8f01ea063dc089e9d3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id lFD_k-EArlgYRhIvEHojmg7KMRouBEjEy-Fod8bizaVXZCoF4RA_kA==
GET H2	200	41.b4fc4de2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	25 KB 8 KB	41ms 37ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:14:59 GMT x-amz-version-id CUeergHEsZ9mA_SP3mVSkjHH7LP6B3vh content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1302747 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"a2ace4f65aa7b34dedb884f6cfe9df8d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 2HpUaWsu2Cz5W7t5JlqbPf9MKU9PhP6g5MMT_Ejf4jt5vPI2Ox4Ifw==
GET H2	200	20.8c21ea18.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	74 KB 23 KB	43ms 40ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 23 Jul 2023 08:01:55 GMT x-amz-version-id yRHab8n8pSoFgQ4q92BOxh1RnhH9U7cp content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5555131 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Fri, 21 Jul 2023 20:53:08 GMT server istio-envoy etag W/"6d77a76055d81227033363af2f18caf8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id MSmM6OexRlYSwbkCHChpW9U-jUFqhfuTyMe9yUlifkGBta2sYCFzBw==
GET H2	200	26.04e7f30b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	66 KB 20 KB	47ms 44ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id 8vB3nYzz0g8HFvSygnzY.wx2lamufRa8 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"49ce5445ddcf5d24ef3badc4eb1a11dd" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id NGH0kL4TkaUV1zf0FixXenQuYgymy0hTwc-zMixIhOA3wS1DDWIREg==
GET H2	200	14.e24a6190.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	91 KB 28 KB	51ms 47ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:14:59 GMT x-amz-version-id ZOsF1RBdj8IMqVnevwSESbz9ZWX0tRFm content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1302747 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"16d7ae86e21434a32157d3226ac9bb77" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id o6BjQL3PVLa2JB6S5lvvdoop2Cp_3F1gmgYuqPsOXVlOJfU_r6YRgg==
GET H2	200	11.639238ba.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	23 KB 7 KB	54ms 51ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.639238ba.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 25 Jul 2023 07:54:21 GMT x-amz-version-id vK98ZZRXwRjP1ZmcSigA8HyQVGuO96ks content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5382785 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Fri, 21 Jul 2023 20:53:07 GMT server istio-envoy etag W/"4049f38c00add1738dc4806148ff8829" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id NhT5oyqfkG4cLo09EjVeSSc1rTHaGB5AIUnI8tqSOkrp0qnAJ0593A==
GET H2	200	18.9c1bd1fb.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	62 KB 20 KB	57ms 54ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:10 GMT x-amz-version-id 5eC91NN65xzDIiJ1YZ3hHU2.Wdeb2PeE content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 35 last-modified Wed, 13 Sep 2023 15:34:31 GMT server istio-envoy etag W/"02f09379c544befa413d22eb57ed41de" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id AifcmT2HdRDdAB5yjV_f0fCmM9DOth8GgfMdoFAx2qX2QBZQk4FIig==
GET H2	200	49.f7274268.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	105 KB 34 KB	60ms 57ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/49.f7274268.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id AM0hgbOTPnD2Z3I_CxvserRWPDVENWtq content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 34 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"e268d36b98f0119a2bb1a15f69fd4ffe" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Lz7ZkaL6fIpu8fWLVD-kbmzZ-uhuZlAbnDHqBQ7RL-EQBm9HCUiSAQ==
GET H2	200	40.31ef8dbf.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	12 KB 4 KB	63ms 61ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:44:55 GMT x-amz-version-id oLks30VC7mucTd1YEdsltbefYUqYsOI0 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4735351 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Fri, 28 Jul 2023 18:55:11 GMT server istio-envoy etag W/"b0793fa46e8c0ae1846b7be8a833da35" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id CWFT775SPfZHhv8wWvtYORkAkP_tITCL_6kvqsGke3gxAvUDMtYOeA==
GET H2	200	29.31d09948.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	13 KB 6 KB	64ms 61ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/29.31d09948.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id cDEtyB9dXmhkuU2pl5EGfQct.heLuf0a content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"455157cb49065fb85fed54901ddaeb0e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id IVP6H9Pb4qF7vJRQV3z20U3xhp7QSQjOLM0yiTikuSRh387lDPdjUA==
GET H2	200	21.b8c41db9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	17 KB 7 KB	64ms 62ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 25 Jul 2023 07:54:21 GMT x-amz-version-id 4qTep96ynZO1cvUJBb6PeApp6csBpuDy content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5382785 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 last-modified Fri, 21 Jul 2023 20:53:08 GMT server istio-envoy etag W/"65e5c965272e021ae33ff8bc39565ef5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id x77zjXLPqsT__PPNKKwvpQJOO-jHESmLO0xQVDnWIUfabtVI0R1yCw==
GET H2	200	8.7602338c.chunk.css js.driftt.com/core/assets/css/ Frame 50E4	31 KB 4 KB	65ms 63ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/8.7602338c.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id A9qXpvK9WwjoE_QgAVaZhHpygDuxzff5 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 49 last-modified Thu, 07 Sep 2023 15:58:10 GMT server istio-envoy etag W/"76d0343f1f9f445c80d5c68c2a35b6e0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id H760Njxs_5MTYw645MPjwjTBRCEFbooWkLs9SXVdIILEFCWLKTJ7Og==
GET H2	200	8.eba5dae8.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	81 KB 26 KB	66ms 65ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.eba5dae8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash c871f116084716e74638906e8f72d572ad0b429fe4ffd1e6524698f8863e6eed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:10 GMT x-amz-version-id epYajm4e6CLrJKs_iFWBATmWnS3J9YHR content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 96 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"e5667c6d6613c671dc878d325651ed30" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id JoX6kRDdk-gn95-Tpe0wjrRtOI3Nf0VmNNaTyWASxY6p6qz2tpOyDA==
GET H2	200	16.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 50E4	24 B 698 B	65ms 63ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:44:54 GMT x-amz-version-id MG8zaRoUrZeTkSnK8fTXkM4CV5El6i5d via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop IAD12-P4 age 4735352 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 content-length 24 last-modified Fri, 28 Jul 2023 18:55:08 GMT server istio-envoy etag "0c5dad92482d9a7c7c253510f5082465" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id GzWa_kfMzp1bsOQJ41Of1_ZHgL7tSXKSsuGpmiFx2CXCPrw7ZDRBxw==
GET H2	200	16.8bd9e5a9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	91 KB 23 KB	67ms 66ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 18:43:58 GMT x-amz-version-id azqNPLux9x3kaxdkm_PHC1qHPG7C0Rvt content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1715008 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 98 last-modified Mon, 04 Sep 2023 22:46:00 GMT server istio-envoy etag W/"ef144ff505a111b4fe4731aaba1cffed" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id b8rsmtvga_4exTvdWt8ZJT_h3Fyr9cdxg5F6zaBdvqXKp61M37gJbA==
GET H2	200	24.b8195d6f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	50 KB 14 KB	68ms 67ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.b8195d6f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 13e6d3edf54c6c00bfa34948557a2988bd13c12dfa05426e2f96841e05859f61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:15:27 GMT x-amz-version-id VrlnP2ljCYKV4aqktyeLhDSqfEtxPA8K content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 499919 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 66 last-modified Fri, 15 Sep 2023 20:51:06 GMT server istio-envoy etag W/"28a73cfbb87b842bc4035605050cf485" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9ieA56zJIv6PV7ekdPpDQf-egAw3L7OXzw_9XZ-sICuCUD3tt0bHXw==
GET H2	200	17.10f4dc86.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	40 KB 13 KB	69ms 68ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.10f4dc86.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e51a2be6b9ef83a35f3c668ee14a711245586dd5d64abec9609d71586063b5a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:15:27 GMT x-amz-version-id wYenZXx3wWk5yohfiJf5T8DgKkEzKw25 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 499919 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 32 last-modified Fri, 15 Sep 2023 20:51:06 GMT server istio-envoy etag W/"73b73361bca65f89bc335da0149e0de6" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 4jUhO7z0ZH0f73rpHPlcFnI7g1QFL4li6jbn83PloAClULvGOy6NEw==
GET H2	200	51.558be3c5.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	23 KB 8 KB	68ms 67ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash b0af909b7ae6ad2644bfe2a60d939092aaf113b2cbc4ed2981a892869143b98a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 23 Jul 2023 08:01:55 GMT x-amz-version-id FJkK9YMx2OWsNKBc6KbuqpS2wZqwn2Ni content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5555131 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 16 last-modified Fri, 21 Jul 2023 20:53:09 GMT server istio-envoy etag W/"fa281fcbe4b2e35558d60fae3e316367" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 55DU7UYid9hx1Ibb9k_A5I4_V-5pUHkQ_udjHU37nDV8kw6rm7O0IQ==
GET H2	200	35.d0f1ccda.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	36 KB 10 KB	68ms 67ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/35.d0f1ccda.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e0c6f8695589df90e63442fee1c9cf14e60dfc4fd8ce7296515b1d6db41e1d3d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 07:40:27 GMT x-amz-version-id K1zPvVrEzo3SK2xmkNUYjBRjm43Mu3Rp content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1322819 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 29 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"46fa5a7bc37a22544a908e4ad950309c" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id AaJmtSO5WeugoT0a-pCo7-Nj3O9e4w1fz59b3VeUuUi8gjtgBExgRQ==
GET H2	200	22.6b9a301a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	32 KB 11 KB	69ms 68ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/22.6b9a301a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 8f0f8792237470ee661c6afc32ca68200dd74bcc0d544d0fd54c7777af362eae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 07 Aug 2023 18:32:33 GMT x-amz-version-id Iq6q_gvY8pNzoTs.Gj7cRHHiJM4JZUUq content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4221293 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Fri, 28 Jul 2023 18:55:10 GMT server istio-envoy etag W/"d8739a9fe9a3a42936f5cd86c8727494" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id xTXVQaz2xXdtk_W_f_DBYAfIYdALx3FYLfgqELrJwyThdVPJbXPPEw==
GET H2	200	19.6f85b843.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	17 KB 6 KB	70ms 68ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/19.6f85b843.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash afbd41e7209fa3aef6f53c7a5713aa542a7be54c432fec2d690e0dfaccd528d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:10 GMT x-amz-version-id WENkdivzhJuLviZwdQRIJi.Zsf7DJcNd content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 16 last-modified Wed, 13 Sep 2023 15:34:32 GMT server istio-envoy etag W/"e28ebc3391b56e8f01ea063dc089e9d3" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id s9gVCXWQpN6kC1TeKKsBW0ekBFgFuqb6OECPgnZGMuUWBtDJ71MRPg==
GET H2	200	41.b4fc4de2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	25 KB 8 KB	71ms 69ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/41.b4fc4de2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash edf1011ad272d21b66ae82a21a9d029186dc81c9f13972203fc3107f75835d4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:14:59 GMT x-amz-version-id CUeergHEsZ9mA_SP3mVSkjHH7LP6B3vh content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1302747 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"a2ace4f65aa7b34dedb884f6cfe9df8d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 2HhVLju_nSzFm1256YdFD711Wg0h7-qy1dvhUGNhB5P8TdFgVDtqgQ==
GET H2	200	20.8c21ea18.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	74 KB 23 KB	71ms 68ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 23 Jul 2023 08:01:55 GMT x-amz-version-id yRHab8n8pSoFgQ4q92BOxh1RnhH9U7cp content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5555131 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Fri, 21 Jul 2023 20:53:08 GMT server istio-envoy etag W/"6d77a76055d81227033363af2f18caf8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 19Lw4s8bK9RYm8NCwCZv_wjYcC6CeEgc0i0oy5Xi9WdKHRye6cuKuA==
GET H2	200	26.04e7f30b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	66 KB 20 KB	72ms 68ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/26.04e7f30b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash d70fa5dc6c8bfe9d7824be31e669528533d0879a2b1600a7df68b880f4d44296 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id 8vB3nYzz0g8HFvSygnzY.wx2lamufRa8 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 20 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"49ce5445ddcf5d24ef3badc4eb1a11dd" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id UT5CJX-30eyC_7Rrg27IQlREfUuYvGkAyMmpnWDanPythDqjXyv-fg==
GET H2	200	14.e24a6190.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	91 KB 28 KB	73ms 70ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/14.e24a6190.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 6c9c6406c9bd9814cf84974221433003377b67f071ec5411fddbcba4ec109bca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:14:59 GMT x-amz-version-id ZOsF1RBdj8IMqVnevwSESbz9ZWX0tRFm content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1302747 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"16d7ae86e21434a32157d3226ac9bb77" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id F7IfNhy7UjcxETkadR5RycIWPSBxWiPej52PI1rrVoJjMMgePLj7gw==
GET H2	200	11.639238ba.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	23 KB 7 KB	74ms 71ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/11.639238ba.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 25 Jul 2023 07:54:21 GMT x-amz-version-id vK98ZZRXwRjP1ZmcSigA8HyQVGuO96ks content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5382785 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Fri, 21 Jul 2023 20:53:07 GMT server istio-envoy etag W/"4049f38c00add1738dc4806148ff8829" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id _Gl-rG46WnGB-AHbzM90rpdth_oykkjHkf6FbZFwyV7KXQSG4kBcSQ==
GET H2	200	18.9c1bd1fb.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	62 KB 20 KB	75ms 72ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/18.9c1bd1fb.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e555f4b34b579e6528d6bbd4819620a634c0759b41dfa99520b7ca5aa5117b11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:10 GMT x-amz-version-id 5eC91NN65xzDIiJ1YZ3hHU2.Wdeb2PeE content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 35 last-modified Wed, 13 Sep 2023 15:34:31 GMT server istio-envoy etag W/"02f09379c544befa413d22eb57ed41de" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 8YiF8pXycHeAnI36cfesAfZY3bmJsEylc7cR-1gjFx9zsieGTXSWuA==
GET H2	200	49.f7274268.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	105 KB 34 KB	75ms 72ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/49.f7274268.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 6861a320271e0fda832800e20d53b858ef409f88d9bc9c1a48953888289d1ea3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id AM0hgbOTPnD2Z3I_CxvserRWPDVENWtq content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 34 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"e268d36b98f0119a2bb1a15f69fd4ffe" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fQDV_9QNxfPLm58fsjXE4yCqmz4T_UC7D4klxWQgakYXqWJn9yHxWA==
GET H2	200	40.31ef8dbf.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	12 KB 4 KB	76ms 73ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/40.31ef8dbf.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash bba54915db71fc417be4d5852ec7d138d7c3fa90356ddee98b5267a7db7e6b5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:44:55 GMT x-amz-version-id oLks30VC7mucTd1YEdsltbefYUqYsOI0 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4735351 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 19 last-modified Fri, 28 Jul 2023 18:55:11 GMT server istio-envoy etag W/"b0793fa46e8c0ae1846b7be8a833da35" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id GhuZLL40g4Cc0XHqPkXZpFE6C5aR8e4reSvaeOiqFZd4DFIdkPPzTA==
GET H2	200	29.31d09948.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	13 KB 6 KB	77ms 74ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/29.31d09948.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 7641f066c35d0ca15d4897bfe49d640ed4c143ff8f04030c2020cbb2acfa7b0b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id cDEtyB9dXmhkuU2pl5EGfQct.heLuf0a content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 21 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"455157cb49065fb85fed54901ddaeb0e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QDha4tGoYM8xfhJ0UQcmv5VZCcE_CNdV1leI6AOHB9ACtHv_MGNMSg==
GET H2	200	21.b8c41db9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	17 KB 7 KB	78ms 76ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 25 Jul 2023 07:54:21 GMT x-amz-version-id 4qTep96ynZO1cvUJBb6PeApp6csBpuDy content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5382785 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 last-modified Fri, 21 Jul 2023 20:53:08 GMT server istio-envoy etag W/"65e5c965272e021ae33ff8bc39565ef5" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9X9AeVnKsn5BJOrkqQnerdz09LyeKTF0iYxC2gI4TdrjN4EzkYpHvQ==
GET H2	200	8.7602338c.chunk.css js.driftt.com/core/assets/css/ Frame 4D70	31 KB 4 KB	77ms 75ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/8.7602338c.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 310de82ec6ba5948814ab8ec2369aa1d437e84e26ac56967fc79897acaa99a95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:09:39 GMT x-amz-version-id A9qXpvK9WwjoE_QgAVaZhHpygDuxzff5 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1223867 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 49 last-modified Thu, 07 Sep 2023 15:58:10 GMT server istio-envoy etag W/"76d0343f1f9f445c80d5c68c2a35b6e0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id mpME47qZkgWvzLB1TajLhrCwNqGIu2eVjZI3ZbFs_MtG06An3-Vu5A==
GET H2	200	8.eba5dae8.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	81 KB 26 KB	79ms 76ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/8.eba5dae8.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash c871f116084716e74638906e8f72d572ad0b429fe4ffd1e6524698f8863e6eed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:10 GMT x-amz-version-id epYajm4e6CLrJKs_iFWBATmWnS3J9YHR content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 96 last-modified Thu, 07 Sep 2023 15:58:13 GMT server istio-envoy etag W/"e5667c6d6613c671dc878d325651ed30" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id mb2ghZUsV9XFaGP-gi1B0NH58ZWtkRa6GKfUbhdgmH4y07mF7iIhTQ==
GET H2	200	16.22abfce0.chunk.css js.driftt.com/core/assets/css/ Frame 4D70	24 B 696 B	77ms 75ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/16.22abfce0.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:44:54 GMT x-amz-version-id MG8zaRoUrZeTkSnK8fTXkM4CV5El6i5d via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop IAD12-P4 age 4735352 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 content-length 24 last-modified Fri, 28 Jul 2023 18:55:08 GMT server istio-envoy etag "0c5dad92482d9a7c7c253510f5082465" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id i7C8Xejbd43ml-cuOJL5-eYrITHz2-YPebfb3voRfi2qjVNgaaVauQ==
GET H2	200	16.8bd9e5a9.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	91 KB 23 KB	79ms 78ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/16.8bd9e5a9.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 8879c5372c9cdd8a63f0482260b11c03651fb6bf5a216ab4478fdb30394ee24a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 18:43:58 GMT x-amz-version-id azqNPLux9x3kaxdkm_PHC1qHPG7C0Rvt content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1715008 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 98 last-modified Mon, 04 Sep 2023 22:46:00 GMT server istio-envoy etag W/"ef144ff505a111b4fe4731aaba1cffed" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id xBFxM90ODOkjlGuO6fkBKqCxp0CTyK7l8xLlW6IWpt52gAPMMl3Haw==
GET H2	200	24.b8195d6f.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	50 KB 14 KB	80ms 78ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/24.b8195d6f.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 13e6d3edf54c6c00bfa34948557a2988bd13c12dfa05426e2f96841e05859f61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:15:27 GMT x-amz-version-id VrlnP2ljCYKV4aqktyeLhDSqfEtxPA8K content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 499919 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 66 last-modified Fri, 15 Sep 2023 20:51:06 GMT server istio-envoy etag W/"28a73cfbb87b842bc4035605050cf485" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id bIQ1f2LMI-aTkyeNYuntqt7uyjF_asLcc6yO5CmaXMgH_qUFFFPA8g==
GET H2	200	17.10f4dc86.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	40 KB 13 KB	81ms 80ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/17.10f4dc86.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e51a2be6b9ef83a35f3c668ee14a711245586dd5d64abec9609d71586063b5a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 19 Sep 2023 20:15:27 GMT x-amz-version-id wYenZXx3wWk5yohfiJf5T8DgKkEzKw25 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 499919 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 32 last-modified Fri, 15 Sep 2023 20:51:06 GMT server istio-envoy etag W/"73b73361bca65f89bc335da0149e0de6" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fw9klvooBOeakx0WPKA1BeJEsNoWKuwH6HbSai5Afk_NTjkgc7-kVA==
GET H/1.1	200 OK	st Show response px.mountain.com/	3 KB 2 KB	368ms 91ms	Script application/javascript	34.210.219.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://px.mountain.com/st?ga_tracking_id=UA-6177009-1%3BG-10SPJ4YJL9&ga_client_id=1300014578.1695654446&shpt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-6177009-1%3BG-10SPJ4YJL9%22%2C%22ga_client_id%22%3A%221300014578.1695654446%22%2C%22shpt%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%2C%22dcm_cid%22%3A%221300014578.1695654446%22%2C%22dcm_gid%22%3A%221924790707.1695654446%22%2C%22ga_utm_source%22%3A%22promo%22%2C%22ga_utm_medium%22%3A%22sdr%22%2C%22mntnis%22%3A%2234ZbKLEOLnsXJIwAenhEWa4VdsVHxqWv%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1300014578.1695654446&dcm_gid=1924790707.1695654446&available_ga=%5B%7B%22id%22%3A%22UA-6177009-1%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221695654445%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cb=17625584547961748term%3Dvalue&shadditional=adroll%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Clanguage%3Den&shoid=%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends Requested by Host: dx.mountain.com URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32329&tdr=&plh=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cb=17625584547961748term=value Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-219-79.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash 8f3200506f60f2f702f291322bae0be124a5459117744e8a87bdb1a5d1abf572 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type application/javascript;charset=utf-8 access-control-allow-origin * p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" x-envoy-upstream-service-time 1 connection close
GET H/1.1	200 OK	XYPZFM5QENHXRH7RBBI5PW.js Show response s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/ Redirect Chain https://d.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebi... https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js	6 KB 3 KB	36ms 36ms	Script text/javascript	3.162.103.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js Protocol HTTP/1.1 Server 3.162.103.36 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-103-36.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash d8f74aa1a6511c753bfbeace923818198461752e585d71de63a219df6295d883 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers X-Amz-Version-Id JUVkbAiM63Mv3m1uZdm1rO8CvH8bBBeq Content-Encoding gzip Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Date Mon, 25 Sep 2023 14:39:42 GMT Age 1702 X-Amz-Cf-Pop IAD61-P1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 12 Jul 2023 12:44:53 GMT Server AmazonS3 Etag W/"dd059e74d8f29eb0c92022985439f660" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id 51HCL61ubbonwlI2-n3rdUNUlv-5aW3DAODyHyu3q20nAdi69TA4TQ== Redirect headers date Mon, 25 Sep 2023 15:07:26 GMT x-segment-display-name Visitors to Unsegmented Pages p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type p content-length 0 pragma no-cache x-conversion-value 0.00 server nginx/1.22.1 x-rule * x-segment-eid XYPZFM5QENHXRH7RBBI5PW location https://s.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY/XYPZFM5QENHXRH7RBBI5PW.js cache-control no-store, no-cache, must-revalidate x-pixel-eid 22OEOVE2YNFA3EKSRERISY x-segment-name * x-advertisable-eid ULSJHTPGTZGY3EPPZSKHKS x-conversion-currency
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	9 KB 3 KB	34ms 33ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 12 Jul 2023 15:57:37 GMT x-amz-version-id v8CRq8SwJ.1n63gpnvh.yndOCUADbcdz content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 6476989 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Wed, 12 Jul 2023 14:36:15 GMT server istio-envoy etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id LAB3ROcoBSdGDJQ-Lz6Fkff4xoDa1B6qWT5nCwWxNJ_Cd4HG_QHS4w==
GET H2	200	27.01c2bea5.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	35 KB 10 KB	34ms 34ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/27.01c2bea5.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash b13c9311dec3f49821d88065299e95cc1c4e6c26acc4b27b4ebdb380d40d8788 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 07:40:28 GMT x-amz-version-id ej4wtiH0EldocPtHE6_C7xacIOcrGAQE content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1322818 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 28 last-modified Thu, 07 Sep 2023 15:58:12 GMT server istio-envoy etag W/"04a233a42dcf8c50a83bfecea8ba552d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 2bLThNqXyAvvJZC95Q2WPHcoOmbwc_wtDIauCBI0ddRC4D5MDcL6gw==
GET H2	200	28.b5e8f5e1.chunk.css js.driftt.com/core/assets/css/ Frame 50E4	8 KB 2 KB	35ms 34ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/28.b5e8f5e1.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 7849ba1748f8188749df28e9d59ca4e570a8495684353d8df4715fa70a81e787 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:11 GMT x-amz-version-id X.13DFJrGXxQgaaED9fWMfvYYMgNgXm2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020795 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 44 last-modified Wed, 13 Sep 2023 15:34:30 GMT server istio-envoy etag W/"e7107bc29ccb3c6d928f0f8f10a0f22d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ubYcud_pV0I_qL4GaBoKfkWYEnu5Wu77hY0Xy33q98ehLHCbfdv0YQ==
GET H2	200	28.bdd92ff2.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	14 KB 6 KB	36ms 35ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/28.bdd92ff2.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 6eabf982ec86c7a2d08d260cdd257c9d1f1d9b589cb52a812be0dc5c7cf1af9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 21 Aug 2023 06:34:28 GMT x-amz-version-id FcY7nxxd_dKlolNuPDctjlqA34T6ZSVK content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 3054778 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 34 last-modified Fri, 18 Aug 2023 19:22:22 GMT server istio-envoy etag W/"260fbabe310bd2cae5c44538f3d833ad" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id tHzfhuJIREFqoAEbP-JOXAXCIiaBbVNen5sUbT8gTskvUfzl0Z5Kew==
GET H2	200	25.c695453b.chunk.css js.driftt.com/core/assets/css/ Frame 50E4	365 B 1 KB	35ms 34ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/25.c695453b.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:11 GMT x-amz-version-id VIu_naPybf7h2IW_V5PI5UsHpZdqVgOy via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop IAD12-P4 age 1020795 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 31 content-length 365 last-modified Wed, 13 Sep 2023 15:34:29 GMT server istio-envoy etag "06b2963b029c0824382815165bfea73e" access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id XtUA0thFRLNGvPkjxdslPKIkZUQcuv4YalEbW01-DAgtSc_6l-9M5A==
GET H2	200	25.a9a52994.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	91 KB 25 KB	36ms 36ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/25.a9a52994.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash d21b490fa72e9cd90e09db07c73ef43c0d65bf38de6a41dfd1c53338f71549a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 08:39:28 GMT x-amz-version-id zySyZeKcfv56V7QY3h4rYof1C..GNMUN content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1751278 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 51 last-modified Mon, 04 Sep 2023 22:46:01 GMT server istio-envoy etag W/"34109a0bf2906f78b21b4a9f5fa4ab8c" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id XqAD_ZXw-qIYZpNW33utEpACvxYL4uYrA-KPXuK_kHYvYgGjxQXZag==
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	51ms 50ms	Image image/gif	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=9e5836b6-14da-4e59-8ab0-5e863c1a491d&session=466e2ad2-be57-468d-8ab3-31889080a751&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22ab9750bca4342498694e239e304dd3a9%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%221dc729230d6b8d19bab5e6236d81f60c4dca0823%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%226934ae2b-4c76-4229-97d0-8f637b004b88%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&pageViewId=9a401842-e67b-4926-8309-5db2799838a6&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H/1.1	200 OK	universal_pixel.1.1.0.js Show response js.adsrvr.org/ Frame 73B3	488 B 1003 B	33ms 33ms	Script application/x-javascript	18.67.60.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/universal_pixel.1.1.0.js Requested by Host: match.adsrvr.org URL: https://match.adsrvr.org/track/upb/?adv=5gm3a7p&ref=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&upid=27hmsyx&upv=1.1.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.67.60.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-60-119.iad89.r.cloudfront.net Software AmazonS3 / Resource Hash 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2 Request headers accept-language en-CA,en;q=0.9 Referer https://match.adsrvr.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 03:14:56 GMT Via 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront) Last-Modified Tue, 01 Aug 2023 20:10:40 GMT Server AmazonS3 X-Amz-Cf-Pop IAD89-P1 Age 42751 ETag "2775054c068b37509e0798448f7fd32c" x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 488 X-Amz-Cf-Id C-QDU6X5kMoaH7aobul7lMQ_kazEVRKBls1CyEzl8OnLZKQEMFE5aQ==
GET H2	200	details Show response epsilon.6sense.com/v3/company/	750 B 582 B	115ms 43ms	XHR application/json	44.196.32.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.32.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-32-149.compute-1.amazonaws.com Software nginx / Resource Hash 041b8fa27f6c83b310171682b22b6f4ef626504a815a528eed1b6204fe38c277 Request headers Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 Authorization Token 1dc729230d6b8d19bab5e6236d81f60c4dca0823 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 X-6s-CustomID WebTag 6934ae2b-4c76-4229-97d0-8f637b004b88 Response headers date Mon, 25 Sep 2023 15:07:26 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json access-control-allow-origin https://info.zscaler.com access-control-allow-credentials true content-length 397
OPTIONS H2	200	details epsilon.6sense.com/v3/company/ Frame	0 0	124ms 37ms	Preflight	44.196.32.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://epsilon.6sense.com/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.32.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-32-149.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-6s-customid Access-Control-Request-Method GET Origin https://info.zscaler.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,x-6s-customid access-control-allow-methods OPTIONS,GET access-control-allow-origin https://info.zscaler.com access-control-max-age 1800 date Mon, 25 Sep 2023 15:07:26 GMT server nginx
GET H2	200	37.11d2b6a7.chunk.css js.driftt.com/core/assets/css/ Frame 4D70	3 KB 1 KB	35ms 34ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/37.11d2b6a7.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Sun, 10 Sep 2023 13:14:59 GMT x-amz-version-id Ir6U0cA9tTpWdLrx7HYFzWqAHSIHOmGA content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1302747 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 39 last-modified Thu, 07 Sep 2023 15:58:10 GMT server istio-envoy etag W/"87532c4db85f1429fa6d759bc3332f36" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id Jel9dQ_LzPM8EXrzUal21anR_gh6wYq2vnzInyhk4t_P1Us1zkha5g==
GET H2	200	37.298cbb69.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	3 KB 2 KB	35ms 35ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/37.298cbb69.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash c640d911a58cc3ef31b1a3c2090fa753c948902033b9917ab5daef4fbb33b5d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 21 Aug 2023 06:34:27 GMT x-amz-version-id JzP5EHa1AgOQDQQqP6XtnDRIZFkYBhy2 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 3054779 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 37 last-modified Fri, 18 Aug 2023 19:22:22 GMT server istio-envoy etag W/"86b289eeb2bf9d30034f30d9794e8041" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id KBUsqbf--ZDHb2ibC7Jkw1G9atV072SCWMdEcVbEz7-4KG3yQBpSEQ==
GET H2	200	rubicon Show response match.adsrvr.org/track/cmf/ Frame 9B9B Redirect Chain https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon https://match.adsrvr.org/track/cmf/rubicon?gdpr=0	70 B 470 B	40ms 39ms	Document image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-length 70 content-type image/gif date Mon, 25 Sep 2023 15:07:26 GMT server Kestrel Redirect headers Cache-Control no-cache,no-store,must-revalidate Content-Type text/html Expires 0 Location https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Pragma no-cache X-RPHost 574abe46412f7df61ec8713ff1a5b646 content-length 0
GET H2	200	appnexus Show response match.adsrvr.org/track/cmf/ Frame 5387 Redirect Chain https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dee0e08e9-fb73-47a0-8862-2e9360d2fa9e https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7935351974986845344&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e	70 B 470 B	38ms 37ms	Document image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7935351974986845344&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-length 70 content-type image/gif date Mon, 25 Sep 2023 15:07:26 GMT server Kestrel Redirect headers accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true access-control-allow-origin * an-x-request-uuid 5cf9ae5c-cf8b-4e72-b58e-d1d0a8c10ac6 cache-control no-store, no-cache, private content-length 0 content-type text/html; charset=utf-8 date Mon, 25 Sep 2023 15:07:26 GMT expires Sat, 15 Nov 2008 16:00:00 GMT location https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=7935351974986845344&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" pragma no-cache server nginx/1.21.3 x-proxy-origin 86.48.15.168; 86.48.15.168; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com x-xss-protection 0
GET H2	200	google Show response match.adsrvr.org/track/cmf/ Frame 1331 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZWUwZTA4ZTktZmI3My00N2EwLTg4NjItMmU5MzYwZDJmYTll&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e936... https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&google_gid=CAESEBu1MpKsh6GyknojEMe78_g&google_cver=1	70 B 470 B	38ms 38ms	Document image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&google_gid=CAESEBu1MpKsh6GyknojEMe78_g&google_cver=1 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers content-length 70 content-type image/gif date Mon, 25 Sep 2023 15:07:26 GMT server Kestrel Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 386 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 25 Sep 2023 15:07:26 GMT expires Fri, 01 Jan 1990 00:00:00 GMT location https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&google_gid=CAESEBu1MpKsh6GyknojEMe78_g&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server HTTP server (unknown) x-xss-protection 0
GET H/1.1	200 OK	sendrolling.js Show response s.adroll.com/j/	8 KB 3 KB	35ms 35ms	Script text/javascript	3.162.103.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/sendrolling.js Requested by Host: d.adroll.com URL: https://d.adroll.com/pixel/ULSJHTPGTZGY3EPPZSKHKS/22OEOVE2YNFA3EKSRERISY?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&cookie=&adroll_s_ref=&keyw=&p0=1264 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.162.103.36 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-103-36.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers X-Amz-Version-Id kaomAQKNRR_7Pb.3Bms_Xue6LaAItEu. Content-Encoding gzip Via 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront) Date Mon, 25 Sep 2023 15:03:58 GMT Age 209 X-Amz-Cf-Pop IAD61-P1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 21 Jun 2023 16:22:01 GMT Server AmazonS3 Etag W/"4a64112c69b3c4b3f104f38d9547a094" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=300, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id 4tNX7emJrPkoBC-ODVlQFKMso2pGxGJKOLodXXBRfEhimBbvDSFrbg==
GET H3	200	476377582537549 Show response connect.facebook.net/signals/config/	136 KB 35 KB	86ms 85ms	Script application/x-javascript	31.13.66.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/476377582537549?v=2.9.128&r=stable&domain=info.zscaler.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.19 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-iad3.fbcdn.net Software / Resource Hash 94d87c89673c845276ea7eb60e78ee407a331d754580e63fa230d4f50a8b7318 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 25 Sep 2023 15:07:26 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug tHaBq04jYXmgSMbh4w5qARTm7x7YPFLhODVzVCnFQWlSfGUFVgNn7ktHaYpCfA/ehU7F5/7HIjBQDq510xRnCg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://x.bidswitch.net/sync?dsp_id=44&user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU	43 B 510 B	48ms 48ms	Image image/gif	35.211.178.172 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU Protocol HTTP/1.1 Server 35.211.178.172 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 172.178.211.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 15:07:26 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU Date Mon, 25 Sep 2023 15:07:26 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=otSl8ATZXGYnkgkWZIe4dQ https://d.adroll.com/cm/g/in	42 B 554 B	35ms 34ms	Image image/gif	54.87.66.5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Protocol H2 Server 54.87.66.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-87-66-5.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT server nginx/1.22.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-store, no-cache, must-revalidate content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://d.adroll.com/cm/g/in p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-aga... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expiration=1727190446 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expiration=1727190446&C=1	43 B 339 B	45ms 44ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expiration=1727190446&C=1 Protocol H2 Server 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvtGcJRyV29gEG7HbfABlbNsKeTWvSdLYd8%2FchcWQYszxPcLbOhSRgu%2BKx0NM247wFqmDSRJYFk5n3EO%2BySEktmNZG4BOg013RWzKAbov8R%2FaOHwIRfC0ioyYPE0RVklWRAyM2EC3jdYDQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 80c42d4508bda238-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdYd3kgKZrc1mVoQjjZ74We9Zh6mFp5IaNjUzR9h74t66LkECQpNWQdf%2FmXCuuERvjjyuVnETP%2BekbgXt0Ycf0BZjibtUjTDdcxqZFy4iKXuyMkZQH3eMYKMOqGuEyQbKXhlnxsP7mlc1w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=105&external_user_id=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expiration=1727190446&C=1 cache-control no-cache cf-ray 80c42d44b859a238-YYZ alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	458249.gif idsync.rlcdn.com/ Redirect Chain https://d.adroll.com/cm/l/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://idsync.rlcdn.com/377928.gif?partner_uid=a2d4a5f004d95c66279209166487b875 https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzUQABoNCK_ExqgGEgUI6AcQAEIASgA https://pippio.com/api/sync?pid=5324&it=1&iv=fb84fca323a3abd7d0c29338db335c0110adc4cdce1faf141b94845168c73184791426b5417dce21&_=2 https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmYjg0ZmNhMzIzYTNhYmQ3ZDBjMjkzMzhkYjMzNWMwMTEwYWRjNGNkY2UxZmFmMTQxYjk0ODQ1MTY4YzczMTg0NzkxNDI2YjU... https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmYjg0ZmNhMzIzYTNhYmQ3ZDBjMjkzMzhkYjMzNWMwMTEwYWRjNGNkY2UxZmFmMTQxYjk0ODQ1MTY4YzczMTg0NzkxNDI2YjU0MTdkY2UyMRAAGgwIr8TGqAYSBAgCEABCAEoA&goog... https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= https://idsync.rlcdn.com/458249.gif?partner_uid=f3172656-31d7-412d-bd73-483d2803673a	42 B 60 B	42ms 42ms	Image image/gif	35.190.60.146 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/458249.gif?partner_uid=f3172656-31d7-412d-bd73-483d2803673a Protocol H3 Server 35.190.60.146 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 146.60.190.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:27 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers location https://idsync.rlcdn.com/458249.gif?partner_uid=f3172656-31d7-412d-bd73-483d2803673a date Mon, 25 Sep 2023 15:07:27 GMT via 1.1 google x-samesite secure alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111 content-type text/html; charset=utf-8
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expires=365	42 B 799 B	133ms 38ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expires=365 Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 8bab65602db075726861004da5629947 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&expires=365 pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 124 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://us-u.openx.net/w/1.0/sd?id=537103138&val=a2d4a5f004d95c66279209166487b875&gdpr=0&gdpr_consent= https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a2d4a5f004d95c66279209166487b875&gdpr=0&gdpr_consent=	43 B 180 B	58ms 57ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a2d4a5f004d95c66279209166487b875&gdpr=0&gdpr_consent= Protocol H2 Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a2d4a5f004d95c66279209166487b875&gdpr=0&gdpr_consent= date Mon, 25 Sep 2023 15:07:26 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-... https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=&us_privacy=1---	0 287 B	154ms 40ms	Image text/plain	70.42.32.159 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=&us_privacy=1--- Protocol HTTP/1.1 Server 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Mon, 25 Sep 2023 15:07:26 GMT Cache-Control no-cache X-TraceId 6b6ef113b43e07fbfc85c924b1e88097 Content-Length 0 Redirect headers location https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=&us_privacy=1--- pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 137 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...	42 B 539 B	570ms 505ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Mon, 25 Sep 2023 08:53:34 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 212 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true	0 121 B	39ms 38ms	Image text/plain	3.225.218.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true Protocol H2 Server 3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-218-10.compute-1.amazonaws.com Software ATS/9.1.10.75 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.75 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true date Mon, 25 Sep 2023 15:07:26 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.75 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	rtb-h sync.taboola.com/sg/adroll-network/1/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-a... https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU	0 365 B	109ms 35ms	Image text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU Protocol H2 Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:26 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 18949 Redirect headers location https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 111 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defen... https://eb2.3lift.com/xuid?mid=4714&xuid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&dongle=c85e https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=	37 B 353 B	41ms 41ms	Image image/gif	52.223.22.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy= Protocol H2 Server 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS afb83dd09526a6517.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-type image/gif date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-cache, no-store, must-revalidate content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /xuid?ld=1&mid=4714&xuid=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU&dongle=c85e&gdpr=0&cmp_cs=&us_privacy= date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	setuid ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=b0d7d7e6bfaf24d34f90aaef07c3f2ba-1695654446580&pv=60842128904.301895&arrfrr=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against... https://ib.adnxs.com/setuid?entity=172&code=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU	43 B 856 B	50ms 50ms	Image image/gif	68.67.160.184 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=172&code=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU Protocol H2 Server 68.67.160.184 , United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT an-x-request-uuid 70e7494f-4d83-4983-8183-99601371a590 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 86.48.15.168; 86.48.15.168; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers location https://ib.adnxs.com/setuid?entity=172&code=YTJkNGE1ZjAwNGQ5NWM2NjI3OTIwOTE2NjQ4N2I4NzU pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 93 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	in d.adroll.com/cm/mk/ULSJHTPGTZGY3EPPZSKHKS/	42 B 517 B	55ms 53ms	Image image/gif	54.87.66.5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/mk/ULSJHTPGTZGY3EPPZSKHKS/in?id=id%3A306-ZEJ-256%26token%3A_mch-zscaler.com-1695654445333-78497 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.87.66.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-87-66-5.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers content-type image/gif pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 42 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H3	200	/ www.google.com/pagead/1p-user-list/812494211/	42 B 64 B	52ms 52ms	Image image/gif	172.253.115.106 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/812494211/?random=1695654446417&cv=11&fst=1695654000000&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=487233167&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f106.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ca/pagead/1p-user-list/812494211/	42 B 64 B	51ms 50ms	Image image/gif	142.250.31.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/812494211/?random=1695654446417&cv=11&fst=1695654000000&bg=ffffff&guid=ON&async=1&gtm=45be39k2&u_w=1600&u_h=1200&url=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&frm=0&tiba=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=487233167&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:26 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	0.0b2ebd4a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	9 KB 3 KB	35ms 33ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 12 Jul 2023 15:57:37 GMT x-amz-version-id v8CRq8SwJ.1n63gpnvh.yndOCUADbcdz content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 6476989 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 17 last-modified Wed, 12 Jul 2023 14:36:15 GMT server istio-envoy etag W/"c5efcdc9e465604f32cf24af10fd6c13" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id D7QOO707cINWBTVtaEVEZ9CCNehQJI6XIj3CuPfa6Byosaf9XCMVgA==
GET H2	200	3.07aa08a5.chunk.css js.driftt.com/core/assets/css/ Frame 4D70	7 KB 2 KB	36ms 34ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Fri, 28 Jul 2023 06:33:10 GMT x-amz-version-id Ov831I2a5yEZEgVNkzjL3jR4iYT4qeoU content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5128456 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 63 last-modified Wed, 26 Jul 2023 13:12:09 GMT server istio-envoy etag W/"189aeffd571884559dababa22c66d75a" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id UzUz6FQqFh2MzXHdkVg7u5wTT50OqLmYDM2iVPmwV_rWvaZAxFuiYw==
GET H2	200	3.f50b964b.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	54 KB 15 KB	38ms 36ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 25 Jul 2023 05:14:35 GMT x-amz-version-id Sdaq6z0Yr.kcc8_RD2rWLZ3gFSJAWGwC content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5392371 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 35 last-modified Fri, 21 Jul 2023 20:53:08 GMT server istio-envoy etag W/"1ac37bf2b93050f29058b66a9ad43e10" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9MMBpyFl052pDOH9h3C_S1EaQxd94jxPUPGYqHy6kvKILuRTGovrLw==
GET H2	200	1.12ba17b6.chunk.css js.driftt.com/core/assets/css/ Frame 4D70	44 KB 7 KB	36ms 35ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/1.12ba17b6.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 58fdb03fac3e89e51525a5a45eb777395d1b499bf4483e96201b6becddbe516f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 20 Jul 2023 19:01:02 GMT x-amz-version-id 19YOPtagzF0I0emgnq_seBKB.3mPQekh content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5774784 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 35 last-modified Thu, 20 Jul 2023 18:22:08 GMT server istio-envoy etag W/"3b8ba82e1bac13ee29e9764a55620d99" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id fo8fn39hA1903dfrlyagkcxjGWzkTIoSl88wizC0ASFxIwLfXnvfwQ==
GET H2	200	1.2aebee2c.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	54 KB 17 KB	38ms 37ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/1.2aebee2c.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 60409946ec37f5d25bf3516bd3fbc347358e60feaf168a3d578b323cb750860b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:11 GMT x-amz-version-id HS3xUO5hl.xSKZnEaiWvjWsz2Syo1x4c content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020795 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 31 last-modified Thu, 07 Sep 2023 15:58:11 GMT server istio-envoy etag W/"8dec138e62d799d028f8c7ed0cc19058" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 4-cJ2rhCWyTrS1SlaMiYtPQHUFSjOegOmMPfB83vXLPs5GzGJ-uztw==
GET H2	200	4.9d776499.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	23 KB 10 KB	39ms 38ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/4.9d776499.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 622373f59cdda9ea36f307c5f7bef0cfd8e140018c995b6394468a26ef499dec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:44:55 GMT x-amz-version-id fiMx4UIkfVk77__EbNZTeEpbb3IBbbkv content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4735351 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 33 last-modified Fri, 28 Jul 2023 18:55:11 GMT server istio-envoy etag W/"cc02ad980b6b04f3bba61e68883356d4" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id CepVSd9OdpKxUxIaAVsGIJggCsLoQZPXlAdMyozkVqUjzBYJESN6jQ==
GET H2	200	34.0504aac4.chunk.css js.driftt.com/core/assets/css/ Frame 4D70	16 KB 3 KB	36ms 35ms	Stylesheet text/css	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/css/34.0504aac4.chunk.css Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 2b74bc303570faa3cd261b240078960cd0c28f811ae71cb72352809a42d20f6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 25 Jul 2023 07:54:21 GMT x-amz-version-id q2speui9tJuSqazhqyXXmusrZlo.6X8E content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 5382785 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 43 last-modified Fri, 21 Jul 2023 20:53:06 GMT server istio-envoy etag W/"95b017fb41a8751bd7175f8a73f035f8" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id R37Nlm5bwQVcwuWEdKwR7UsCrxCGsoVFcGaWB7BGYC19VdWrxFN28w==
GET H2	200	34.565cc93a.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	13 KB 5 KB	39ms 38ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/34.565cc93a.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 08b15334412c5f3ad02391af96b4068d23b85e63c63fa8d78ee9bb7e78ce752d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 05 Sep 2023 18:50:08 GMT x-amz-version-id .CV9Gv7QHuYDZKNfN_Mj0Og0uIzMiBl5 content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1714638 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 83 last-modified Mon, 04 Sep 2023 22:46:01 GMT server istio-envoy etag W/"57c0a57c3cf808c4592182b4c490b3a0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id M6lc40PBQ_hW2LMGamST27PKgk85j9SSg8RqouLUfZYm1e3OGtIhjw==
POST H2	200	v2 Show response bootstrap.api.drift.com/widget_bootstrap/ping/ Frame 50E4	146 B 587 B	120ms 46ms	XHR application/json	3.94.218.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap/ping/v2 Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-218-138.compute-1.amazonaws.com Software istio-envoy / Resource Hash 3e119079e033f39593a5e284dc68dfca12f2ac997301f23335677fa1a91c26f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 25 Sep 2023 15:07:26 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid f82cc9558b41bf1d access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 9 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 146
GET H2	200	/ www.facebook.com/tr/	0 31 B	34ms 34ms	Image text/plain	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=476377582537549&ev=PageView&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&rl=&if=false&ts=1695654446865&cd[segment_eid]=XYPZFM5QENHXRH7RBBI5PW&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=29&fbp=fb.1.1695654446518.242845663&it=1695654446337&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.66.35 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 25 Sep 2023 15:07:26 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	gs Show response gs.mountain.com/	144 B 733 B	372ms 91ms	Script application/javascript	34.212.4.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gs.mountain.com/gs Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-212-4-35.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash fc1a9c5306bc5fb03c123de1d68cdf5b4eac7779d2f707f28a3beec8049b271c Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:27 GMT last-modified Thu, 01 Jan 1970 00:00:00 GMT server istio-envoy access-control-allow-methods GET, POST, OPTIONS content-type application/javascript;charset=utf-8 access-control-allow-origin * p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" cache-control public, max-age=31536000 x-envoy-upstream-service-time 0 connection close access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header content-length 144 x-application-context application:prod:8080
POST H2	200	v3 Show response metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 50E4	25 B 89 B	53ms 50ms	XHR application/json	3.94.218.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/widget/init/v3 Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-218-138.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 25 Sep 2023 15:07:26 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid ea0993e9fe7773f8 access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 15 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25
POST H2	200	widget_bootstrap Show response bootstrap.api.drift.com/ Frame 50E4	25 KB 8 KB	553ms 553ms	XHR application/json	3.94.218.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bootstrap.api.drift.com/widget_bootstrap Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-218-138.compute-1.amazonaws.com Software istio-envoy / Resource Hash 2f50a8f550323101752db6f02d2c0afa55a85de730d17f2d1bbe02d8a55c1dae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 25 Sep 2023 15:07:26 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip server istio-envoy requestid 9957975c8799c39b access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 517 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 195 B	130ms 129ms	XHR text/plain	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Sep 2023 15:07:27 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 5E664BA6C3494D58A059A8294E332B1B Ref B: YTO01EDGE0809 Ref C: 2023-09-25T15:07:27Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://info.zscaler.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYGMFD7/t5nSKqgH217ag==
GET H/1.1	200 OK	st Show response px.mountain.com/	6 KB 2 KB	283ms 106ms	Script application/javascript	34.210.219.79 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://px.mountain.com/st?ga_tracking_id=UA-6177009-1%3BG-10SPJ4YJL9&ga_client_id=1300014578.1695654446&shpt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-6177009-1%3BG-10SPJ4YJL9%22%2C%22ga_client_id%22%3A%221300014578.1695654446%22%2C%22shpt%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%2C%22dcm_cid%22%3A%221300014578.1695654446%22%2C%22dcm_gid%22%3A%221924790707.1695654446%22%2C%22ga_utm_source%22%3A%22promo%22%2C%22ga_utm_medium%22%3A%22sdr%22%2C%22mntnis%22%3A%2234ZbKLEOLnsXJIwAenhEWa4VdsVHxqWv%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A2%2C%22getClientIdByCookie%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1300014578.1695654446&dcm_gid=1924790707.1695654446&available_ga=%5B%7B%22id%22%3A%22UA-6177009-1%22%2C%22sess_id%22%3Anull%7D%2C%7B%22id%22%3A%22G-10SPJ4YJL9%22%2C%22sess_id%22%3A%221695654445%22%7D%5D&hardcoded_ga=&dxver=4.0.0&shaid=32329&plh=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&shadditional=adroll%3Dtrue%2Cgoogletagmanager%3Dtrue%2Cga4%3Dtrue%2Clanguage%3Den&shoid=%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends&cb=1695654446870188&shguid=59757f20-968c-3650-a6a5-5ecac51d15c2&shgts=1695654447242 Requested by Host: info.zscaler.com URL: https://info.zscaler.com/webinar-ransomware-threat-update-defend-against-the-latest-attack-trends?utm_source=promo&utm_medium=sdr Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.210.219.79 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-210-219-79.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash a83870ea78c1731345f91b40258b05010064094164dc5a6f9c1b14aed6d63492 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:27 GMT content-encoding gzip server istio-envoy transfer-encoding chunked content-type application/javascript;charset=utf-8 access-control-allow-origin * p3p CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE" x-envoy-upstream-service-time 15 connection close
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	49ms 49ms	Image image/gif	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=9e5836b6-14da-4e59-8ab0-5e863c1a491d&session=466e2ad2-be57-468d-8ab3-31889080a751&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A26%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%221001%22%7D&isIframe=false&m=%7B%22description%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&pageViewId=9a401842-e67b-4926-8309-5db2799838a6&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:27 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H/1.1	200 OK	tdsync px.steelhousemedia.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=3d2e0bcc-5bb5-11ee-880d-095df7e24732&gdpr=&gdpr_consent= https://px.steelhousemedia.com/tdsync?tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&shguid=3d2e0bcc-5bb5-11ee-880d-095df7e24732	0 319 B	400ms 131ms	Image text/plain	44.233.136.7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://px.steelhousemedia.com/tdsync?tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&shguid=3d2e0bcc-5bb5-11ee-880d-095df7e24732 Protocol HTTP/1.1 Server 44.233.136.7 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-233-136-7.us-west-2.compute.amazonaws.com Software istio-envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:27 GMT server istio-envoy access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * x-envoy-upstream-service-time 41 connection close access-control-allow-headers Accept, Content-Type, x-requested-with, X-Custom-Header content-length 0 Redirect headers location https://px.steelhousemedia.com/tdsync?tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&shguid=3d2e0bcc-5bb5-11ee-880d-095df7e24732 date Mon, 25 Sep 2023 15:07:27 GMT server Kestrel content-length 277
GET H2	204	usermatch.gif beacon.krxd.net/ Redirect Chain https://insight.adsrvr.org/track/evnt/?adv=80b7kxf&ct=0:zz65l7w&fmt=3 https://dpm.demdex.net/ibs:dpid=903&dpuuid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e	0 338 B	108ms 36ms	Image text/plain	44.193.159.70 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e Protocol H2 Server 44.193.159.70 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-193-159-70.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers x-served-by beacon-n018-ash-prod.krxd.net date Mon, 25 Sep 2023 15:07:28 GMT cache-control private, no-cache, no-store x-request-time D=48 t=1695654448 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=ee0e08e9-fb73-47a0-8862-2e9360d2fa9e date Mon, 25 Sep 2023 15:07:27 GMT x-cache-hits 0 x-age 0 content-length 0 x-cache MISS x-served-by usermatch-a007-ash-prod.krxd.net
OPTIONS H2	200	track event.api.drift.com/ Frame	0 0	38ms 37ms	Preflight text/plain	3.94.218.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://event.api.drift.com/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-218-138.compute-1.amazonaws.com Software istio-envoy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://js.driftt.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-max-age 1209600 allow POST,OPTIONS content-length 13 content-type text/plain date Mon, 25 Sep 2023 15:07:27 GMT requestid driftb798c3148dfad5f75e043366c0a server istio-envoy strict-transport-security max-age=31536000; includeSubDomains x-envoy-upstream-service-time 1
POST H2	200	track Show response event.api.drift.com/ Frame 50E4	694 B 754 B	38ms 37ms	XHR application/json	3.94.218.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://event.api.drift.com/track Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-218-138.compute-1.amazonaws.com Software istio-envoy / Resource Hash 3fe199d09f3826131fb484dc93ef78441a3acd2838476eab55c2c06ea1a174c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language en-CA,en;q=0.9 Authorization Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxOTU2NTI3ODgzNSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzM1OCIsImV4cCI6MTcyNzI3Njg0NywiaWF0IjoxNjk1NjU0NDQ3fQ.nJvtTkxqLyNmbw4KV-QZY_fpqeosl0jOnUTfmv0SVleEcFvjkNcaX7L1gCPxcjrev6DbsxjshmNaZmseyjXNPw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/json Response headers date Mon, 25 Sep 2023 15:07:27 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid dd5c16ccd03edbb7 access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info access-control-allow-credentials true x-envoy-upstream-service-time 1 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 694
GET H2	200	57.28dde8ce.chunk.js Show response js.driftt.com/core/assets/js/ Frame 50E4	19 KB 7 KB	34ms 33ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core?d=1&embedId=2ykw9843t99d&eId=2ykw9843t99d&region=US&forceShow=false&skipCampaigns=false&sessionId=1c857afb-4f80-4afc-8e54-7f31ddb0d6f9&sessionStarted=1695654446.351&campaignRefreshToken=ac06c952-4c62-4fde-8d57-75324d516d54&hideController=false&pageLoadStartTime=1695654445047&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:24 GMT x-amz-version-id jwg1mp0azkc7lKNhQBTtVb2XfTA.Kwjv content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020783 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 last-modified Wed, 13 Sep 2023 15:34:33 GMT server istio-envoy etag W/"3c4cd13822c0069a68e9f9c8240f5ba9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id BJcJwKFN-ZGAZcE1mmKr0pToZ4j75HxVJIPm_Iu9DssjPrVLoQRIvw==
GET H2	200	57.28dde8ce.chunk.js Show response js.driftt.com/core/assets/js/ Frame 4D70	19 KB 7 KB	34ms 33ms	Script application/javascript	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/core/assets/js/57.28dde8ce.chunk.js Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/runtime~main.250b8c3b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash 594d3ade307f6f48a5ef5143228b9da7c4e78589177ac70e91d31fe75ea83d60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1695654445047 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Wed, 13 Sep 2023 19:34:24 GMT x-amz-version-id jwg1mp0azkc7lKNhQBTtVb2XfTA.Kwjv content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 1020783 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 14 last-modified Wed, 13 Sep 2023 15:34:33 GMT server istio-envoy etag W/"3c4cd13822c0069a68e9f9c8240f5ba9" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 5sk23Qkfy42fT2uGSCYrclhWHnnnA_tzwTaFBNZtHGOZnjOEd0OIng==
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 js.driftt.com/deploy/assets/static/fonts/ Frame 50E4	38 KB 39 KB	34ms 34ms	Font font/woff2	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/assets/css/8.7602338c.chunk.css Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:45:08 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4735339 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 55 content-length 39372 last-modified Fri, 03 Mar 2023 16:21:38 GMT server istio-envoy etag "40b6965b5cd26213faf61e5ab6765bb9" access-control-allow-methods GET, POST, OPTIONS content-type application/font-woff2,font/woff2 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 9y2NiBcWIudGBhEREOALps5QysxA81oncLGvHZtMhrYXiBvPmxshCQ==
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 js.driftt.com/deploy/assets/static/fonts/ Frame 4D70	38 KB 39 KB	34ms 34ms	Font font/woff2	18.160.18.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/deploy/assets/static/fonts/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/css/8.7602338c.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.18.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-18-4.iad12.r.cloudfront.net Software istio-envoy / Resource Hash fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://js.driftt.com/core/assets/css/8.7602338c.chunk.css Origin https://js.driftt.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Tue, 01 Aug 2023 19:45:08 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront) x-amz-cf-pop IAD12-P4 age 4735340 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-envoy-upstream-service-time 55 content-length 39372 last-modified Fri, 03 Mar 2023 16:21:38 GMT server istio-envoy etag "40b6965b5cd26213faf61e5ab6765bb9" access-control-allow-methods GET, POST, OPTIONS content-type application/font-woff2,font/woff2 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id k_m8sBBsDuudVOPj6npA72bos3aPk4gCOypAwOmfvWQ8__zWo3yX6Q==
GET H3	200	/ www.facebook.com/tr/	0 18 B	34ms 34ms	Image text/plain	31.13.66.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1778897272132032&ev=Microdata&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&rl=&if=false&ts=1695654448024&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%2C%22meta%3Adescription%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.128&r=stable&ec=1&o=30&fbp=fb.1.1695654446518.242845663&it=1695654446337&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 31.13.66.35 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-iad3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 25 Sep 2023 15:07:28 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	67ms 66ms	Image image/gif	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=9e5836b6-14da-4e59-8ab0-5e863c1a491d&session=466e2ad2-be57-468d-8ab3-31889080a751&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A28%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A27%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&pageViewId=9a401842-e67b-4926-8309-5db2799838a6&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:28 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	87ms 86ms	Image image/gif	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=9e5836b6-14da-4e59-8ab0-5e863c1a491d&session=466e2ad2-be57-468d-8ab3-31889080a751&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A28%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&pageViewId=9a401842-e67b-4926-8309-5db2799838a6&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:29 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H2	200	bulk Show response metrics.api.drift.com/monitoring/metrics/event3/ Frame 50E4	25 B 111 B	49ms 48ms	XHR application/json	3.94.218.138 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://metrics.api.drift.com/monitoring/metrics/event3/bulk Requested by Host: js.driftt.com URL: https://js.driftt.com/core/assets/js/51.558be3c5.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-218-138.compute-1.amazonaws.com Software istio-envoy / Resource Hash f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept application/json, text/plain, */* Referer https://js.driftt.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 25 Sep 2023 15:07:29 GMT strict-transport-security max-age=31536000; includeSubDomains server istio-envoy requestid 1a6952b1c7828610 access-control-max-age 1209600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH content-type application/json;charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Results-Total-Count,X-Page-Info vary Accept-Encoding access-control-allow-credentials true x-envoy-upstream-service-time 13 access-control-allow-headers origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version content-length 25
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 483 B	55ms 54ms	Image image/gif	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=9e5836b6-14da-4e59-8ab0-5e863c1a491d&session=466e2ad2-be57-468d-8ab3-31889080a751&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A29%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&pageViewId=9a401842-e67b-4926-8309-5db2799838a6&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:30 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu) etag "5e502810-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H2	204	collect analytics.google.com/g/	0 54 B	41ms 40ms	Ping text/plain	216.239.38.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-10SPJ4YJL9&gtm=45je39k2&_p=1897460890&cid=1300014578.1695654446&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1695654445&sct=1&seg=0&dl=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&dt=Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-10SPJ4YJL9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.181 Los Gatos, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://info.zscaler.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 25 Sep 2023 15:07:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://info.zscaler.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 484 B	50ms 49ms	Image image/gif	96.7.74.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=ab9750bca4342498694e239e304dd3a9&svisitor=null&visitor=9e5836b6-14da-4e59-8ab0-5e863c1a491d&session=466e2ad2-be57-468d-8ab3-31889080a751&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2025%20Sep%202023%2015%3A07%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22UNC3944%20and%20BlackCat%20have%20taken%20over%20the%20headlines%20with%20a%20new%20wave%20of%20high-profile%20ransomware%20attacks%20on%20casinos%20and%20other%20industries%2C%20continuing%20an%20upward%20trend%20of%20damaging%20attacks%20impacting%20global%20organizations.%20Earlier%20in%202023%2C%20the%20Zscaler%20ThreatLabz%20research%20team%20reported%20that%20ransomware%20attacks%20have%20grown%2037%25%20since%202022%2C%20with%20the%20average%20cost%20of%20an%20attack%20reaching%20a%20whopping%20US%245.3M.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Ransomware%20Threat%20Update%3A%20Defend%20Against%20the%20Latest%20Attack%20Trends%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Finfo.zscaler.com%2Fwebinar-ransomware-threat-update-defend-against-the-latest-attack-trends%3Futm_source%3Dpromo%26utm_medium%3Dsdr&pageViewId=9a401842-e67b-4926-8309-5db2799838a6&an_uid=0&webTagId=6934ae2b-4c76-4229-97d0-8f637b004b88&v=1.1.6 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.7.74.16 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a96-7-74-16.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://info.zscaler.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Mon, 25 Sep 2023 15:07:31 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu) etag "60bb2e15-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT