www.bitdefender.com.au Open in urlscan Pro
172.64.150.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Submission Tags: falconsandbox
Submission: On June 22 via api (June 22nd 2024, 5:58:56 pm UTC) from US — Scanned from AU

Summary HTTP 153 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 66 IPs in 7 countries across 46 domains to perform 153 HTTP transactions. The main IP is 172.64.150.107, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is www.bitdefender.com.au. The Cisco Umbrella rank of the primary domain is 176987.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 5th 2024. Valid for: a year.

This is the only time www.bitdefender.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	172.64.150.107 172.64.150.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	23.32.5.73 23.32.5.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.64.147.169 172.64.147.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	23.202.168.24 23.202.168.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.137.209 104.16.137.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	23.23.225.172 23.23.225.172	14618 (AMAZON-AES) (AMAZON-AES)
2	23.38.128.171 23.38.128.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.79.142 104.16.79.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.128.172 104.17.128.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.160.168 104.16.160.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.153.27 172.64.153.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.137.17 104.18.137.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.19.178.52 104.19.178.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.65.244.54 18.65.244.54	16509 (AMAZON-02) (AMAZON-02)
2	172.64.155.63 172.64.155.63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.82.97.82 54.82.97.82	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.39.15 63.140.39.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.169.185.174 54.169.185.174	16509 (AMAZON-02) (AMAZON-02)
1	63.140.39.248 63.140.39.248	14618 (AMAZON-AES) (AMAZON-AES)
1	104.68.24.142 104.68.24.142	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.242.108 104.18.242.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.142.119 104.18.142.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	172.217.167.104 172.217.167.104	15169 (GOOGLE) (GOOGLE)
1	104.99.59.34 104.99.59.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.195.58.59 152.195.58.59	15133 (EDGECAST) (EDGECAST)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.158.32.49 108.158.32.49	16509 (AMAZON-02) (AMAZON-02)
1 4	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
3	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	151.101.28.157 151.101.28.157	54113 (FASTLY) (FASTLY)
3	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	18.67.110.94 18.67.110.94	16509 (AMAZON-02) (AMAZON-02)
1	108.158.20.56 108.158.20.56	16509 (AMAZON-02) (AMAZON-02)
1	117.18.232.195 117.18.232.195	15133 (EDGECAST) (EDGECAST)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	108.158.32.67 108.158.32.67	16509 (AMAZON-02) (AMAZON-02)
1	142.250.204.10 142.250.204.10	15169 (GOOGLE) (GOOGLE)
1 5	172.217.167.100 172.217.167.100	15169 (GOOGLE) (GOOGLE)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	18.67.93.91 18.67.93.91	16509 (AMAZON-02) (AMAZON-02)
2	18.67.110.93 18.67.110.93	16509 (AMAZON-02) (AMAZON-02)
1	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
1	34.250.195.248 34.250.195.248	16509 (AMAZON-02) (AMAZON-02)
2	13.107.246.31 13.107.246.31	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
3	172.217.167.67 172.217.167.67	15169 (GOOGLE) (GOOGLE)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	142.251.175.157 142.251.175.157	15169 (GOOGLE) (GOOGLE)
2	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
2 3	142.250.76.102 142.250.76.102	15169 (GOOGLE) (GOOGLE)
1	142.250.67.2 142.250.67.2	15169 (GOOGLE) (GOOGLE)
3	142.250.71.67 142.250.71.67	15169 (GOOGLE) (GOOGLE)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.16.118.116 104.16.118.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.231.230.148 52.231.230.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.46.179.51 23.46.179.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.171.234.229 54.171.234.229	16509 (AMAZON-02) (AMAZON-02)
1	34.111.52.132 34.111.52.132	() ()
153	66

18 172.64.150.107 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bitdefender.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

businessresources.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.5.73 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-73.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.147.169 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

www.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.202.168.24 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-168-24.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.137.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.23.225.172 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-225-172.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.128.171 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-128-171.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.142 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.128.172 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.160.168 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.27 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.137.17 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.178.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.244.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-54.syd3.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.155.63 (None, )

ASN13335 (CLOUDFLARENET, US)

cookies-data.onetrust.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.97.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-97-82.compute-1.amazonaws.com

bitdefender.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.39.15 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-15.data.adobedc.net

sstats.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.185.174 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-185-174.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.39.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-248.data.adobedc.net

starget.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.68.24.142 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-24-142.deploy.static.akamaitechnologies.com

assets.adobetarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.242.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.142.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.167.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.99.59.34 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-34.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.58.59 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-49.syd3.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.28.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-94.syd62.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.20.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-56.syd62.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.32.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-67.syd3.r.cloudfront.net

static.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.167.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-91.syd62.r.cloudfront.net

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.110.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-93.syd62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.195.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-195-248.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.167.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.76.102 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.231.230.148 (Busan, Korea, Republic Of) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.179.51 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-179-51.deploy.static.akamaitechnologies.com

download.bitdefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.234.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-234-229.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.52.132 (None, )

ASN- ()

webchannel-content-service.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	bitdefender.com.au 1 redirects www.bitdefender.com.au — Cisco Umbrella Rank: 176987	214 KB
14	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 428	199 KB
14	bitdefender.com businessresources.bitdefender.com www.bitdefender.com — Cisco Umbrella Rank: 92548 sstats.bitdefender.com — Cisco Umbrella Rank: 179913 starget.bitdefender.com — Cisco Umbrella Rank: 651133 download.bitdefender.com — Cisco Umbrella Rank: 18102	2 MB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 analytics.google.com — Cisco Umbrella Rank: 174 adservice.google.com — Cisco Umbrella Rank: 213	1 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70 ad.doubleclick.net — Cisco Umbrella Rank: 164	2 KB
7	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4457 api.hubspot.com — Cisco Umbrella Rank: 5690 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4515 track.hubspot.com — Cisco Umbrella Rank: 2823 forms.hubspot.com — Cisco Umbrella Rank: 6172	30 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 x.clarity.ms — Cisco Umbrella Rank: 7529 c.clarity.ms — Cisco Umbrella Rank: 1434	28 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 360 www.linkedin.com — Cisco Umbrella Rank: 545	3 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	153 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	252 KB
4	scarabresearch.com cdn.scarabresearch.com — Cisco Umbrella Rank: 14816 static.scarabresearch.com — Cisco Umbrella Rank: 17833 webchannel-content-service.scarabresearch.com	67 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 361 c.bing.com — Cisco Umbrella Rank: 224	16 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 10208	26 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	376 KB
4	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4790 forms.hsforms.com — Cisco Umbrella Rank: 5239 forms-na1.hsforms.com — Cisco Umbrella Rank: 8151	7 KB
4	company-target.com api.company-target.com — Cisco Umbrella Rank: 4484 s.company-target.com — Cisco Umbrella Rank: 1586	3 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 242 bitdefender.demdex.net — Cisco Umbrella Rank: 496592	2 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4936 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488 imgsct.cookiebot.com — Cisco Umbrella Rank: 5824	35 KB
3	google.com.au www.google.com.au — Cisco Umbrella Rank: 22611	190 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	76 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 894 script.hotjar.com — Cisco Umbrella Rank: 1260	62 KB
2	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6487 metrics.hotjar.io — Cisco Umbrella Rank: 9840	251 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2076 alb.reddit.com — Cisco Umbrella Rank: 1406	761 B
2	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 6405 tag-logger.demandbase.com — Cisco Umbrella Rank: 5525	23 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1200	13 KB
2	onetrust.io cookies-data.onetrust.io — Cisco Umbrella Rank: 13379	84 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	t.co t.co — Cisco Umbrella Rank: 726	377 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 14945	205 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 905	15 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4429	16 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 902	14 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 27103	263 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 7892	157 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4224	1 KB
1	adobetarget.com assets.adobetarget.com — Cisco Umbrella Rank: 34890	31 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1336	517 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 653	315 B
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5910	92 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2607	19 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2634	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3959	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5803	24 KB
1	twitter.com platform.twitter.com Failed analytics.twitter.com — Cisco Umbrella Rank: 986	726 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2984	1 KB
153	46

	Domain	Requested by
18	www.bitdefender.com.au	1 redirects www.bitdefender.com.au
14	assets.adobedtm.com	www.bitdefender.com.au assets.adobedtm.com
7	businessresources.bitdefender.com	www.bitdefender.com.au
5	www.google.com	1 redirects js.hsforms.net www.gstatic.com www.bitdefender.com.au
5	px.ads.linkedin.com	2 redirects snap.licdn.com www.bitdefender.com.au
5	cdn.cookielaw.org	assets.adobedtm.com cdn.cookielaw.org
4	www.facebook.com	www.bitdefender.com.au
4	cdn.bizible.com	assets.adobedtm.com www.bitdefender.com.au cdn.bizible.com
4	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	www.google.com.au	www.bitdefender.com.au
3	ad.doubleclick.net	2 redirects www.bitdefender.com.au
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.bitdefender.com.au connect.facebook.net
3	bat.bing.com	assets.adobedtm.com bat.bing.com www.bitdefender.com.au
3	api.company-target.com	assets.adobedtm.com cdn.bizible.com
3	dpm.demdex.net	1 redirects www.bitdefender.com.au
3	www.bitdefender.com	www.bitdefender.com.au www.bitdefender.com
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	x.clarity.ms	cdn.bizible.com
2	googleads.g.doubleclick.net	www.googletagmanager.com www.bitdefender.com.au
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	forms-na1.hsforms.com	www.bitdefender.com.au
2	static.scarabresearch.com	cdn.scarabresearch.com
2	www.redditstatic.com	www.bitdefender.com.au cdn.bizible.com
2	sstats.bitdefender.com	assets.adobedtm.com www.bitdefender.com.au
2	cookies-data.onetrust.io	cdn.cookielaw.org
2	api.hubspot.com	js.usemessages.com
2	consent.cookiebot.com	www.bitdefender.com.au consent.cookiebot.com
1	webchannel-content-service.scarabresearch.com	cdn.bizible.com
1	metrics.hotjar.io	static.hotjar.com
1	download.bitdefender.com
1	forms.hubspot.com	cdn.bizible.com
1	c.bing.com	1 redirects
1	imgsct.cookiebot.com
1	adservice.google.com	www.bitdefender.com.au
1	content.hotjar.io	cdn.bizible.com
1	www.gstatic.com	www.google.com
1	tag-logger.demandbase.com	cdn.bizible.com
1	alb.reddit.com	www.bitdefender.com.au
1	pixel-config.reddit.com	cdn.bizible.com
1	fonts.googleapis.com	js.hsforms.net
1	s.company-target.com	tag.demandbase.com
1	analytics.twitter.com	www.bitdefender.com.au
1	t.co	www.bitdefender.com.au
1	cdn.scarabresearch.com	www.bitdefender.com.au
1	tag.demandbase.com	www.bitdefender.com.au
1	cdn.bizibly.com	www.bitdefender.com.au
1	static.ads-twitter.com	www.bitdefender.com.au
1	d.impactradius-event.com	www.bitdefender.com.au
1	static.hotjar.com	www.bitdefender.com.au
1	www.linkedin.com	1 redirects
1	forms.hsforms.com	js.hsforms.net
1	snap.licdn.com	js.hsadspixel.net
1	geolocation-db.com	www.bitdefender.com.au
1	js.hsforms.net	www.bitdefender.com.au
1	api.hubapi.com	js.hsadspixel.net
1	perf-na1.hsforms.com	www.bitdefender.com.au
1	assets.adobetarget.com	assets.adobedtm.com
1	starget.bitdefender.com	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	bitdefender.demdex.net	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	js.hs-scripts.com	www.bitdefender.com.au
0	platform.twitter.com Failed	www.bitdefender.com.au
153	76

This site contains links to these domains. Also see Links.

Domain
www.bitdefender.com
www.justice.gov
twitter.com
t.co
techzone.bitdefender.com
intellizone.bitdefender.com
facebook.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.bitdefender.com.au Sectigo RSA Domain Validation Secure Server CA	`2024-03-05` - `2025-04-04`	a year	crt.sh
businessresources.bitdefender.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
*.bitdefender.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-11-07`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hsleadflows.net E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
onetrust.io GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
sstats.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-07` - `2025-04-07`	a year	crt.sh
starget.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-30` - `2024-11-30`	a year	crt.sh
assets.adobetarget.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-18` - `2025-02-17`	a year	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
hsforms.net WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
geolocation-db.com R11	`2024-06-10` - `2024-09-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-07` - `2025-07-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-31` - `2024-06-29`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.scarabresearch.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-20`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-08` - `2024-10-08`	a year	crt.sh
*.company-target.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com.au WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
download.bitdefender.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-20` - `2025-05-19`	a year	crt.sh
webchannel-content-service.scarabresearch.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Frame ID: 604A2BC96148963343D60C20A054F9A3
Requests: 146 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 6ABA7348B5F806833CD39D44DF18ABC9
Requests: 1 HTTP requests in this frame

Frame: https://bitdefender.demdex.net/dest5.html?d_nsid=0
Frame ID: DDABEEE93524D3FF1AC214E544088B27
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 43A23D81837F57B79923E589B6B6CFA4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuYml0ZGVmZW5kZXIuY29tLmF1OjQ0Mw..&hl=en&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&badge=inline&cb=mdejl9nrj6rc
Frame ID: 95FE1B90EB0C1BB5BC95890BACB419BD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=KXX4ARWFlYTftefkdODAYWZh&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: F051B5725BF419B509D121AA03ED05A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hive Ransomware's Offspring: Hunters International Takes the Stage

Page URL History Show full URLs

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes... HTTP 301
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes... Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

153
Requests

95 %
HTTPS

0 %
IPv6

46
Domains

76
Subdomains

66
IPs

7
Countries

4145 kB
Transfer

8862 kB
Size

84
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bitdefender.com/business/products/inquire/?hsCtaTracking=1d8885e9-1179-49b1-a5ec-9c75f5f670dd%7C7c7083d1-a63a-479d-8f58-abc2d5c547f8&__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: Contact an expert

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/us-department-justice-disrupts-hive-ransomware-variant
Title: dismantle one of the most notorious ransomware groups known as Hive

Search URL Search Domain Scan URL

URL: https://twitter.com/rivitna2/status/1715345562034225621
Title: @rivitna2

Search URL Search Domain Scan URL

URL: https://twitter.com/BushidoToken/status/1715368444806275182
Title: @BushidoToken

Search URL Search Domain Scan URL

URL: https://twitter.com/rivitna2?ref_src=twsrc%5Etfw
Title: @rivitna2

Search URL Search Domain Scan URL

URL: https://t.co/60quS4N9O9
Title: https://t.co/60quS4N9O9

Search URL Search Domain Scan URL

URL: https://twitter.com/BushidoToken/status/1715368444806275182?ref_src=twsrc%5Etfw
Title: October 20, 2023

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/security-layers/protection/ransomware-protection.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: do not solely rely on Shadow Copy technology

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/security-layers/protection/process-protection.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: Process Protection

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/gravityzone-platform/multi-layered-security.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: Bitdefender TechZone

Search URL Search Domain Scan URL

URL: https://intellizone.bitdefender.com/en/threat-search/threats/BDsezklncw?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: ThreatID BDsezklncw

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/business/products/advanced-threat-intelligence.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: visit our product page

Search URL Search Domain Scan URL

URL: https://techzone.bitdefender.com/en/security-layers/detection/sensors.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: sensors

Search URL Search Domain Scan URL

URL: https://facebook.com/Bitdefender/

Search URL Search Domain Scan URL

URL: https://twitter.com/Bitdefender_Ent

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bitdefender/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BitdefenderSecurity

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/site/view/legal-terms.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: Legal Information

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/site/view/legal-privacy-policy-for-bitdefender-websites.html?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/site/Main/contact/1?__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&__hsfp=522907934
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage HTTP 301
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719079127124 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719079127124

Request Chain 43

https://cm.everesttech.net/cm/dd?d_uuid=66956217165533856463393518507091718054 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncQ2QAAAGvTyQM4

Request Chain 75

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D359890%26time%3D1719079129304%26url%3Dhttps%253A%252F%252Fwww.bitdefender.com.au%252Fblog%252Fbusinessinsights%252Fhive-ransomwares-offspring-hunters-international-takes-the-stage%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true&liSync=true

Request Chain 128

https://ad.doubleclick.net/activity;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=382745919.1719079130;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=1067899523;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=382745919.1719079130;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=1067899523;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=1067899523;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Request Chain 134

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=459700254.1719079130&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=382745919.1719079130&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=459700254.1719079130&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=382745919.1719079130&frm=0

Request Chain 144

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3B3B0A86B0D54EC0AF9202F05E17A9B8&RedC=c.clarity.ms&MXFR=19C15A45936468ED26B14EE3976466AD HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B3B0A86B0D54EC0AF9202F05E17A9B8&MUID=1D5BD4C23A5F64F91CEAC0643BCF65FB

153 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Redirect Chain

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage
https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

141 KB
37 KB

397ms
396ms

Document
text/html

172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6028d3faeb714464de73dcdf96c5a35596163f18ce7780e5be801bd7d0c83ecc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' .bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com .facebook.com .google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net .criteo.com .2mdn.net .googlesyndication.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri .bitdefender.com .bitdefender.com.au .bitdefender.co.uk .bitdefender.ro .bitdefender.fr .bitdefender.de
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 897e20d50c53a95b-SYD
content-encoding: gzip
content-security-policy: default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' *.bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' *.emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com *.google.com www.gstatic.com *.hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com *.googleadservices.com tag.demandbase.com *.doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com *.hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com *.bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net *.clarity.ms *.bitdefender.com *.scarabresearch.com www.dwin1.com *.taboola.com *.outbrain.com retrack-kupona.kuponacdn.de ad4m.at *.google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' *.cookielaw.org *.criteo.com *.googletagservices.com *.2mdn.net *.googlesyndication.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com *.facebook.com *.google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net *.criteo.com *.2mdn.net *.googlesyndication.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com *.emarsys.net *.hubapi.com *.hubspot.com *.facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com *.bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com *.google.com *.scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com *.google-analytics.com *.analytics.google.com analytics.google.com *.clarity.ms *.doubleclick.net *.taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com *.bizible.com *.bizible.net px.ads.linkedin.com *.redditstatic.com *.googlesyndication.com *.cookielaw.org *.onetrust.com *.onetrust.io *.criteo.com *.reddit.com *.googleadservices.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri *.bitdefender.com *.bitdefender.com.au *.bitdefender.co.uk *.bitdefender.ro *.bitdefender.fr *.bitdefender.de
content-type: text/html; charset=utf-8
date: Sat, 22 Jun 2024 17:58:45 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 897e20ce48c5a95b-SYD
date: Sat, 22 Jun 2024 17:58:45 GMT
location: /blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H3 200 image%20(3)-3.png
businessresources.bitdefender.com/hubfs/ 559 KB
561 KB 68ms
33ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/image%20(3)-3.png

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e50d3be7ae652e8b3c9077698cb5b77538fafc1c28652871f5f9ec22bd2ae0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-144390890007,P-341979,FLS-ALL
age: 154754
x-amz-request-id: 8WZVY55W25SA7G23
x-amz-server-side-encryption: AES256
edge-cache-tag: F-144390890007,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="image%20(3)-3.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "1b4bafb685723c6565f7be75239d892d"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699392995461
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 28d9734ff3f988ae9afd788fe4df27c0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vlD.LBMxW0ngQPq57joomufoxdo4pP4x
x-amz-cf-pop: LAX50-P3
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1176603
x-cache: Miss from cloudfront
cache-tag: F-144390890007,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 572418
x-amz-id-2: LowJ+APdiC2xQMB4uqoVp+NdW09Mjs2m8YSrMsGhPgNluWrgC85HF31NqPemCpUcDlXlHILUFHM=
last-modified: Tue, 07 Nov 2023 21:36:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqxwWi8rqvrOuvW2Khwq2Hi4YoF3UavJuKfgLKqpnxVi%2FOoIsQ0EL1Ai9CR1GuXnJJmohhHW5hG661QNqphnNJm9cRKPCX%2FK5S%2BXazBD8695Wi3w8gK%2B24pwk%2BeGDB7fSWuPTu6HnqRLGx8v%2F5VSThpQFA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20d7cd977e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZJeGiKXTLcGSQMSKH4MFu2XnKkUsSAjnfHu74tO_pRy1uuZNyr-oFA==

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 109 KB
34 KB 20ms
7ms Script
application/javascript 23.32.5.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-5-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7dda4b29507887a80d74c81a30e6ff5241e414a7381cc0a4f6eef32595ebadf3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2024 07:02:36 GMT
etag: "d6e744804dc1da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=435
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 34250
expires: Sat, 22 Jun 2024 18:06:00 GMT

GET
H2 200 TagIT.v1.min.js Show response
www.bitdefender.com/scripts/ 15 KB
4 KB 1366ms
1336ms Script
application/x-javascript 172.64.147.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.169 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1789e6bf0f139fc89e73756237ae433989a6d27e7effe2d1771c06d2566f889b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 15 Mar 2019 11:31:57 GMT
server: cloudflare
etag: W/"5c8b8d2d-3b83"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 897e20d7cd51a7f5-SYD

GET
H2 200 launch-b77a56f2d5f1.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/ 534 KB
153 KB 326ms
7ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9342b2c5d6efa563547b694ef832c0f0b3db49e04659d1c6271d8f047bf671d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:46 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:31 GMT
server: AkamaiNetStorage
etag: "fdb5fd8b74feda48dcb06785266f0b6b:1716984390.961067"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 155853
expires: Sat, 22 Jun 2024 18:58:46 GMT

GET
H2 200 341979.js Show response
js.hs-scripts.com/ 3 KB
1 KB 1007ms
689ms Script
application/javascript 104.16.137.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/341979.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36ee51a70bdefc9f7bc258ea6a70d70dfc88a0b16a05b142541649e27490b743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fa409aa2-30ae-45be-a091-af749f514e2a
x-envoy-upstream-service-time: 3
content-length: 699
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fa409aa2-30ae-45be-a091-af749f514e2a
last-modified: Sat, 22 Jun 2024 17:45:17 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-964mk
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 897e20dc3b967e37-SYD
expires: Sat, 22 Jun 2024 18:00:17 GMT

GET
H2 200 service-worker.js Show response
www.bitdefender.com.au/content/dam/workers/ 101 B
561 B 1317ms
1317ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/content/dam/workers/service-worker.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6f4ec6849e6e8849d1130e40a378a9c7e751cd949306edd3383f7effa90658

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
x-vhost: bitdefender.com.au
x-cache: MISS
content-disposition: attachment; filename="service-worker.js"; filename*=UTF-8''service-worker.js
x-xss-protection: 1; mode=block
service-worker-allowed: /
x-served-by: cache-syd10157-SYD
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 May 2024 10:26:49 GMT
server: cloudflare
x-timer: S1719079127.076712,VS0,VS0,VE1294
etag: W/"0x8DC7592B25921C3"
x-frame-options: SAMEORIGIN
bitdefender-test: this-is-added-via-Fastly-config
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=600, immutable
vary: Accept-Encoding
cf-ray: 897e20e01abfa95b-SYD

GET
H2 200 f2cd31a.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 5 KB
2 KB 19ms
17ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1357416e284fe5635f1fc55220ab0eaf6c9db8f330131b6653fda6d4e5857906

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282941
etag: W/"1418-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dcea95b-SYD

GET
H2 200 593dd1f.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 216 KB
75 KB 21ms
19ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/593dd1f.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af2220bbd8824a7264ce0c86473660064e03a7352d0c2a8372b5e5eec8d75ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282940
etag: W/"35f85-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dcfa95b-SYD

GET
H2 200 4036f6a.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 29 KB
9 KB 25ms
24ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/4036f6a.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15b9360d4f49fd4092c88a67c9c0b219e3f4cc7ee563f82b605d1feb176a46d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282941
etag: W/"7366-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dd1a95b-SYD

GET
H2 200 729f721.css
www.bitdefender.com.au/blog/_nuxt/css/ 36 KB
7 KB 26ms
24ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/729f721.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e815080b904770061dd4c45e5e70721be774b7bb15fe135a6e8f40b772aca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 15174
etag: W/"90bd-190302a6090"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dcba95b-SYD

GET
H2 200 f65e020.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 82 KB
26 KB 24ms
23ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/f65e020.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b229c18625c8d31b4098338e4091fff498e75e1e2b9fb9da27ddf5694a02ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282941
etag: W/"146ba-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dd2a95b-SYD

GET
H2 200 a948464.css
www.bitdefender.com.au/blog/_nuxt/css/ 1 KB
500 B 26ms
25ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/a948464.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

831b25d2cf0066937657444e6d8366c0e51af9ac0989def0613358d48bd45b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1322593
etag: W/"432-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dcca95b-SYD

GET
H2 200 9ddf21a.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 49 KB
14 KB 26ms
25ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/9ddf21a.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a26e14b1b246588c6f3a84848053a90c1e10ae6842cd9179150345f4636ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282941
etag: W/"c4ad-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dd3a95b-SYD

GET
H2 200 6e55ef7.css
www.bitdefender.com.au/blog/_nuxt/css/ 114 B
176 B 26ms
25ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/6e55ef7.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6692354a1d9a4d531832e922f7e86a9e80f24562572c9dc7614a71fe5145b266

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1322592
etag: W/"72-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dcda95b-SYD

GET
H2 200 160a24f.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 767 B
560 B 25ms
24ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/160a24f.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6525da7539785be701b524157b29e52b07b7d42af5c528103c8ddb47c4c57932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 13541
etag: W/"2ff-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20d79dd4a95b-SYD

GET
H2 200 cc.js Show response
consent.cookiebot.com/4a55b566-7010-4633-9b03-7ba7735be0b6/ 378 B
605 B 352ms
351ms Script
application/x-javascript 23.32.5.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/4a55b566-7010-4633-9b03-7ba7735be0b6/cc.js?renew=false&referer=www.bitdefender.com.au&dnt=false&init=false&culture=en_US
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-5-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: faa2d073082188a0039399a9f374a523a9f3750ae9f1d2599ae63b27a860b149

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=60
cross-origin-resource-policy: cross-origin
content-length: 368
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 / Show response
www.bitdefender.com/site/Main/TagIT/newsessioninit/ 33 B
1015 B 1363ms
1362ms Script
application/javascript 172.64.147.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/site/Main/TagIT/newsessioninit/?callback=&l=en&ch=1719079128

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.169 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fceba08a6bbdf2598e8f6d43e71b51854337da5f880c3fff252a25b9cd10b6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP="NOI ADM DEV COM NAV OUR STP"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 897e20e0293ca7f5-SYD
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET widgets.js
platform.twitter.com/ 0
0

GET
H3 200 image-png-Nov-07-2023-09-05-01-8615-PM.png
businessresources.bitdefender.com/hubfs/ 471 KB
472 KB 40ms
40ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/image-png-Nov-07-2023-09-05-01-8615-PM.png

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b550b03b688b2f4a310525cb12c7b0e5097968f9c8850b6cf7698c7027b904d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-144382387037,P-341979,FLS-ALL
age: 154749
x-amz-request-id: SB1TRJQVJQ9E4VCA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-144382387037,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="image-png-Nov-07-2023-09-05-01-8615-PM.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "b8e8f240291371fd95e67c69f3b14f51"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699391101861
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:47 GMT
strict-transport-security: max-age=31536000
via: 1.1 cb712125c0a106eae5fd0f1f475a2270.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: P3ZToaxEfmn1VvFFe20q_zCK9VpxMB26
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=870704
x-cache: Miss from cloudfront
cache-tag: F-144382387037,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 482086
x-amz-id-2: JRWghvd3qTNa2AdqnK2G7hlgbR10HacNtFYO7j5LgdKsM/OeihTsLVV5Ea43JQlGjwjWWl1MTV4=
last-modified: Tue, 07 Nov 2023 21:05:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bseT6SNiG7gj91S0UkiDv%2BjpKTxTUHC44L5elHgDc039BThNlywt4yW%2FnD%2BFB3mxEPuhVh79DeUAGlp%2BhiOt6qpMw%2Big900IwFeUkzifM57fJx8j9WhbS2Frq0ipSE8vaxfjC4LrZgzfKWb9l2pgdj4rTA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20e069e07e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: r2_EcfnPkzUFPyGq2HrvP74_8H_1dm34LON8aQ66tzMONDuvkm0s2w==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719079127124
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719079127124

965 B
1 KB

209ms
209ms

XHR
application/json

23.23.225.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719079127124

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

23.23.225.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-225-172.compute-1.amazonaws.com

Software

Resource Hash

c6607770413c62ed35f3095f96291d64d3a0554f1d1a9e96881ae037f2489474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v060-04a2af684.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sat, 22 Jun 2024 17:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: CTtgjeASRmA=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 552
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v060-0307dddc6.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sat, 22 Jun 2024 17:58:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dZkkUQ24S0w=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&d_nsid=0&ts=1719079127124
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 35 KB
13 KB 12ms
11ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:30 GMT
server: AkamaiNetStorage
etag: "964f8cb588092ac645368e7307eb73ac:1709578290.803919"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12938
expires: Sat, 22 Jun 2024 18:58:47 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/ 3 KB
2 KB 12ms
12ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
last-modified: Mon, 04 Mar 2024 18:51:31 GMT
server: AkamaiNetStorage
etag: "9cf185793291692f744c78c75da01dd8:1709578291.795602"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1599
expires: Sat, 22 Jun 2024 18:58:47 GMT

GET
H2 200 RC50ea5341704e40ab9332a85e7d603ff0-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 1 KB
735 B 6ms
5ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC50ea5341704e40ab9332a85e7d603ff0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 583cabf7f2229d895c7db724e90d84ab6a7c9dd29660c487ca4ef529eaca9f02

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 473
expires: Sat, 22 Jun 2024 18:58:47 GMT

GET
H2 200 RCdf53f36ada0443f383014b28992e7a3c-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 60 KB
24 KB 7ms
6ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RCdf53f36ada0443f383014b28992e7a3c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a78c9f43dc3bd6f5fd515c9bb4b5f9a902d3352897674ca4b2f36a065cef1da2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 24043
expires: Sat, 22 Jun 2024 18:58:47 GMT

GET
H2 200 RC408cde3d6bbb49f4a45d50fdd0c881bb-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 4 KB
2 KB 6ms
6ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC408cde3d6bbb49f4a45d50fdd0c881bb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ec4d2d21dd008135647d484526d98d4ac5700f623162536aac2c381bad26c15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1531
expires: Sat, 22 Jun 2024 18:58:47 GMT

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 6ABA 0
0 318ms
3ms Document
text/html 23.38.128.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.128.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-128-171.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 17:58:47 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sun, 22 Jun 2025 17:58:47 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1719079127501_386003006_574014116_27_918_1_4_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 329ms
11ms Script
application/javascript 104.16.79.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.79.142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
x-amz-version-id: yFTRQFC1g6ZpuTIoktepwBCyrzt6F_8h
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 16
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16706/bundles/project.js&cfRay=897e207e1849573e-SYD
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 5e8245e5-343a-427f-a6b3-e23af5c5d1b3
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5e8245e5-343a-427f-a6b3-e23af5c5d1b3
last-modified: Fri, 21 Jun 2024 14:34:54 UTC
server: cloudflare
etag: W/"d5ed42fdc505d7812288ee600abec355"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-zrgzf
cf-ray: 897e20e2feb0aad1-SYD
x-amz-cf-id: JZzzm0Q9HircjRmzDKE2AsHlJLjw7OlLzgfBNNx4C347c03DN2T1Mg==
x-hs-target-asset: conversations-embed/static-1.16706/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 333ms
16ms Script
application/javascript 104.17.128.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.128.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
x-amz-version-id: 7Zz_oLsqoY3yHsxt9nM5YRwsj1MKwqFV
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 85
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.565/bundles/pixels-release.js&cfRay=897e1eccaa40a93e-SYD
x-cache: Hit from cloudfront
x-hubspot-correlation-id: be331b06-4bda-4f8a-975e-fde136eac85d
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: be331b06-4bda-4f8a-975e-fde136eac85d
last-modified: Tue, 18 Jun 2024 12:46:30 UTC
server: cloudflare
etag: W/"b233ea75981268a81228cd819e8fd5eb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-jxxbv
cf-ray: 897e20e2fb376a5d-SYD
x-amz-cf-id: qGLFQguHFnsMs_HEgD2xBQc0YkFjGSW8AYayvV_Fm6uamwdJsW8EXA==
x-hs-target-asset: adsscriptloaderstatic/static-1.565/bundles/pixels-release.js

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 558ms
237ms Script
application/javascript 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab1fca31f7e7a89c198881e69c42c6bb3578b7d55f2cee7463b96360feaf7eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1194/bundles/project.js&cfRay=897e20e30c12a96b-SYD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"50f2e99c1f025777ca05bdae3cfcf91d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1194/bundles/project.js
date: Sat, 22 Jun 2024 17:58:47 GMT
x-amz-version-id: MDb_7hFyElKIrRJmReYAEj96Es7nef4a
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 0f5c17d0-5b77-4846-b352-2f6791874eb8
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0f5c17d0-5b77-4846-b352-2f6791874eb8
last-modified: Thu, 20 Jun 2024 14:37:30 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DtAA%2FQw%2BF%2F45vwaphArrN74CfLxQgaVIrygtuJDCSJvR8TTqhzAACv858NkR%2F%2FaPZqEwtObUeb%2F7NRLOlP6jO4S5hnJ2Y7jhpQbq0NY50zfQFdYnH1vJq4%2Bs28nzbkid"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-jxxbv
cf-ray: 897e20e30c12a96b-SYD
x-amz-cf-id: a0i2JloXlxMPKEly58VgtnoOKkqd8jfXA9E6wa0STEEFN3ufD9uPIg==

GET
H2 200 341979.js Show response
js.hs-analytics.net/analytics/1719078900000/ 68 KB
24 KB 617ms
250ms Script
text/javascript 104.16.160.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1719078900000/341979.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12a0adff1e747becb97843abe35079449a0503669f2676b1cc1071e605c551e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: D6558ZEPPFWYEMVK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 53aeb9f1-79b7-4d57-96b9-e2d0b1d95603
x-envoy-upstream-service-time: 28
x-amz-id-2: I8BLwj3M2nXu6z5L8aZb0iVf6Sb7RewmSbeHta87SSUWLo5dsIkC52Zbl6l1rR1OqIlZztXEkA0=
x-evy-trace-listener: listener_https
x-request-id: 53aeb9f1-79b7-4d57-96b9-e2d0b1d95603
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 21 Jun 2024 21:00:07 GMT
server: cloudflare
etag: W/"ab7cc4f0ff9ee75037e3c846f8f4c601"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-762px
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 897e20e34c62a947-SYD
expires: Sat, 22 Jun 2024 18:03:47 GMT

GET
H2 200 341979.js Show response
js.hs-banner.com/ 64 KB
19 KB 1020ms
654ms Script
text/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/341979.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42aae2fedb7d28450f675df260a414800b1edb4a07746f5b06ca7402b45c62d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
x-amz-version-id: JoLp8dnSdKx8T6sgcYIr6h4YJgD4ueJg
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: VT8XP9K0WBYTWQ1P
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6bbb3b78-7a89-495f-91c5-d3aac9b0fe9e
x-envoy-upstream-service-time: 22
x-amz-id-2: Fvv92Bp08Y4r/zHU6TB52y5U8Pb4GZsdi8PI6qOP/iIgLavG7EGXVJZR9mHkMecm0rDJoHb8ejpIqUhcWay2YgEc2I1mSo30
x-evy-trace-listener: listener_https
x-request-id: 6bbb3b78-7a89-495f-91c5-d3aac9b0fe9e
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 20 May 2024 14:39:21 GMT
server: cloudflare
etag: W/"16ba22fe5a5c02e7fcbde59df22cae99"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.bitdefender.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 897e20e349e7aacf-SYD
expires: Sat, 22 Jun 2024 18:03:48 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 333ms
13ms Script
application/javascript 104.18.137.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/341979.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.137.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
age: 71971
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js&cfRay=897743c56b47a883-SYD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"be45bdb720f44c8db4ee42bc228ff2a8"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1355/bundle/main/lead-flows-release.js
date: Sat, 22 Jun 2024 17:58:47 GMT
x-amz-version-id: HLkmxotJV8gQ_mnvhNwLT9fnVmh1uWjb
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3a023020-2ff3-43f8-9183-2a68004c41a9
x-cache: Miss from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 42
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3a023020-2ff3-43f8-9183-2a68004c41a9
last-modified: Thu, 30 May 2024 10:22:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray: 897e20e30fb2a941-SYD
x-amz-cf-id: jGEpnBJCZm951ZtCiM47Wpnm7ywJYAyuei-Ph_K-VfrKbEdZQ9epSA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/ 26 KB
9 KB 339ms
24ms Script
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe13fe0388b45529b8c11007bfc3c4c42e9888a95987a9d2d9165ff61051ca41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 19977
content-md5: 3ZTWH6GMA8w/57XsT8+IAw==
content-length: 8745
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 12:15:09 GMT
server: cloudflare
etag: 0x8DC80A226786113
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c92c494d-001e-000b-188b-b2591d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 897e20e31dd4dfb9-SYD
expires: Sun, 23 Jun 2024 17:58:47 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 472 B
975 B 313ms
299ms XHR
application/json 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=KwSda5imnkvOJSjeABR2uSSyEJq5IADxsKfkTanK&page=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&referrer=&page_title=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&src=adobelaunch
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-54.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 8644fd399f6a5ddbdb92bfdc83a966a02d1be5c4c34990dc66d25916c021df2e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:47 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 dff94781894736c12dbb6eb4e456a898.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: 4adc69c7-0b7b-4a09-a349-8cd8b2b7ab37
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TVlz3NkH0LbQMtJLPK5v7coUuhif3tJ07Jwe9squRD5tDYwejY_W6A==
expires: Fri, 21 Jun 2024 17:58:47 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 236ms
231ms Preflight
text/plain 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=341979&conversations-embed=static-1.16706&mobile=false&messagesUtk=6113461838724f88ab4299d090fed4e8&traceId=6113461838724f88ab4299d090fed4e8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.bitdefender.com.au
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 897e20e32c3da96b-SYD
content-length: 18
content-type: text/plain; charset=utf-8
date: Sat, 22 Jun 2024 17:58:47 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8F6VdeM3WRSNPe0OnBXMbeB2i9noIitrF%2BYXguc11Sd5FGSVRVHyCmrfkL4mpooKTymVq31lrkB0woAU1dUac9DxYecBTR9zf01UV%2BbAHROybdIlVaUCiU5Sx0saccrAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-jdjql
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2bfffbca-366f-4b82-a6e7-9f95f04f0806
x-request-id: 2bfffbca-366f-4b82-a6e7-9f95f04f0806

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 351 B
1 KB 234ms
234ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26decf869d35389aee658f487ff614dabb9078b6e4fefa92c72379390aea58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8eeaccf3-c9a2-4f0d-bc34-feab3e56c381
x-envoy-upstream-service-time: 7
content-length: 267
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8eeaccf3-c9a2-4f0d-bc34-feab3e56c381
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-bdtfn
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Zyx8yGSoUyD3pBHXyTupoC698q0Dt1zuv6nXNIncyg3ZHj526oSZOg5yYG4Ux2kqbbTKV3dYzbuz5zjeu6dVPqqkdFrJLgPrDl69s4%2BNn6N%2B77GyIY1f0UZOc8wxhirfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 897e20e49d05a96b-SYD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 e20c9587-7d17-4f35-85f7-38c1eb9c3478.json Show response
cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/ 7 KB
3 KB 330ms
23ms XHR
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/e20c9587-7d17-4f35-85f7-38c1eb9c3478.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6c23ed876dffc288ff16cfb9fb7b3a83364285a813a571e14c2226370efdb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 17:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 77915
content-md5: 5E95aJztTrRC6nbvQwl4HA==
content-length: 2005
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 12:15:09 GMT
server: cloudflare
etag: 0x8DC80A22632D7AF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d3cf9483-001e-0000-6a8b-b24169000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 897e20e54ad8555d-SYD
expires: Sun, 23 Jun 2024 17:58:47 GMT

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 108 B
1 KB 239ms
231ms Fetch
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=341979&currentUrl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9be78728-de36-4138-9743-ce02bb0c0b74
content-encoding: br
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9be78728-de36-4138-9743-ce02bb0c0b74
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj343CvVhVw1IHg1Wd%2BXOwrmK0NwcUVl2a%2FERm013HWPfZxuqkRY%2F9%2BrktE%2BLbz2d3ObhTiZnuhf%2BHbHZcHzeedlSNbx0mtPDYC94X8CJrL6vNsqO8Q8YNpzCAEcbmsPhN%2FG5bYER67s%2FJj2y%2BM%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 897e20e49d06a96b-SYD
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-xtlwj

GET
H2 200 domaingroupcheck Show response
cookies-data.onetrust.io/bannersdk/v1/ 16 B
84 B 28ms
27ms XHR
application/json 172.64.155.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469ab758cfe6a8ac93cda5872ca28655f6f874a2f6cceafa710fc01f52fc787d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
location: cdn.cookielaw.org
Referer: https://www.bitdefender.com.au/
url: www.bitdefender.com.au
domainId: e20c9587-7d17-4f35-85f7-38c1eb9c3478
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 897e20e77d9ea979-SYD
access-control-allow-headers: Content-Type
content-length: 16

OPTIONS
H2 200 domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ Frame 0
0 329ms
11ms Preflight
application/json 172.64.155.63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.63 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: domainid,location,url
Access-Control-Request-Method: GET
Origin: https://www.bitdefender.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-ray: 897e20e76d8ea979-SYD
content-length: 0
content-type: application/json
date: Sat, 22 Jun 2024 17:58:48 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 77 B
315 B 345ms
28ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept: application/json
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 897e20e9aad15741-SYD
access-control-allow-headers: Content-Type

GET
H2 200 dest5.html
bitdefender.demdex.net/ Frame DDAB 0
0 597ms
196ms Document
text/html 54.82.97.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bitdefender.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.82.97.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-97-82.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 22 Jun 2024 17:58:48 GMT
dcs: dcs-prod-va6-1-v060-0642c7f0a.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 9 May 2024 11:57:07 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: atDbGgqqQR8=

GET
H2 200 id Show response
sstats.bitdefender.com/ 48 B
467 B 636ms
210ms XHR
application/x-javascript 63.140.39.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.bitdefender.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&mid=66931271695885077533391580854570622305&ts=1719079128275

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-15.data.adobedc.net

Software

jag /

Resource Hash

eefb5babdfd73f60a8ee80582972d65d13bfa7613db17e91843944037847e47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZncQ2QAAAGvTyQM4
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=66956217165533856463393518507091718054
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncQ2QAAAGvTyQM4

42 B
716 B

208ms
208ms

Image
image/gif

23.23.225.172
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncQ2QAAAGvTyQM4

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

23.23.225.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-225-172.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v060-0464734a1.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: HK84NlM0Rfc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZncQ2QAAAGvTyQM4
Date: Sat, 22 Jun 2024 17:58:49 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
starget.bitdefender.com/rest/v1/ 354 B
849 B 622ms
213ms XHR
application/json 63.140.39.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://starget.bitdefender.com/rest/v1/delivery?client=bitdefender&sessionId=c224db9cb3ea434c8bc50c3d337a56f4&version=2.11.4

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-248.data.adobedc.net

Software

jag /

Resource Hash

47975b9118cebb02465385aeb97529e37674682ea6cfc8b15da100c89d472e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 6139c2fd-85de-4d60-b2e1-047c75acddd9

GET
H2 200 rules.json Show response
assets.adobetarget.com/bitdefender/production/v1/ 373 KB
31 KB 1247ms
735ms Fetch
application/json 104.68.24.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobetarget.com/bitdefender/production/v1/rules.json
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.68.24.142 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-68-24-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9cb4eab4bada7c1acc0e15585f6c8207d7ea4630985d54dd18f6655c15ba5982

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8c7V987ZRvj_odJMENHT0b4ikEaaRKMT
content-encoding: gzip
date: Sat, 22 Jun 2024 17:58:49 GMT
x-amz-request-id: E2EZTVN65MZ7XSKN
x-geo-region-code: NSW
x-amz-server-side-encryption: AES256
x-geo-country-code: AU
x-amz-replication-status: COMPLETED
x-geo-longitude: 151.22
content-length: 31202
x-amz-id-2: KDS2Jd1CrWi1klOubm5KMqDvVBNLgKhSPAvYRTgz41kzHXmdBe4KJ8GvUw5t1LV6WPd2qtJepoqnFyjaOMVAHLbp3fyVZ/L5PUjkt7nzGf8=
last-modified: Thu, 20 Jun 2024 13:23:07 GMT
server: AmazonS3
etag: "95c9713a93af9346907d42a9a682f521"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-geo-country-code, x-geo-region-code, x-geo-city, x-geo-latitude, x-geo-longitude
cache-control: max-age=60
x-geo-city: SYDNEY
x-geo-latitude: -33.88
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
927 B 243ms
229ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 55ecd0de-6765-4ad7-b082-1d07d49c37e2
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 55ecd0de-6765-4ad7-b082-1d07d49c37e2
last-modified: Sat, 22 Jun 2024 17:58:48 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-2gsfg
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 897e20e7d9e9a86e-SYD

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 186 B
1 KB 572ms
255ms XHR
application/json 104.18.242.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=341979

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.242.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc0d1858bc1e2eab3856936743cda081ee0cf36b11db4b6aa8e52ef7e287d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c779b2f7-cde4-43f2-b496-827cfcfea95f
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c779b2f7-cde4-43f2-b496-827cfcfea95f
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-7dd59b876-zbxnk
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTmbjdvVU3%2B7WnoQfFxPsW8puNHE3l4OIYT4vf7ZC5q8ZUDnFwL7yqwnWYLFtzrIpL3Mr3H1XkhuAQl%2BhDGhvkuYU3E57DM30MtqXCg3QpNhAz0xDdAO9UDnQMHGWUlE"}],"group":"cf-nel","max_age":604800}
cf-ray: 897e20e9cd16a7ea-SYD
access-control-allow-headers: *

GET
H2 200 5aa83bb.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 16 KB
6 KB 19ms
19ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/5aa83bb.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51650ac373686a9997b9f3d1ac9bc9ed87ab5e3e6ef04a3187096845958523b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282938
etag: W/"3fc7-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20e8783ba95b-SYD

GET
H2 200 0d8c257.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 36 KB
11 KB 20ms
20ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/0d8c257.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

944099178c8f3de174ef7412e4f9d088aed243ddb9108b7a0ea23d46668afbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 282938
etag: W/"90ec-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20e8783ca95b-SYD

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 482 KB
157 KB 692ms
372ms Script
application/javascript 104.18.142.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/9ddf21a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=897e20eadb305d25-SYD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Sat, 22 Jun 2024 17:58:49 GMT
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e604ff44-2fc6-4151-b607-0ee1a9ff6a38
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: e604ff44-2fc6-4151-b607-0ee1a9ff6a38
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FC1NqW6yXyJlZ9IkOqU4mF8ropweg9sf6u0akfekbm4aEioofVCo2TzUtY7LUjB6bcDYnAU8wfz4%2BMD7UcuG03PSzgshtTgNedXpTPviCusOODKWMv%2B51jtMs1Z8X9%2Fh"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-65f7f7c749-2hwf8
cf-ray: 897e20eadb305d25-SYD
x-amz-cf-id: ecX3Ad5ubNZ3H-XZyzKXITILlAzQr3K7hVWH99Ush-gHrJrY_e4aTw==

GET
H2 200 / Show response
geolocation-db.com/json/ 153 B
263 B 1032ms
281ms Fetch
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f65e020.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f745fd0542aee5f49ecac8a7e8b38a7e9445bf0f891699121a23f02964f9eba5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 523ms
121ms Script
application/javascript 172.217.167.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4af9f5d9363d807f550bb635f0839596ad3edf4ed7b24defd8a758b9fb23f491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79709
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 17:58:48 GMT

GET
H3 200 IMG_6622.jpg
businessresources.bitdefender.com/hubfs/ 183 KB
184 KB 38ms
38ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/IMG_6622.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3d0e01677feadbc19d661d9910328561fa9b3fbc0427d4b17906adb7cc8471

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-103881847921,P-341979,FLS-ALL
age: 552663
x-amz-request-id: 7PQPYGHAG5RWGEKT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-103881847921,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="IMG_6622.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "25d8f84d74318c9b21c0eb13090142fd"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1677187455379
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 75109f22d44404e68915a641fc09f102.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G8j4q1.PKdffk_HnCG8BwBfMPLFJEg6y
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=644891
x-cache: RefreshHit from cloudfront
cache-tag: F-103881847921,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 187074
x-amz-id-2: +L/oXB/F8KAzKUTTDfmJEe85RrwiGek9ZLr+9unKkQAlCCASUMiJZLk4T0ESLrczmeDFbmgq0V4=
last-modified: Thu, 23 Feb 2023 21:24:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pp8YlyW3ySjPZWMnyRk1MrTyemfDyVb9mNeRdOiz56Xm21vsiIroYaMH%2FXJu3KINCJHqMYpgBj6HpIsvioXVSMMe%2F1aPkeD4%2FskB3HpZq2huwfhUffsg1VLi6no3c0Ca8Ycc9o%2F7%2BV8R9CGmOW6SQDP%2BeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20e91ea17e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: C9jxGbL_uzylLg9dijJmWI2Vl9XzLcPB2mylObOAvjVsZv5PwrIC2A==

GET
H3 200 pexels-cottonbro-studio-5483064.jpg
businessresources.bitdefender.com/hubfs/ 757 KB
759 KB 44ms
43ms Image
image/jpeg 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/pexels-cottonbro-studio-5483064.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f98201416864cc4b68732366a13b61a9fca087a2ed0e1ec8c657b89ad1b9fdb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-149184068928,P-341979,FLS-ALL
age: 800654
x-amz-request-id: J7VGB5NMBCZJHKW7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-149184068928,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "5fb71b6301b9b55d579b7ceced535108"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1702064322912
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 f21e2ffc4473de4703e807b6f2df3d0e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3NbTNETsHUoSCPjkM7rVO9Bl5C6uWei5
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: origSize=778468, status=webp_bigger
x-cache: RefreshHit from cloudfront
cache-tag: F-149184068928,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 775306
x-amz-id-2: G/qixM3RCpawYDcik6FrGTTeWdUVGPxxfGh0HNdIyAIe9BZhOLXR+RSZqXgbWJiTgbEXC/w/fg8=
last-modified: Fri, 08 Dec 2023 19:38:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJpfJJLGaFBxeI8tWgN%2FbBBkPK%2FRStFQ4aJbV0F0ODnd5ZtBbQY98QXQy130IC7oU2oe7SxuOx2yJtu0lKR8peh%2BqgJUqSq%2F4SP6KfnTm8l43VsUDFE2H%2FJMQaZNpc2zQKCZJsKedGdqAP5du4ouhWIaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20e91ea37e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: cqA2Ze8nwssUOfuZuGDeE8gFmVEMJCH8ej8GXkzz9buTOhol7VnANQ==

GET
H3 200 BSG_Survey_Blog-2.jpg
businessresources.bitdefender.com/hubfs/ 77 KB
78 KB 35ms
34ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/BSG_Survey_Blog-2.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ad847e598b98652e25e9a59e9ae0d3bc134007579a9caeec0c1dcd7eb48447

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-108351114338,P-341979,FLS-ALL
age: 622441
x-amz-request-id: G3MJM4TX9A3M9W6M
x-amz-server-side-encryption: AES256
edge-cache-tag: F-108351114338,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="BSG_Survey_Blog-2.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "e598f8d5225078d68205e5a23608b784"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679947808530
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 c8c3180933886633be93f042334d6e12.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: S_A1jeZpirBC0cjx2E_a209LvlKEO0pn
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=512083
x-cache: RefreshHit from cloudfront
cache-tag: F-108351114338,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 78784
x-amz-id-2: visovcbs/DnYSsejvyVtD7dhWW5fNWQ7L08dL9M2TBNlk8q1I/UAG2yXLKiuFPhHsOhG3PIgPmk=
last-modified: Mon, 27 Mar 2023 20:10:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7puLNUo92wZmTY1DKkm3VGi4arhOW25BlwLa9xpYzQo9MmJD%2B3T6adxXnyt6pLn5PPkVom819TVvV%2FgUSMBhQMNp29HOE%2B7nlVPY8DLCcd9hVSrpVzC56VTN%2FoepmSjTsTNIKoVdU%2FZyY89J%2Bf%2Fbo%2Fd8w%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20e91ea47e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: iwDwlwvzD2tjqwPCFljbNLESzK_iD0CFL_oz3TPzHI5YTUIWyTVkvQ==

GET
H3 200 3CX.jpg
businessresources.bitdefender.com/hubfs/ 62 KB
64 KB 42ms
41ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/3CX.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

159453401c68cee218a8af0d1864ac09ade311641d6b6022e01004a9fa164dd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-109048266260,P-341979,FLS-ALL
age: 551648
x-amz-request-id: B6KBSTM8Z95C8TFA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-109048266260,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="3CX.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "77dd89e158431efbfab92c9d3e205d51"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1680282819012
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 18225112e7d56a947f23d8abfccd5d3c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: E6ikASKr0QNzMUC59LqqBIPz8IDHMHtU
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=446885
x-cache: RefreshHit from cloudfront
cache-tag: F-109048266260,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 63858
x-amz-id-2: oo8OGcr86tj/MNTpiXIIIoe+HQoXD6FTEabHXPIFcQF+KAZAVds8v5K+hCLx7Bb68AfaRpJrRE7awtSLV62ImUz6qIKB7ygC
last-modified: Fri, 31 Mar 2023 17:13:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51yssSJpHg2fVkqQWR5keOWcdSTnUVbK%2Bvp8vgU4RAhQYLsp4J7le1zVuvLJRirPRGPSg5djtURIVzJOzns9UrVD9dt9NRDCQN6BEPrPjU9GVoJ7lK5zU4Zm53LeJYYvtf7iclQD3yj1TW%2FG5QbqFUSGGA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20e91ea57e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZWJyEgop0gciAI3At0ImxWMgP_zCptuYLrbDz8WLUfCGb-xnFYAaJQ==

GET
H3 200 US_CyberStrategy_Josue.jpg
businessresources.bitdefender.com/hubfs/ 23 KB
25 KB 40ms
39ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://businessresources.bitdefender.com/hubfs/US_CyberStrategy_Josue.jpg

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aed280416005df8902253b020bbf3a7a47fc8ffc9a4e6764c11ec96c2079ef3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-105637398372,P-341979,FLS-ALL
age: 800654
x-amz-request-id: AYPBD3XKRZC91CDY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-105637398372,P-341979,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="US_CyberStrategy_Josue.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "83cbcac3ab5544154a404db9b840e4ef"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1678298540243
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=31536000
via: 1.1 5ec31a807b3a12da1cd448f2e2805d3a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: S61E9Tsgo5K3grpbyUOdN3N78FXMFL0G
x-amz-cf-pop: SFO53-P1
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=273354
x-cache: RefreshHit from cloudfront
cache-tag: F-105637398372,P-341979,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 23906
x-amz-id-2: vA21JHnmfnNC8bqxyif0FovXP5MuPRP7gBEzVSgnr48/zvVh1ygryz574xPVVmFZ3ILcoi/Lhv8ykjKTYMCUqw==
last-modified: Wed, 08 Mar 2023 18:02:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3OGPhavyxe5kwE0MCk0EZ4AczylrDv6Jm488aJxJSk096ttw38KEJ%2BW0s9vcrRvVm0yEfDllxLqzlD7NhOUQRzfDaPAR2yespeDBWCDGDy%2Bc8ChAMNWhBtzniYEG%2FZxp5WrOt7BLPdxJQiwbqrIQKVUhKA%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 897e20e91ea67e3f-SYD
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: 0QHOvtr5uMN_XQeyh1GPe-5Ye5z_S0lutqEGZUgnBSZnBNfhtjMuBA==

GET
H2 200 / Show response
www.bitdefender.com/site/Main/TagIT/getparams/ 53 B
534 B 376ms
376ms Script
application/javascript 172.64.147.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com/site/Main/TagIT/getparams/?callback=TagIT_getParams_callback&callback2=&l=en&ch=1719079130

Requested by

Host: www.bitdefender.com
URL: https://www.bitdefender.com/scripts/TagIT.v1.min.js?v=43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.169 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33f4a3188e5bd3946bc65cba66db7f0400a6c149acc208b4b46640af86858f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP="NOI ADM DEV COM NAV OUR STP"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 897e20e91e6da7f5-SYD
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cf43f35.css
www.bitdefender.com.au/blog/_nuxt/css/ 279 B
235 B 20ms
17ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/cf43f35.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f2069e4f379291c013b2ac6b33c3770c98737524f80ccdfca1ea8586169622e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1322523
etag: W/"117-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20e9589ca95b-SYD

GET
H2 200 510fe6f.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 50 KB
13 KB 19ms
16ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/510fe6f.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625d3873eed4ef3d241348f9b4d9f873ff4a9b05374d1687a2abf64394d9c313

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: HIT
age: 5476
etag: W/"c7da-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20e9589fa95b-SYD

GET
H2 200 b8b5ed9.css
www.bitdefender.com.au/blog/_nuxt/css/ 106 B
175 B 21ms
18ms Stylesheet
text/css 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/css/b8b5ed9.css

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2207e1dfdac97cdf65dce070c145d2f8251b726777b5073bb79308e69e1a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 31 May 2024 15:04:27 GMT
server: cloudflare
cf-cache-status: HIT
age: 1322523
etag: W/"6a-18fcf2e4478"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20e9589ea95b-SYD

GET
H2 200 d151db6.modern.js Show response
www.bitdefender.com.au/blog/_nuxt/ 43 KB
12 KB 1367ms
1365ms Script
application/javascript 172.64.150.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitdefender.com.au/blog/_nuxt/d151db6.modern.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/_nuxt/f2cd31a.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.150.107 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68f9468c49f0963770c8053ff5342f80d1365eba47c8cc45746146e7d0721ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 19 Jun 2024 11:03:22 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"abe8-190302a6090"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 897e20e958a0a95b-SYD

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/ 450 KB
109 KB 14ms
13ms Script
application/javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1efbc0b6cbcc4cd357af84f294673258064a1d7cd74dcbd46c49d4a06fddcb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pbkzFb84/2JLGlYwK3wr3Q==
age: 28193
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 111556
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:19 GMT
server: cloudflare
etag: 0x8DC89E03EC9A159
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8e41ddfa-f01e-0051-348e-bc5f9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 897e20ebcb2bdfb9-SYD

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 327ms
3ms Script
application/javascript 104.99.59.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.99.59.34 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-99-59-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:47:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=12263
accept-ranges: bytes
content-length: 14004

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/018f0b3a-ce81-74b0-b8c3-084a25974ad4/ 130 KB
27 KB 20ms
20ms Fetch
application/x-javascript 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e20c9587-7d17-4f35-85f7-38c1eb9c3478/018f0b3a-ce81-74b0-b8c3-084a25974ad4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e086eb01f206971454c351b5a75ad5c0fe691bc1ee6796691812bf90796780f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 18391
content-md5: ZXTWoQ5UsRsFIahqgi/9Qw==
content-length: 27907
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 12:15:51 GMT
server: cloudflare
etag: 0x8DC80A23F9A1064
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c95d8b99-001e-0066-6e8b-b2f333000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 897e20ec0cdc555d-SYD
expires: Sun, 23 Jun 2024 17:58:48 GMT

GET
H2 200 s35534165084471
sstats.bitdefender.com/b/ss/bitdefenderproduction/1/JS-2.26.0-LDQM/ 43 B
225 B 212ms
212ms Image
image/gif 63.140.39.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sstats.bitdefender.com/b/ss/bitdefenderproduction/1/JS-2.26.0-LDQM/s35534165084471?AQB=1&ndh=1&pf=1&t=23%2F5%2F2024%201%3A58%3A48%200%20-480&sdid=122708EF41D01C33-4AD6BB9A9569AD1A&mid=66931271695885077533391580854570622305&aamlh=7&ce=UTF-8&pageName=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&g=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&c.&inList=3.0&apl=4.0&getPercentPageViewed=5.0.2&handlePPVevents=n%2Fa&p_fo=3.0&.c&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&ch=blog&server=www.bitdefender.com.au&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=businessinsights&v1=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&c2=enterprise-security&c3=hive-ransomwares-offspring-hunters-international-takes-the-stage&v3=D%3Dc8&c4=production&v4=D%3Dc9&c5=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&v6=D%3Dc6&c7=en&v7=D%3Dc7&c8=22%2F6%2F2024&c9=01%3A58%7C01%3A00-01%3A59%7Csunday%7Cgmt%20%2B8&c12=undefined&c13=highestPercentViewed%3D%20%7C%20initialPercentViewed%3D%20%7C%20foldsSeen%3D%20%7C%20foldsAvailable%3D&v92=D%3Dc5&v100=%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3Awireless%3Ahotspot&v101=%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29%3A%28non-company%20visitor%29&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0E920C0F53DA9E9B0A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.15 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-15.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 23 Jun 2024 17:58:49 GMT
server: jag
etag: 3691694319808512000-4618281612373563329
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21 Jun 2024 17:58:49 GMT

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 24 KB
4 KB 18ms
18ms Fetch
text/css 104.19.178.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.178.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 9eusssrwoAzVOVsIadvhfQ==
age: 18391
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2024 06:32:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d81c273f-801e-0011-5ffa-bb7672000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 897e20edad4b555d-SYD

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/341979/6296aa14-482c-4e42-9095-8e693b5f4caa/ 19 KB
5 KB 249ms
234ms XHR
application/json 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/341979/6296aa14-482c-4e42-9095-8e693b5f4caa/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada096cd244d4658781440607e973a343e7fd0999ab45d87909fd9534e22f2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: eacb522d-f4f6-4ff4-acf8-ce031cffdb7c
x-envoy-upstream-service-time: 14
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: eacb522d-f4f6-4ff4-acf8-ce031cffdb7c
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 897e20edfb82a965-SYD
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-ptpxr

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
102 KB 127ms
125ms Script
application/javascript 172.217.167.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D4JK29RRG4&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

36954943f9b075915f39efcd7743627a0852a593bfe76602cdc0bc664f11f36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104058
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jun 2024 17:58:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
105 KB 218ms
217ms Script
application/javascript 172.217.167.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fbc05ad16a8a088f7ba2560317767a30d0a9e001c1881242148037ba93ac43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jun 2024 17:58:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 215ms
214ms Script
application/javascript 172.217.167.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-5165113&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c9105f4f56a528699b55b733a109fc44757a51cc101b0ffcb40b297c9e5d5261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93249
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jun 2024 17:58:49 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 25ms
2ms Script
application/x-javascript 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E78A) /

Resource Hash

568fab9461aa2db7d46ebe579172321147272063db4ac8f85e2c7b3c1e9cfbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 20 Jun 2024 18:44:29 GMT
server: ECS (nwa/E78A)
age: 74224
etag: "589c29e241c3da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H2 200 RCedebf5fbc0cd4a1281ee85acef62b538-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 870 B
754 B 7ms
6ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RCedebf5fbc0cd4a1281ee85acef62b538-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7eba0a323a7b7b65aa07526d2c2ed096f4632babb1afc1b6c6dd91d9cf66700

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 492
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
766 B 182ms
167ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:48 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1FEDD78C94B04948A49C17C016DCD7BD Ref B: SYD03EDGE1117 Ref C: 2024-06-22T17:58:49Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbfkzZOdm3Lo6K6XTpvg==
x-fs-uuid: 00061b7e4cd939d9b72e8e8ae974e9be

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-ta...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-ta...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D359890%26time%3D1719079129304%26url%3Dhttps%253A%252F%252Fwww.bitdefender.com.au%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-ta...

0
385 B

214ms
213ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true&liSync=true
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 62C83FD2969B4E6C9D76D3ECC79A5CB2 Ref B: SYD03EDGE1915 Ref C: 2024-06-22T17:58:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbfkzpLJ8UOWVTw6dPhQ==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 17:58:49 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYbfkzlZ7BRzyB8DfvdMg==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AD90185094FE49808211A93839C9FD53 Ref B: SYD03EDGE1915 Ref C: 2024-06-22T17:58:50Z
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=359890&time=1719079129304&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 hotjar-51807.js Show response
static.hotjar.com/c/ 9 KB
4 KB 367ms
274ms Script
application/javascript 108.158.32.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-51807.js?sv=6

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-49.syd3.r.cloudfront.net

Software

Resource Hash

17d5f50e7418a0dc72153fdd8a575920588b667f199c39558fffa39fcb31bae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 22 Jun 2024 17:58:49 GMT
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P2
etag: W/046a1a5ec8f57fcdf7ba911f254abc80
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vkajTosrWcud_Jqfy2t4H0rWfQgwOHBxfgxbtT2ZDqfWbmjABCL4ZA==

GET
H2 200 RC26e86b262da1468086096378c4a2e7b0-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 656 B
687 B 5ms
4ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC26e86b262da1468086096378c4a2e7b0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d0766ae65a129cd9249a3d42aae14c7f89e2dc4a2901cdf94cc9f48148fef61b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 425
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 472 B
977 B 297ms
297ms XHR
application/json 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=KwSda5imnkvOJSjeABR2uSSyEJq5IADxsKfkTanK&page=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&referrer=&page_title=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&src=adobelaunch
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-54.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 8644fd399f6a5ddbdb92bfdc83a966a02d1be5c4c34990dc66d25916c021df2e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 dff94781894736c12dbb6eb4e456a898.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: 85100f98-f09d-4bd2-9d67-8b9b37b9a476
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ijy637SPTlGKKDIeHWWCkkgxEHy1zodjR7V8u2BzkAoYKofI6AlIYw==
expires: Fri, 21 Jun 2024 17:58:49 GMT

GET
H2 200 RCede6662f1aee40f1b292e93a62db8140-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 727 B
716 B 7ms
7ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RCede6662f1aee40f1b292e93a62db8140-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a28eb9c0b3d685e85d474a74e5a2ebd4760387395231340f740c314d0a814eed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 454
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 RC40205af83a7e4c59bb460ec5b21d0f2a-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 690 B
697 B 5ms
5ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC40205af83a7e4c59bb460ec5b21d0f2a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: af0f090ffc58f4f04cdd42ee8f94cfdea962d3a1bbc0ed4bad1b201cb05979e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 435
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 460ms
140ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 22 Jun 2024 17:58:49 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BBC24215643E4EC199D28B6161F64EB1 Ref B: SYD03EDGE1107 Ref C: 2024-06-22T17:58:49Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 RC358d92de38324995be19c9638badbfee-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 684 B
688 B 7ms
6ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC358d92de38324995be19c9638badbfee-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 793137450e10df1f5246e33a2f76bd598fdf77181b81a0e90d55921a9d1c69ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 426
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 RC8dc6bc1852fb47f2b2d2ac5e58b4a255-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 488 B
555 B 12ms
12ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC8dc6bc1852fb47f2b2d2ac5e58b4a255-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 776929cec54d2f7732640c0f1e5a459c49289ce73bbfad95fe3c437f1f6f820d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 22 Jun 2024 18:58:49 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
311 B 524ms
227ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.bitdefender.com.au/
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7CB5728070BB427E9D71C43D1E3F5C19 Ref B: SYD03EDGE1915 Ref C: 2024-06-22T17:58:49Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.bitdefender.com.au
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbfkzeTxcEXvH9NwJHaA==

GET
H2 200 A254030-1420-4f36-87b0-178a4806cb111.js Show response
d.impactradius-event.com/ 40 KB
16 KB 174ms
159ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A254030-1420-4f36-87b0-178a4806cb111.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e5434cf124c82209d101031a9fc9c601725244be89af5ea9d18cca4bb598362

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ACJd0NqFX9kKaEaAln-IVz95pSCVIcjWAMJNRPlO1gCWheok6tkupN2gmB3LcvqBspw-LbFlGw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16204
last-modified: Tue, 18 Jun 2024 16:46:29 GMT
server: UploadServer
etag: "6455283e5974e63d0ba8591378374577"
vary: Accept-Encoding
x-goog-generation: 1718729189747987
x-goog-hash: crc32c=C7BXkw==, md5=ZFUoPll05j0LqFkTeDdFdw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 16204
accept-ranges: bytes
expires: Sat, 22 Jun 2024 18:03:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 314ms
2ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 17:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=12, mss=1317, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 2GRd2SHOmke9jFxY4wU3LMz2g7kCsnf3DGteFpkYgo913uJGgF2jZc9xfAfZlANnv1tyw+SC7HZnO2lGyUfNqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 12ms
2ms Script
application/javascript 151.101.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.28.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000023-IAD, cache-syd10167-SYD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 313ms
1ms Script
application/javascript 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 RC06a0c6e9db9741c29b3fc3cc1a6db966-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 529 B
597 B 4ms
3ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC06a0c6e9db9741c29b3fc3cc1a6db966-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eb9a859b4b75e248b087ead48d90e1112b8fd091224a827775a0ee86c16c2f5d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 335
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 RC9c55e9d2d0d14090b97413df1cbd84be-source.min.js Show response
assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/ 949 B
759 B 3ms
3ms Script
application/x-javascript 23.202.168.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/5d3bc2cd0984/RC9c55e9d2d0d14090b97413df1cbd84be-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/8a93f8486ba4/62c1fd5cdcbd/launch-b77a56f2d5f1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.168.24 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-168-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d364575db314b58cf31d2d40ea325401ebe36c9ec54b0afde4f188439534c9dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2024 12:06:32 GMT
server: AkamaiNetStorage
etag: "08a415dbbf965616362551b1231bfa3e:1716984392.932324"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 497
expires: Sat, 22 Jun 2024 18:58:49 GMT

GET
H2 200 ipv
cdn.bizible.com/ 43 B
304 B 2ms
2ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=6dacdac7157646baea2a35d23e32c214&_biz_l=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&_biz_t=1719079129332&_biz_i=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&_biz_n=0&a=bitdefender.com&rnd=359339&cdn_o=a&_biz_z=1719079129333

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E792) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 21 Jun 2024 21:15:33 GMT
server: ECS (nwa/E792)
age: 74597
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
205 B 8ms
2ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=6dacdac7157646baea2a35d23e32c214&_biz_l=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&_biz_t=1719079129334&_biz_i=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&a=bitdefender.com&rnd=65566&cdn_o=a&_biz_z=1719079129334

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E78C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 21 Jun 2024 21:15:32 GMT
server: ECS (nwa/E78C)
age: 74597
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 ee38c350.min.js Show response
tag.demandbase.com/ 80 KB
22 KB 17ms
4ms Script
application/javascript 18.67.110.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/ee38c350.min.js

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-94.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

36074aa57ab395dc8e9c99b10e435ac3ac636f7ebf034da481ba7ca475a979f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: sUfhprQVdcy6sjiaTBVLR8skCyhSeFxl
content-encoding: gzip
via: 1.1 6f4ca7db93883fe5e25a91018517d110.cloudfront.net (CloudFront)
date: Sat, 22 Jun 2024 17:52:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: SYD62-P2
age: 793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 20 Jun 2024 18:03:03 GMT
server: AmazonS3
etag: W/"8b359abab87b9afbfa75b12c655e419e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: 586072MNbwen3G6FpOFocjA2NroLEo96rfYVS7PJifqOo9231MIVBg==

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/198DE47607F5EBDB/ 95 KB
23 KB 17ms
3ms Script
application/javascript 108.158.20.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/198DE47607F5EBDB/scarab-v2.js
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-56.syd62.r.cloudfront.net
Software: /
Resource Hash: 28cadabd6f2d70fe764730d4ec1ce97d1631d6fcf9c0bff198685ad8c0e4dd95

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 17:13:47 GMT
Content-Encoding: gzip
Via: 1.1 13f78fbcf1cf5a45dca12f9d22e82f46.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SYD62-P3
Age: 2702
ETag: "7a742e16122b7773702df4f7471d9760--gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
X-Cache: Hit from cloudfront
Cache-Control: max-age=3600,public
Connection: keep-alive
Timing-Allow-Origin: *
X-Amz-Cf-Id: AKq8d8yKBJR9y2MqiFKKTuxeek_JqZGOG9JfCZm0oz8Zi572se_KpA==

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
320 B 312ms
311ms Script
text/javascript 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=6dacdac7157646baea2a35d23e32c214&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.06.20&a=bitdefender.com

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E789) /

Resource Hash

7e346638c3ddb845178533789bf0b2978129a0bf34ed6cb06c74e7bf51341bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (nwa/E789)
etag: 8F390EE7
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 213

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 168ms
156ms Image
image/gif 117.18.232.195
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=6832bd29-9238-4989-bb95-d932bdd849fe&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=138c2cd5-760e-440a-a458-946bd7e862da&tw_document_href=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&tw_iframe_status=0&txn_id=o2afg&type=javascript&version=2.3.30

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.232.195 , Australia, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 145
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=0
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: e7feaea2cd2b3e5f
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 605f257f8a38764512bff5d3f4dc5d38313093797428f35e58fab490614a0b80
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 580ms
290ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=6832bd29-9238-4989-bb95-d932bdd849fe&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=138c2cd5-760e-440a-a458-946bd7e862da&tw_document_href=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&tw_iframe_status=0&txn_id=o2afg&type=javascript&version=2.3.30

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 145
date: Sat, 22 Jun 2024 17:58:48 GMT
strict-transport-security: max-age=631138519
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: fa3d2dcae1e368d2
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 2700c6775551f5c37f8cbd25c8f553041c4d505d036e69166638d488aab0cd5a
content-length: 43

GET
H2 200 sync
s.company-target.com/s/ Frame 43A2 0
0 212ms
201ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/ee38c350.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Sat, 22 Jun 2024 17:58:49 GMT
via: 1.1 google

GET
H/1.1 200
OK wploader.js Show response
static.scarabresearch.com/wpjs/ 31 KB
11 KB 15ms
2ms Script
application/javascript 108.158.32.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wploader.js?ts=2842
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/198DE47607F5EBDB/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-67.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd823e8760f4762e83ae42ec9776261729cef7cec16254a21ee5e89f8575fe79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0x2awj0RR6rMetjUbRjcwNrSJvMtI_6a
Content-Encoding: gzip
Via: 1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
Date: Sat, 22 Jun 2024 03:50:43 GMT
X-Amz-Cf-Pop: SYD3-P2
Age: 50887
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 May 2024 14:02:59 GMT
Server: AmazonS3
ETag: W/"551d83230352beb5a309b816116c6873"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: zJs0aFpoa0SrsrSLh4ISkkINKcIGK211cXMQpHRqi5PCC2KojqB-og==

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 472 B
977 B 310ms
310ms XHR
application/json 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&page_title=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-54.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 29eaa299786c710fc3ffc4c5863a5340629250153a25f878e7228e6c77725ce3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 dff94781894736c12dbb6eb4e456a898.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: 25ae6b94-2662-4e5c-ab3c-8c3da23ddce8
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OsN0SIfVc2JY9TyzezRa3bar2EYlayb8kMx75zWHwWcDqKAeq9aLaw==
expires: Fri, 21 Jun 2024 17:58:49 GMT

GET
H/1.1 200
OK wpes6.js Show response
static.scarabresearch.com/wpjs/ 102 KB
33 KB 3ms
2ms Script
application/javascript 108.158.32.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scarabresearch.com/wpjs/wpes6.js?ts=2842
Requested by: Host: cdn.scarabresearch.com
URL: https://cdn.scarabresearch.com/js/198DE47607F5EBDB/scarab-v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-67.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e916c5c4045dd8e2c17ee1ddce9dd9515c4125bc52280b39e07fb83780055c14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WShe2VjHG7xdZq.WOyX410QEaEqVAMzN
Content-Encoding: gzip
Via: 1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
Date: Sat, 22 Jun 2024 03:50:47 GMT
X-Amz-Cf-Pop: SYD3-P2
Age: 50883
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 22 May 2024 14:03:01 GMT
Server: AmazonS3
ETag: W/"075dffa80a8379a15df2704b81679ad7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: jhdijkMuquzYqK9Yy79CTw14bhrFygdqZicjEllootVCO97tZ3wTZQ==

GET
H2 200 u
cdn.bizible.com/ 43 B
85 B 2ms
2ms Image
image/gif 152.195.58.59
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=ecid&mapValue=0E920C0F53DA9E9B0A490D45%40AdobeOrg_66931271695885077533391580854570622305&_biz_u=6dacdac7157646baea2a35d23e32c214&_biz_l=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&_biz_t=1719079129335&_biz_i=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&_biz_n=1&a=bitdefender.com&rnd=34518&cdn_o=a&_biz_z=1719079129436

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.58.59 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nwa/E78C) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 21 Jun 2024 21:15:32 GMT
server: ECS (nwa/E78C)
age: 74597
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
537 B 264ms
257ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f7e6f882-b1ce-4ec6-a472-c06cde0b58a2
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f7e6f882-b1ce-4ec6-a472-c06cde0b58a2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-njspp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 897e20efac65a86e-SYD

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 501ms
100ms Stylesheet
text/css 142.250.204.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f10.1e100.net

Software

ESF /

Resource Hash

31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 16:38:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jun 2024 17:58:49 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 196ms
99ms Script
text/javascript 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_9e94dbdf_8640_4bd2_a703_ada7b88a1eaa&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

7a1c75dd02daacc70f1269cdefb7cb3a63d813c1d4e7d952606decdbaac02bdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 22 Jun 2024 17:58:49 GMT

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
537 B 222ms
222ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 87e30040-c9ef-4e9e-82d9-ee15e6aecef2
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 87e30040-c9ef-4e9e-82d9-ee15e6aecef2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-z6zvr
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 897e20efdc79a86e-SYD

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_twxv2a69/ 3 B
124 B 13ms
3ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_twxv2a69/config
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_twxv2a69_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 320ms
8ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_twxv2a69_telemetry
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:50 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 12ms
2ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1719079129707&id=t2_twxv2a69&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=73d8ef36-bb93-44da-a5fa-2453eb214d75&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:49 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
420 B 1116ms
797ms XHR
text/html 18.67.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=OsN0SIfVc2JY9TyzezRa3bar2EYlayb8kMx75zWHwWcDqKAeq9aLaw==&api-version=v3
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-91.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Fri, 21 Jun 2024 18:28:58 GMT
via: 1.1 4bfeb1eae9544366893e37b97eee8e6e.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 84594
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: R-tI-3u9cXL5UBkyyCbhT4Dkb3F9nyHNKz9AUTr4VXGj5rbl0pFD7g==

GET
H2 200 209580512574099 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 232ms
232ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/209580512574099?v=2.9.158&r=stable&domain=www.bitdefender.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

a81a65ff14c4132ec1f430e83cb3742b9fae832d5e39d8ed77e44ac6ecc632d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 17:58:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=64, mss=1317, tbw=63536, tp=-1, tpl=-1, uplat=229, ullat=0
pragma: public
x-fb-debug: 9syq07bFXEj9AiIjqzb1Tth6CWSRMOrAtsiMfI1r4gWY2x9hc1UpvQYH8H5Mj8CnVT6fLQAtLXCWgOophuP1rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.ef112488b1de7ff5f962.js Show response
script.hotjar.com/ 223 KB
56 KB 19ms
2ms Script
application/javascript 18.67.110.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ef112488b1de7ff5f962.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-51807.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-93.syd62.r.cloudfront.net

Software

Resource Hash

4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 15:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 182261
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56326
last-modified: Thu, 20 Jun 2024 15:20:30 GMT
etag: "4bf3c968ca73f7170da42a1ae7ed463c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: KLYaDm83HpcseQ5jGGyWdNkD4Pc9onTmi9EUQzy84XM1DkBj7ICZwg==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 517 KB
205 KB 405ms
2ms Script
text/javascript 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_9e94dbdf_8640_4bd2_a703_ada7b88a1eaa&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209238
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 17:14:12 GMT

GET
H2 200 5104414.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 142ms
142ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5104414.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8a6494ebcc1c54d6dca46f9d5319a8477def37a026b5ca1cb57ea1176a26845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 22 Jun 2024 17:58:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5D0AD69456E42928554C5A4F679F0FE Ref B: SYD03EDGE1107 Ref C: 2024-06-22T17:58:49Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
362 B 141ms
140ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5104414&tm=al001&Ver=2&mid=03738c24-dddd-4efb-bc3f-bd9fbbb7d0b2&sid=143869c030c111ef85416505e38dc5f3&vid=1438809030c111ef9378b9d4d5811ed4&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&p=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&r=&lt=4219&pt=1719079124178,,,0,1106,1106,1106,1106,1106,1106,,1107,1503,1879,1507,2928,4219,4219,,,&pn=0,1&evt=pageLoad&sv=1&rn=612807

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jun 2024 17:58:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47133CEB24A24A9B8AF32B81C7B40EA1 Ref B: SYD03EDGE1107 Ref C: 2024-06-22T17:58:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 2ms
2ms Script
application/javascript 18.67.110.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ef112488b1de7ff5f962.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-93.syd62.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 18:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 5e473a5e64c6a2f7bc916721cc188252.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 6133622
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Fri, 12 Apr 2024 13:01:58 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gPENPs8grKuT-cLhAg1KethfiuISJgr6O8vfnZ_HHlfTmVtFmNQJBw==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 1390ms
822ms XHR
application/json 34.250.195.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=51807&gzip=1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.250.195.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-195-248.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d200ef8dc6d814e409b6981ca60b00c74841e3d5bd43aa09f75a87f404d12162

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 17:58:51 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 5104414 Show response
www.clarity.ms/tag/uet/ 826 B
1 KB 750ms
430ms Script
application/x-javascript 13.107.246.31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5104414?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5104414.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2d0ccf953317b3a71e714eadc5df1233d2a998725cd3ec66cb973ef31eb3c075

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sat, 22 Jun 2024 17:58:50 GMT
x-azure-ref: 20240622T175850Z-17b8d4f8bc7dpm2fwd8gnhz2hn000000027g000000005w8z
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 826
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 266ms
2ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=209580512574099&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719079129973&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719079129971.58742658678420218&ler=empty&cdl=API_unavailable&it=1719079129726&coo=false&rqm=GET

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 17:58:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 520ms
256ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=209580512574099&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719079129973&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1719079129971.58742658678420218&ler=empty&cdl=API_unavailable&it=1719079129726&coo=false&rqm=FGET

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x487c23ccd3a1c1e0","source_keys":["1","2"]},{"key_piece":"0xbefa168172a33b05","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 17:58:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383388644430132944", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=3105, tp=-1, tpl=-1, uplat=254, ullat=0
pragma: no-cache
x-fb-debug: vZO4p1tJTt8mRXFEmT7kcStSKQFCLZJmosqyjYq4K33B3vp2aRytFly5pPpzsg1gjQOlFmqUzK8eMjvjzCUmEA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383388644430132944"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 405ms
4ms Font
font/woff2 172.217.167.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 15:43:02 GMT
x-content-type-options: nosniff
age: 8148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 15:43:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 404ms
2ms Font
font/woff2 172.217.167.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 01:52:06 GMT
x-content-type-options: nosniff
age: 58004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 01:52:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 403ms
2ms Font
font/woff2 172.217.167.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.bitdefender.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 01:37:42 GMT
x-content-type-options: nosniff
age: 145268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Jun 2025 01:37:42 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 95FE 0
0 212ms
118ms Document
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cuYml0ZGVmZW5kZXIuY29tLmF1OjQ0Mw..&hl=en&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&badge=inline&cb=mdejl9nrj6rc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mEBpeKLdLVmtkGzNOzjGbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mEBpeKLdLVmtkGzNOzjGbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 17:58:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
analytics.google.com/g/ 0
259 B 503ms
97ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D4JK29RRG4&gtm=45je46j0v876401340za200zb9171448788&_p=1719079128474&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=817434582.1719079130&ul=en-au&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&uid=&sid=1719079129&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dt=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=true&ep.geoRegion=&ep.pageSubSection=businessinsights&ep.login_status=false&ep.source=&ep.medium=&ep.cid=&ep.page_name=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&ep.fingerprint=&ep.siteSection=blog&ep.pageSubSubSection=enterprise-security&tfd=6123&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4JK29RRG4&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 594ms
96ms Ping
text/plain 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D4JK29RRG4&cid=817434582.1719079130&gtm=45je46j0v876401340za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4JK29RRG4&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1040562098/ 4 KB
2 KB 202ms
106ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1040562098/?random=1719079129697&cv=11&fst=1719079129697&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9164188826za200zb9171448788&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&hn=www.googleadservices.com&frm=0&tiba=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&npa=0&us_privacy=1YNY&pscdl=noapi&auid=382745919.1719079130&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=gtagDataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

45025f006d223700e68cbea84612a8f3f56caa5998c30d8ee0cbe2ff9b61bd22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1563
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=382745919.1719079130;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-r...
https://ad.doubleclick.net/activity;dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=382745919.1719079130;u2=https%3A%2F%2Fwww.bitdefender.com.au%...
https://adservice.google.com/ddm/fls/z/dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusines...

42 B
63 B

246ms
141ms

Image
image/gif

142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=1067899523;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CLnAqOfk74YDFbvJFgUdf1EBMw;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=*;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=1067899523;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;register_conversion=1;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=382745919.1719079130;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransom...
ad.doubleclick.net/ 0
23 B 248ms
148ms Image
image/png 142.250.76.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=5165113;type=na-c;cat=allpages;ord=8202537486129;npa=0;auiddc=382745919.1719079130;u2=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F;ps=1;pcor=1067899523;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46j0v9171448788za200;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F?

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:50 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"6282389348901849117"}],"aggregatable_trigger_data":[{"filters":[{"14":["2831056"]}],"key_piece":"0xeccec0ecd23e2ab0","source_keys":["12","13","14","15","16","17","18","19","20","21","628479444","628479445","628479446","628479447","628490980","628490981","628490982","628490983","628496680","628496681","628496682","628496683","628738860","628738861","628738862","628738863","628782028","628782029","628782030","628782031","628893860","628893861","628893862","628893863","634755164","634755165","634755166","634755167","634761816","634761817","634761818","634761819"]},{"key_piece":"0x32d78366b2bd6e4c","not_filters":{"14":["2831056"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628479444","628479445","628479446","628479447","628490980","628490981","628490982","628490983","628496680","628496681","628496682","628496683","628738860","628738861","628738862","628738863","628782028","628782029","628782030","628782031","628893860","628893861","628893862","628893863","634755164","634755165","634755166","634755167","634761816","634761817","634761818","634761819"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628479444":34,"628479445":34,"628479446":34,"628479447":3345,"628490980":46,"628490981":46,"628490982":46,"628490983":4540,"628496680":32,"628496681":32,"628496682":32,"628496683":3177,"628738860":32,"628738861":32,"628738862":32,"628738863":3177,"628782028":32,"628782029":32,"628782030":32,"628782031":3177,"628893860":32,"628893861":32,"628893862":32,"628893863":3177,"634755164":36,"634755165":36,"634755166":36,"634755167":3530,"634761816":34,"634761817":34,"634761818":34,"634761819":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"11294620715302051054","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6282389348901849117","filters":[{"14":["2831056"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6282389348901849117","filters":[{"14":["2831056"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6282389348901849117","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6282389348901849117","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["5165113"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 199ms
102ms Image
image/gif 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D4JK29RRG4&cid=817434582.1719079130&gtm=45je46j0v876401340za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=1522672924

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 566ms
196ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6M0GWNLLWF&gtm=45je46j0v869430580za200zb9171448788&_p=1719079128474&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=817434582.1719079130&ecid=493785953&ul=en-au&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&uid=&sid=1719079129&sct=1&seg=0&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dt=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&en=page_view&_fv=1&_ss=1&_ee=1&ep.optimize_id=&ep.anonymize_ip=true&ep.geoRegion=&ep.pageSubSection=businessinsights&ep.login_status=false&ep.source=&ep.medium=&ep.cid=&ep.page_name=blog%3Abusinessinsights%3Aenterprise-security%3Ahive-ransomwares-offspring-hunters-international-takes-the-stage&ep.fingerprint=&ep.siteSection=blog&ep.pageSubSubSection=enterprise-security&tfd=6159&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 366ms
96ms Ping
text/plain 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6M0GWNLLWF&cid=817434582.1719079130&gtm=45je46j0v869430580za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6M0GWNLLWF&l=gtagDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bitdefender.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 104ms
104ms Image
image/gif 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6M0GWNLLWF&cid=817434582.1719079130&gtm=45je46j0v869430580za200zb9171448788&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=150923205

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=459700254.1719079130&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunt...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=459700254.1719079130&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-o...

42 B
64 B

101ms
101ms

Ping
image/gif

142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=459700254.1719079130&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=382745919.1719079130&frm=0

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=459700254.1719079130&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&dma=0&npa=0&gtm=45fe46j0v9171448788za200&auid=382745919.1719079130&frm=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1040562098/ 42 B
64 B 102ms
101ms Image
image/gif 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1040562098/?random=1719079129697&cv=11&fst=1719075600000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9164188826za200zb9171448788&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&hn=www.googleadservices.com&frm=0&tiba=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&npa=0&us_privacy=1YNY&pscdl=noapi&auid=382745919.1719079130&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLT3eufsekhW0pQdHPcpkVVluKN3dKQMH_1IDYB7lyVZ8s1-rH&random=1270650172&rmt_tld=0&ipr=y

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1040562098/ 42 B
64 B 103ms
102ms Image
image/gif 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1040562098/?random=1719079129697&cv=11&fst=1719075600000&bg=ffffff&guid=ON&async=1&gtm=45be46j0v9164188826za200zb9171448788&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&hn=www.googleadservices.com&frm=0&tiba=Hive%20Ransomware%27s%20Offspring%3A%20Hunters%20International%20Takes%20the%20Stage&npa=0&us_privacy=1YNY&pscdl=noapi&auid=382745919.1719079130&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLT3eufsekhW0pQdHPcpkVVluKN3dKQMH_1IDYB7lyVZ8s1-rH&random=1270650172&rmt_tld=1&ipr=y

Requested by

Host: www.bitdefender.com.au
URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 5ms
5ms Script
application/javascript 13.107.246.31
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5104414?insights=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:50 GMT
content-encoding: br
last-modified: Thu, 23 May 2024 23:20:12 GMT
etag: W/"0x8DC7B7EE5574D78"
vary: Accept-Encoding
x-azure-ref: 20240622T175850Z-17b8d4f8bc7dpm2fwd8gnhz2hn000000027g000000005w94
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e014ce33-301e-0000-755b-c02edb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
286 B 1007ms
612ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.bitdefender.com.au
Date: Sat, 22 Jun 2024 17:58:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame F051 0
0 101ms
101ms Document
text/html 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=KXX4ARWFlYTftefkdODAYWZh&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IYVU3x9TVn4IHLWvrMYkpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IYVU3x9TVn4IHLWvrMYkpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jun 2024 17:58:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
744 B 311ms
4ms Image
image/gif 23.38.128.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=4a55b566-7010-4633-9b03-7ba7735be0b6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.128.171 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-128-171.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 17:58:51 GMT
X-GUploader-UploadID: ACJd0NpP2RtfrZCnzsalidCHVsghhlQtgvHtdX2gg3IJJ8qahfsXYQ3zhVt_3_P0EZmhSFQ1qZm11sb5Ng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 35
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Server: UploadServer
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-generation: 1698061172769999
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public,max-age=1800
x-goog-stored-content-length: 35
Accept-Ranges: bytes
Content-Type: image/gif

GET
H3 200 136759154343249 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 261ms
261ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/136759154343249?v=2.9.158&r=stable&domain=www.bitdefender.com.au&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

5a57e097e75bc754d90232d0ac1c4d08b140b5a91e2f7308fc1588703d3b5942

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jun 2024 17:58:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4649, tp=12, tpl=0, uplat=258, ullat=0
pragma: public
x-fb-debug: XEz+BE7MgkNSTHe1UoG2VR9QkFI3z0wO3winTj0i5JRJwv+RbL/VU/FxgzJdwa//jFxq6MdYHA0MyiBPvyyoLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 554ms
236ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-au&bfp=522907934&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&pu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&t=Hive+Ransomware%27s+Offspring%3A+Hunters+International+Takes+the+Stage&cts=1719079131441&vi=b5cbc6dd35d7bd3aa08c8864c2769ad7&nc=true&u=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&b=33008289.1.1719079131438&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 40a9343b-9ac5-4dca-8f74-705c94f11cdd
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 40a9343b-9ac5-4dca-8f74-705c94f11cdd
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yL7tAkQvcDxkCc%2Fnjd8ho2UDtkWqV%2F7xp3J%2BwoPE5RUc72nqw%2BkueXROIOjc1Zg%2FdhXSX1BMlrhIIwMbl1Ejs6hCUdgDZkX6eVn70wJtZFpCBhCbnS5pfb2fcJXxrmiR%2FSdm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-vtjjp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 897e20fd8c415d36-SYD
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
752 B 598ms
286ms Image
image/gif 104.16.118.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=6296aa14-482c-4e42-9095-8e693b5f4caa&fci=9e94dbdf-8640-4bd2-a703-ada7b88a1eaa&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-au&bfp=522907934&v=1.1&a=341979&rcu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&pu=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&t=Hive+Ransomware%27s+Offspring%3A+Hunters+International+Takes+the+Stage&cts=1719079131446&vi=b5cbc6dd35d7bd3aa08c8864c2769ad7&nc=true&u=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&b=33008289.1.1719079131438&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.118.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f0665e19-3658-4829-a9ef-6e377502b619
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f0665e19-3658-4829-a9ef-6e377502b619
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8Z78cHm4m7rBkHQeQh0aaJWZQruPqHO8R8%2BJwAPn5S70B6g9vXOERLU5670N1NFclPPuwEfVL5SgK5akZ8xk%2Ban8qBVCzu3dbihMWT31GZqAvxgpJsD8uOQlLtCKmKl8xrQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-r4gg4
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 897e20fd8c435d36-SYD
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3B3B0A86B0D54EC0AF9202F05E17A9B8&RedC=c.clarity.ms&MXFR=19C15A45936468ED26B14EE3976466AD
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B3B0A86B0D54EC0AF9202F05E17A9B8&MUID=1D5BD4C23A5F64F91CEAC0643BCF65FB

42 B
467 B

136ms
136ms

Image
image/gif

52.231.230.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B3B0A86B0D54EC0AF9202F05E17A9B8&MUID=1D5BD4C23A5F64F91CEAC0643BCF65FB
Protocol: H2
Server: 52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://www.bitdefender.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:51 GMT
last-modified: Thu, 20 Jun 2024 17:32:12 GMT
server: Microsoft-IIS/10.0
etag: "1b2b37c937c3da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 22 Jun 2024 17:58:51 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 962CAAB934B0447AB8C7CFF1442D04EF Ref B: SYD03EDGE1107 Ref C: 2024-06-22T17:58:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3B3B0A86B0D54EC0AF9202F05E17A9B8&MUID=1D5BD4C23A5F64F91CEAC0643BCF65FB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 263ms
256ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=341979&utk=b5cbc6dd35d7bd3aa08c8864c2769ad7&__hstc=33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1&__hssc=33008289.1.1719079131438&currentUrl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

915925da9f0254cf9b8053d6102becec38d5447bc4f11ea9c8724ddf29f385d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 17:58:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 00d4c46e-0dd2-4366-9da3-590f3c80a3f0
content-encoding: br
x-envoy-upstream-service-time: 34
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 00d4c46e-0dd2-4366-9da3-590f3c80a3f0
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bitdefender.com.au
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-776cb5686f-gqvsp
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8pTCIVmqrCmruczA1Iu65ZXnpxVcbjiNeZ28VDaZ6ARjJ%2BHLmOzMCNLbKXV2YnLnsz5Rq20juV3ExDfGnkjrEw3E%2BSdavI5nmf6gvNVIhA9dhANraVDY%2FUZ2E%2Faf0WRzwJ8"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 897e20fbb922a96b-SYD

GET
H/1.1 200
OK favicon-32x32.png
download.bitdefender.com/resources/images/favicon/ 568 B
947 B 337ms
2ms Other
image/png 23.46.179.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://download.bitdefender.com/resources/images/favicon/favicon-32x32.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.46.179.51 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-46-179-51.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fab8294d35a12278bfd9179ac66940d6d77145b986fc04e5826a8521f7aa1d49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN *.bitdefender.com

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 22 Jun 2024 17:58:51 GMT
Last-Modified: Thu, 10 Jul 2014 14:17:00 GMT
Server: nginx
ETag: "53bea05c-238"
X-Frame-Options: SAMEORIGIN *.bitdefender.com
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1378
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 568
Expires: Sat, 22 Jun 2024 18:21:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
124 B 4ms
2ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=136759154343249&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719079131711&sw=1600&sh=1200&ud[external_id]=b5cbc6dd35d7bd3aa08c8864c2769ad7&v=2.9.158&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.2.1719079129971.58742658678420218&ler=empty&cdl=API_unavailable&cs_est=true&it=1719079129726&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=6885, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jun 2024 17:58:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 205ms
205ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=136759154343249&ev=PageView&dl=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&rl=&if=false&ts=1719079131711&sw=1600&sh=1200&ud[external_id]=b5cbc6dd35d7bd3aa08c8864c2769ad7&v=2.9.158&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.2.1719079129971.58742658678420218&ler=empty&cdl=API_unavailable&cs_est=true&it=1719079129726&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc5667283b39b3004","source_keys":["1","2"]},{"key_piece":"0x6d5411c5761f459c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sat, 22 Jun 2024 17:58:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383388647264504239", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1317, tbw=7053, tp=-1, tpl=-1, uplat=203, ullat=0
pragma: no-cache
x-fb-debug: xAqoxf++akKRmENyD+gnn8VMElsQLlxv0OzLxasogBt0IE+bNbDKdnw6haF1DpTPOSdcZbvr/6MQADf1EqzeTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383388647264504239"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
286 B 196ms
195ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.bitdefender.com.au
Date: Sat, 22 Jun 2024 17:58:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 204 /
metrics.hotjar.io/ 0
80 B 837ms
274ms Ping
text/plain 54.171.234.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6&site_id=51807
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-51807.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.234.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-234-229.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Jun 2024 17:58:53 GMT
access-control-max-age: 86400

GET
H2 200 campaigns Show response
webchannel-content-service.scarabresearch.com/customer/786874886/ 10 B
422 B 333ms
308ms XHR
application/json 34.111.52.132

General

Check archive.org

Show headers Download Go to

Full URL

https://webchannel-content-service.scarabresearch.com/customer/786874886/campaigns?url=https:%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&prev_url=&lang=en&uli=false

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=bitdefender.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.52.132 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://www.bitdefender.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sat, 22 Jun 2024 17:58:55 GMT
x-content-type-options: nosniff
x-envoy-decorator-operation: webchannel-content-web.web-channel.svc.cluster.local:80/*
via: 1.1 google
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: istio-envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:50:31	Name: _GRECAPTCHA Value: 09AOZOU_NselYeIvqucj2ln8ItPV0aH-pLGactYNVur5f5IFpxDTeyF3H1Fm6zJ40Fo3C5DdBh61OT4TCeWrmZ-vs
.businessresources.bitdefender.com/	1970-01-20 21:31:20	Name: __cf_bm Value: lN124c4HgXBOB1v87w3K_UPvZtfGf6rEtArGoC7X3qU-1719079125-1.0.1.1-xlVk3Zkkim_NuH3h.sezkf.4KQzszeuG0eEUPu3kpnimGRoaI3LJq1uPAhLUBSa6L_utKDjhBiAaIuf4mB4cDQ
.businessresources.bitdefender.com/	1969-12-31 23:59:59	Name: __cfruid Value: 7780abe5c84515f098c88169ff1f78db7c4f58ca-1719079125
www.bitdefender.com.au/	1969-12-31 23:59:59	Name: tagit_session Value: 1
.bitdefender.com.au/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-21 01:50:31	Name: demdex Value: 66956217165533856463393518507091718054
.bitdefender.com.au/	1969-12-31 23:59:59	Name: AMCVS_0E920C0F53DA9E9B0A490D45%40AdobeOrg Value: 1
.hsforms.com/	1970-01-20 21:31:20	Name: __cf_bm Value: bLHtVjgRi_Je1OvxJQhyW0ncCl3PB3RzeZfvj3FQuH0-1719079128-1.0.1.1-NN2lkndm7iT_Qk75gWitA27AHvSOUuAP35S8UO.wk4gR5bVi3AC6eh76fmYrLUkeUbLORJSDyq939teK25V3tw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 8YwyUqiYBSGjJgS7Fsj6yQjmObx5ZU9IzjFKci.BOek-1719079128523-0.0.1.1-604800000
www.bitdefender.com/	1970-01-20 21:41:23	Name: AWSALBCORS Value: J0T5bm4AviD2RrxLl9XW9SFdi8f9Xs4ml/258WYKlwaIyPqK3NEd22RVv6ysphnkXHTcy6/Susa4mJdhAKf/B1YrjNZS7Xzr0UqfePU0cHTjgRpURvKkKh6hRKHf
.bitdefender.com.au/	1970-01-21 07:07:19	Name: mbox Value: session#c224db9cb3ea434c8bc50c3d337a56f4#1719080989\|PC#c224db9cb3ea434c8bc50c3d337a56f4.34_0#1782323929
www.bitdefender.com.au/	1969-12-31 23:59:59	Name: tagit_params Value: %7B%22obj%22%3A%5B%5D%7D
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_tp Value: 12943
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: blog%253Abusinessinsights%253Aenterprise-security%253Ahive-ransomwares-offspring-hunters-international-takes-the-stage%2C9%2C9%2C1200%2C1%2C10
.bitdefender.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-21 01:50:31	Name: dextp Value: 771-1-1719079128930\|1123-1-1719079129031\|129099-1-1719079129132
.hsforms.net/	1970-01-20 21:31:20	Name: __cf_bm Value: nj.muqVGWgg.t2ypfI6x5oIPlt1gE64rLKJYJxB2XGA-1719079129-1.0.1.1-0qBOGsCmLxgNokPL4tI8BKwn1ZJRUwOKbaIgJCGqNJ3Hq6SpCa543cMBbqkvSd7bwFfM8onBRAS3ZSVMGfd7pA
.doubleclick.net/	1970-01-21 07:07:19	Name: IDE Value: AHWqTUnoIq5MpiFr26UH_JGVWrTqx-iyEEgIT2Lx0CIuJuciesbFYxfxGYv4GEYDMt8
.www.bitdefender.com.au/	1970-01-21 07:07:19	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Jun+23+2024+01%3A58%3A49+GMT%2B0800+(Australian+Western+Standard+Time)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&identifierType=Cookie+Unique+Id&hosts=&consentId=3b0fd7be-393e-4db0-b219-8a212a8bfe9e&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.bitdefender.com.au%2Fblog%2Fbusinessinsights%2Fhive-ransomwares-offspring-hunters-international-takes-the-stage%2F&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.bitdefender.com.au/	1970-01-21 06:16:55	Name: _biz_uid Value: 6dacdac7157646baea2a35d23e32c214
.bitdefender.com.au/	1970-01-21 06:16:55	Name: _biz_nA Value: 2
.bizible.com/	1970-01-21 06:16:55	Name: _BUID Value: 6dacdac7157646baea2a35d23e32c214
.bizibly.com/	1970-01-21 06:16:55	Name: _BUID Value: 8725faab81b836f3485c5cbb3c37f545
.dpm.demdex.net/	1970-01-21 01:50:31	Name: dpm Value: 66956217165533856463393518507091718054
.bitdefender.com.au/	1970-01-21 06:16:55	Name: _biz_pendingA Value: %5B%5D
.t.co/	1970-01-21 07:07:19	Name: muc_ads Value: ee5ead28-36d8-43d7-bc06-9e1d41890400
.bitdefender.com.au/	1969-12-31 23:59:59	Name: IR_gbd Value: bitdefender.com.au
.bitdefender.com.au/	1969-12-31 23:59:59	Name: IR_4466 Value: 1719079129511%7C0%7C1719079129511%7C%7C
.everesttech.net/	1970-01-21 06:16:55	Name: everest_g_v2 Value: g_surferid~ZncQ2QAAAGvTyQM4
.bitdefender.com.au/	1970-01-20 21:41:23	Name: at_geo Value: {%22latitude%22:-33.88%2C%22longitude%22:151.22%2C%22countryCode%22:%22AU%22%2C%22stateCode%22:%22NSW%22%2C%22city%22:%22SYDNEY%22}
.company-target.com/	1970-01-21 07:07:19	Name: tuuid Value: c41c3c41-ffc8-4429-bb16-a23300cd503d
.company-target.com/	1970-01-21 07:07:19	Name: tuuid_lu Value: 1719079129\|ix:0\|mctv:0\|rp:0
.rkdms.com/	1970-01-21 06:16:55	Name: sc Value: 3%3A118104
.rkdms.com/	1970-01-21 06:16:55	Name: sessionid Value: h-ee519f2d73b744038c57a5fb04aeecae_t-1719079129
.bitdefender.com.au/	1970-01-20 23:40:55	Name: _rdt_uuid Value: 1719079129705.73d8ef36-bb93-44da-a5fa-2453eb214d75
.bitdefender.com.au/	1970-01-21 06:16:55	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Ecid%22%3A%22-1964496908%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.bitdefender.com.au/	1970-01-21 07:07:19	Name: AMCV_0E920C0F53DA9E9B0A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C19897%7CMCMID%7C66931271695885077533391580854570622305%7CMCAAMLH-1719683928%7C7%7CMCAAMB-1719683928%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1719086328s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19904%7CvVersion%7C5.5.0
.bitdefender.com.au/	1970-01-20 21:32:45	Name: _uetsid Value: 143869c030c111ef85416505e38dc5f3
.bitdefender.com.au/	1970-01-21 06:52:55	Name: _uetvid Value: 1438809030c111ef9378b9d4d5811ed4
.bitdefender.com.au/	1970-01-21 06:16:55	Name: _hjSessionUser_51807 Value: eyJpZCI6IjlhODUwZWYxLWM4ZTItNTA1Yy1iNzY0LWMwN2VmMzUwNDAyYyIsImNyZWF0ZWQiOjE3MTkwNzkxMjk4MjIsImV4aXN0aW5nIjp0cnVlfQ==
.linkedin.com/	1970-01-20 23:40:55	Name: li_sugr Value: 1d7541df-d05c-40bc-ac8f-99b845dc6ffa
.linkedin.com/	1970-01-20 21:32:45	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3236:u=1:x=1:i=1719079129:t=1719165529:v=2:sig=AQGRPRBX0GGGXXahuhjUyEJsCjVtEH-T"
.casalemedia.com/	1970-01-21 06:16:55	Name: CMID Value: ZncQ2YsFVVYAAFvrAMfCNgAA
.casalemedia.com/	1970-01-20 23:40:55	Name: CMPS Value: 4766
.casalemedia.com/	1970-01-20 23:40:55	Name: CMPRO Value: 4766
.linkedin.com/	1970-01-21 06:16:55	Name: bcookie Value: "v=2&a7ed6108-b9a2-42d7-866c-97d09fd29cba"
.bitdefender.com.au/	1970-01-20 21:31:20	Name: _hjSession_51807 Value: eyJpZCI6Ijc2ZDcxZjZiLTI1NTAtNDE1Yi1hMDBhLTUzOTk1NzhkMDBiMCIsImMiOjE3MTkwNzkxMjk4MjMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.bing.com/	1970-01-21 06:52:55	Name: MUID Value: 1D5BD4C23A5F64F91CEAC0643BCF65FB
.bat.bing.com/	1970-01-20 21:41:23	Name: MR Value: 0
.twitter.com/	1970-01-21 07:07:19	Name: guest_id_marketing Value: v1%3A171907912972237133
.twitter.com/	1970-01-21 07:07:19	Name: guest_id_ads Value: v1%3A171907912972237133
.twitter.com/	1970-01-21 07:07:19	Name: personalization_id Value: "v1_pNQcPx85Aypzl6gO4Io+ew=="
.twitter.com/	1970-01-21 07:07:19	Name: guest_id Value: v1%3A171907912972237133
.bitdefender.com.au/	1970-01-20 23:40:55	Name: _fbp Value: fb.2.1719079129971.58742658678420218
.linkedin.com/	1970-01-20 22:14:31	Name: UserMatchHistory Value: AQIAQodoEAvbmgAAAZBBGdOBdzmKV-eqY-YjJ-dIsf0muCN9iFWijtm9J5cvGKjjF_09VqZkZUz8vg
.linkedin.com/	1970-01-20 22:14:31	Name: AnalyticsSyncHistory Value: AQLCGVKyjmY5xgAAAZBBGdOBRR0ORDxBtMKOD3fy1oVIrEn8HUyV9_KdPyQNlPzrlMG_QhZVks9_KhoDPd0isw
.bitdefender.com.au/	1970-01-20 23:40:55	Name: _gcl_au Value: 1.1.382745919.1719079130
.bitdefender.com.au/	1969-12-31 23:59:59	Name: _ga_D4JK29RRG4 Value: GS1.1.1719079129.1.0.1719079129.60.0.0
.bitdefender.com.au/	1969-12-31 23:59:59	Name: _ga Value: GA1.1.817434582.1719079130
.www.linkedin.com/	1970-01-21 06:16:55	Name: bscookie Value: "v=1&2024062217585026482512-6d9f-4695-892a-56cab56d9982AQFpP9GXgI5ywIhcY7e_LLNuJtmlD_c_"
.bitdefender.com.au/	1969-12-31 23:59:59	Name: _ga_6M0GWNLLWF Value: GS1.1.1719079129.1.0.1719079129.60.0.493785953
.tremorhub.com/	1970-01-21 06:17:16	Name: tvid Value: d5369bbb58c0444e8461d5cc97ba5abc
.tremorhub.com/	1970-01-21 07:07:19	Name: tv_UIDM Value: c41c3c41-ffc8-4429-bb16-a23300cd503d
.doubleclick.net/	1970-01-20 22:14:31	Name: ar_debug Value: 1
www.clarity.ms/	1970-01-21 06:16:55	Name: CLID Value: bc54f1f3cdf646fab45c15db88c61ccc.20240622.20250622
.bitdefender.com.au/	1970-01-21 06:16:55	Name: _clck Value: 3kre8z%7C2%7Cfmu%7C0%7C1634
.doubleclick.net/	1970-01-21 01:50:31	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 06:16:55	Name: khaos Value: LXQFBUK3-N-4DG8
.rubiconproject.com/	1970-01-21 06:16:55	Name: audit Value: 1\|hSmEwH/f0WI8eEr8sxjQ447TBLG5f4Qrn4ETmsjalfgFdJM/KZ/oM6hAjaKkYW936bzeRfs5RRqM1KxoLazIt5mwZQnb46mpLmNbD6yF/GFuuqyPEAAK11S9Js9y65BlBTOhfXPxF1j+Y+jb3iRUseT0owWRnJrgcmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.rubiconproject.com/	1970-01-20 23:40:55	Name: receive-cookie-deprecation Value: 1
www.bitdefender.com.au/	1970-01-21 01:50:31	Name: __hstc Value: 33008289.b5cbc6dd35d7bd3aa08c8864c2769ad7.1719079131438.1719079131438.1719079131438.1
www.bitdefender.com.au/	1970-01-21 01:50:31	Name: hubspotutk Value: b5cbc6dd35d7bd3aa08c8864c2769ad7
www.bitdefender.com.au/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.bitdefender.com.au/	1970-01-20 21:31:20	Name: __hssc Value: 33008289.1.1719079131438
.bitdefender.com.au/	1970-01-20 21:32:45	Name: _clsk Value: 1r8bkox%7C1719079131811%7C1%7C1%7Cx.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 21:41:23	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:52:55	Name: SRM_B Value: 1D5BD4C23A5F64F91CEAC0643BCF65FB
.hubspot.com/	1970-01-20 21:31:20	Name: __cf_bm Value: qmpn1ZKdAF3yeQ59MrI1D.5UciKOOTjD6Qu4gcm6ly8-1719079132-1.0.1.1-v9tpdv0p2tq2h6wdzt3oH693Ab9RlSMkm3d_FFQdzPJXXAIMzuMUF.x21btsoflAgLbitoLrr86FbxfJ0fe_bw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: nRe1KciHgYfrYsAuAdfnkG8Kww2usATAgup.FdQLM_o-1719079132050-0.0.1.1-604800000
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:52:55	Name: MUID Value: 1D5BD4C23A5F64F91CEAC0643BCF65FB
.c.clarity.ms/	1970-01-20 21:41:23	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:31:19	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.bitdefender.com.au/blog/businessinsights/hive-ransomwares-offspring-hunters-international-takes-the-stage/ Message: Refused to load the script 'https://platform.twitter.com/widgets.js' because it violates the following Content Security Policy directive: "script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-1040562098&l=gtagDataLayer&cx=c(Line 133) Message: Refused to connect to 'https://google.com/ccm/form-data/1040562098?gtm=45be46j0v9164188826za200zb9171448788&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&npa=0&frm=0&pscdl=noapi&auid=382745919.1719079130&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&ec_mode=a&em=tv.1' because it violates the following Content Security Policy directive: "connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com".
security	error	URL: https://bat.bing.com/bat.js Message: Refused to connect to 'https://bat.bing.com/actionp/0?ti=5104414&tm=al001&Ver=2&mid=03738c24-dddd-4efb-bc3f-bd9fbbb7d0b2&sid=143869c030c111ef85416505e38dc5f3&vid=1438809030c111ef9378b9d4d5811ed4&vids=1&msclkid=N&evt=pageHide' because it violates the following Content Security Policy directive: "connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src https: http: data:; style-src 'self' 'unsafe-inline' .bitdefender.com fonts.googleapis.com www.gartner.com; script-src 'self' 'self' .emarsys.net www.gartner.com cdnjs.cloudflare.com assets.adobedtm.com .google.com www.gstatic.com .hs-scripts.com consentcdn.cookiebot.com bitdefender.demdex.net consent.cookiebot.com www.googletagmanager.com .googleadservices.com tag.demandbase.com .doubleclick.net sentry.nmbapp.net snap.licdn.com edge.fullstory.com .hotjar.com js.hubspot.com js.hsforms.net js.hscta.net js.hs-analytics.net js.hsleadflows.net js.hsadspixel.net js.hs-banner.com js.usemessages.com cdn.scarabresearch.com .bing.com static.ads-twitter.com www.redditstatic.com d.impactradius-event.com connect.facebook.net .clarity.ms .bitdefender.com .scarabresearch.com www.dwin1.com .taboola.com .outbrain.com retrack-kupona.kuponacdn.de ad4m.at .google-analytics.com cdn.bizible.com 'unsafe-inline' 'unsafe-eval' .cookielaw.org .criteo.com .googletagservices.com .2mdn.net .googlesyndication.com; frame-ancestors 'self' https: explore.bitdefender.com; object-src 'none'; frame-src www.gartner.com .facebook.com .google.com consentcdn.cookiebot.com bitdefender.demdex.net 5165113.fls.doubleclick.net vars.hotjar.com www.youtube.com hal9000.redintelligence.net ad.ad-srv.net forms.hsforms.com ad4m.at ws.hotjar.com s.company-target.com td.doubleclick.net .criteo.com .2mdn.net .googlesyndication.com; connect-src wss: ws.hotjar.com metrics.hotjar.io content.hotjar.io hubspot-forms-static-embed.s3.amazonaws.com forms.hsforms.com .emarsys.net .hubapi.com .hubspot.com .facebook.com assets.adobetarget.com sentry.nmbapp.net api.company-target.com .bitdefender.com geolocation-db.com dpm.demdex.net consent.cookiebot.com .google.com .scarabresearch.com rs.fullstory.com googleads.g.doubleclick.net consentcdn.cookiebot.com .google-analytics.com .analytics.google.com analytics.google.com .clarity.ms .doubleclick.net .taboola.com cdn.linkedin.oribi.io vc.hotjar.io 'self' localhost blog.bitdefender-com.nmbapp.net tag-logger.demandbase.com .bizible.com .bizible.net px.ads.linkedin.com .redditstatic.com .googlesyndication.com .cookielaw.org .onetrust.com .onetrust.io .criteo.com .reddit.com .googleadservices.com; font-src 'self' data: www.bitdefender.com fonts.googleapis.com fonts.gstatic.com www.gartner.com; base-uri .bitdefender.com .bitdefender.com.au .bitdefender.co.uk .bitdefender.ro .bitdefender.fr .bitdefender.de
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
api.hubapi.com
api.hubspot.com
assets.adobedtm.com
assets.adobetarget.com
bat.bing.com
bitdefender.demdex.net
businessresources.bitdefender.com
c.bing.com
c.clarity.ms
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.scarabresearch.com
cm.everesttech.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
content.hotjar.io
cookies-data.onetrust.io
cta-service-cms2.hubspot.com
d.impactradius-event.com
download.bitdefender.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
geolocation-db.com
geolocation.onetrust.com
googleads.g.doubleclick.net
imgsct.cookiebot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
metrics.hotjar.io
perf-na1.hsforms.com
pixel-config.reddit.com
platform.twitter.com
px.ads.linkedin.com
s.company-target.com
script.hotjar.com
snap.licdn.com
sstats.bitdefender.com
starget.bitdefender.com
static.ads-twitter.com
static.hotjar.com
static.scarabresearch.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
track.hubspot.com
webchannel-content-service.scarabresearch.com
www.bitdefender.com
www.bitdefender.com.au
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
x.clarity.ms
platform.twitter.com
104.16.117.116
104.16.118.116
104.16.137.209
104.16.160.168
104.16.79.142
104.17.128.172
104.18.137.17
104.18.142.119
104.18.242.108
104.18.80.204
104.19.175.188
104.19.178.52
104.244.42.67
104.68.24.142
104.99.59.34
108.158.20.56
108.158.32.49
108.158.32.67
117.18.232.195
13.107.246.31
13.107.42.14
142.250.204.10
142.250.204.2
142.250.204.3
142.250.67.2
142.250.71.67
142.250.76.102
142.251.175.157
151.101.1.140
151.101.193.140
151.101.28.157
152.195.58.59
157.240.8.23
157.240.8.35
159.89.102.253
172.217.167.100
172.217.167.104
172.217.167.67
172.64.147.169
172.64.150.107
172.64.153.27
172.64.155.119
172.64.155.63
18.65.244.54
18.67.110.93
18.67.110.94
18.67.93.91
199.60.103.254
20.114.190.119
204.79.197.237
216.239.32.181
23.202.168.24
23.23.225.172
23.32.5.73
23.38.128.171
23.46.179.51
34.111.52.132
34.250.195.248
34.96.71.22
35.186.249.72
52.231.230.148
54.169.185.174
54.171.234.229
54.82.97.82
63.140.39.15
63.140.39.248
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
10ad847e598b98652e25e9a59e9ae0d3bc134007579a9caeec0c1dcd7eb48447
1357416e284fe5635f1fc55220ab0eaf6c9db8f330131b6653fda6d4e5857906
159453401c68cee218a8af0d1864ac09ade311641d6b6022e01004a9fa164dd3
1789e6bf0f139fc89e73756237ae433989a6d27e7effe2d1771c06d2566f889b
17d5f50e7418a0dc72153fdd8a575920588b667f199c39558fffa39fcb31bae3
1efbc0b6cbcc4cd357af84f294673258064a1d7cd74dcbd46c49d4a06fddcb9a
22b95f2e160d8ec135358ce824808f0fe21b7f4dbc59ade7cc46bba981244990
28cadabd6f2d70fe764730d4ec1ce97d1631d6fcf9c0bff198685ad8c0e4dd95
29eaa299786c710fc3ffc4c5863a5340629250153a25f878e7228e6c77725ce3
2aed280416005df8902253b020bbf3a7a47fc8ffc9a4e6764c11ec96c2079ef3
2d0ccf953317b3a71e714eadc5df1233d2a998725cd3ec66cb973ef31eb3c075
2f3d0e01677feadbc19d661d9910328561fa9b3fbc0427d4b17906adb7cc8471
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
33f4a3188e5bd3946bc65cba66db7f0400a6c149acc208b4b46640af86858f61
36074aa57ab395dc8e9c99b10e435ac3ac636f7ebf034da481ba7ca475a979f5
36954943f9b075915f39efcd7743627a0852a593bfe76602cdc0bc664f11f36a
36ee51a70bdefc9f7bc258ea6a70d70dfc88a0b16a05b142541649e27490b743
3f2069e4f379291c013b2ac6b33c3770c98737524f80ccdfca1ea8586169622e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45025f006d223700e68cbea84612a8f3f56caa5998c30d8ee0cbe2ff9b61bd22
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
469ab758cfe6a8ac93cda5872ca28655f6f874a2f6cceafa710fc01f52fc787d
47975b9118cebb02465385aeb97529e37674682ea6cfc8b15da100c89d472e45
4a2207e1dfdac97cdf65dce070c145d2f8251b726777b5073bb79308e69e1a68
4af9f5d9363d807f550bb635f0839596ad3edf4ed7b24defd8a758b9fb23f491
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
4bb1ac874a76d6bc873350d839b4ae5bcbea002f2a6f1907a197027c2dfc1fe8
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4ec4d2d21dd008135647d484526d98d4ac5700f623162536aac2c381bad26c15
50e50d3be7ae652e8b3c9077698cb5b77538fafc1c28652871f5f9ec22bd2ae0
568fab9461aa2db7d46ebe579172321147272063db4ac8f85e2c7b3c1e9cfbbe
583cabf7f2229d895c7db724e90d84ab6a7c9dd29660c487ca4ef529eaca9f02
5a57e097e75bc754d90232d0ac1c4d08b140b5a91e2f7308fc1588703d3b5942
5f98201416864cc4b68732366a13b61a9fca087a2ed0e1ec8c657b89ad1b9fdb
6028d3faeb714464de73dcdf96c5a35596163f18ce7780e5be801bd7d0c83ecc
625d3873eed4ef3d241348f9b4d9f873ff4a9b05374d1687a2abf64394d9c313
6525da7539785be701b524157b29e52b07b7d42af5c528103c8ddb47c4c57932
6692354a1d9a4d531832e922f7e86a9e80f24562572c9dc7614a71fe5145b266
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
68f9468c49f0963770c8053ff5342f80d1365eba47c8cc45746146e7d0721ed0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af2220bbd8824a7264ce0c86473660064e03a7352d0c2a8372b5e5eec8d75ec
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
753b5d77684b20581dddd43b3a944bca93a44da9e6dee0c8232ca6ed8a40ead5
776929cec54d2f7732640c0f1e5a459c49289ce73bbfad95fe3c437f1f6f820d
793137450e10df1f5246e33a2f76bd598fdf77181b81a0e90d55921a9d1c69ea
7a1c75dd02daacc70f1269cdefb7cb3a63d813c1d4e7d952606decdbaac02bdb
7dda4b29507887a80d74c81a30e6ff5241e414a7381cc0a4f6eef32595ebadf3
7e346638c3ddb845178533789bf0b2978129a0bf34ed6cb06c74e7bf51341bcf
80e815080b904770061dd4c45e5e70721be774b7bb15fe135a6e8f40b772aca7
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82b229c18625c8d31b4098338e4091fff498e75e1e2b9fb9da27ddf5694a02ed
831b25d2cf0066937657444e6d8366c0e51af9ac0989def0613358d48bd45b88
8644fd399f6a5ddbdb92bfdc83a966a02d1be5c4c34990dc66d25916c021df2e
8e5434cf124c82209d101031a9fc9c601725244be89af5ea9d18cca4bb598362
915925da9f0254cf9b8053d6102becec38d5447bc4f11ea9c8724ddf29f385d2
9342b2c5d6efa563547b694ef832c0f0b3db49e04659d1c6271d8f047bf671d6
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
944099178c8f3de174ef7412e4f9d088aed243ddb9108b7a0ea23d46668afbc2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a45c89da6cfa94009a61215c8921175ec1bf18444adb5bcba07e22e9b12954d
9b550b03b688b2f4a310525cb12c7b0e5097968f9c8850b6cf7698c7027b904d
9cb4eab4bada7c1acc0e15585f6c8207d7ea4630985d54dd18f6655c15ba5982
9dc0d1858bc1e2eab3856936743cda081ee0cf36b11db4b6aa8e52ef7e287d5c
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a26decf869d35389aee658f487ff614dabb9078b6e4fefa92c72379390aea58d
a28eb9c0b3d685e85d474a74e5a2ebd4760387395231340f740c314d0a814eed
a51650ac373686a9997b9f3d1ac9bc9ed87ab5e3e6ef04a3187096845958523b
a6c23ed876dffc288ff16cfb9fb7b3a83364285a813a571e14c2226370efdb65
a78c9f43dc3bd6f5fd515c9bb4b5f9a902d3352897674ca4b2f36a065cef1da2
a7eba0a323a7b7b65aa07526d2c2ed096f4632babb1afc1b6c6dd91d9cf66700
a81a65ff14c4132ec1f430e83cb3742b9fae832d5e39d8ed77e44ac6ecc632d2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1fca31f7e7a89c198881e69c42c6bb3578b7d55f2cee7463b96360feaf7eaa
ac6f4ec6849e6e8849d1130e40a378a9c7e751cd949306edd3383f7effa90658
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada096cd244d4658781440607e973a343e7fd0999ab45d87909fd9534e22f2cb
af0f090ffc58f4f04cdd42ee8f94cfdea962d3a1bbc0ed4bad1b201cb05979e8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b15b9360d4f49fd4092c88a67c9c0b219e3f4cc7ee563f82b605d1feb176a46d
b8a6494ebcc1c54d6dca46f9d5319a8477def37a026b5ca1cb57ea1176a26845
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
c114a5641b9988aecb7a00c47bd1d37d912883ff4ef9c3b9fe6ad21603ab1066
c12a0adff1e747becb97843abe35079449a0503669f2676b1cc1071e605c551e
c42aae2fedb7d28450f675df260a414800b1edb4a07746f5b06ca7402b45c62d
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c6607770413c62ed35f3095f96291d64d3a0554f1d1a9e96881ae037f2489474
c9105f4f56a528699b55b733a109fc44757a51cc101b0ffcb40b297c9e5d5261
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd823e8760f4762e83ae42ec9776261729cef7cec16254a21ee5e89f8575fe79
d0766ae65a129cd9249a3d42aae14c7f89e2dc4a2901cdf94cc9f48148fef61b
d200ef8dc6d814e409b6981ca60b00c74841e3d5bd43aa09f75a87f404d12162
d364575db314b58cf31d2d40ea325401ebe36c9ec54b0afde4f188439534c9dd
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd26d9d88899d0587c9377964b7d1ab478a318b0fdbee7b9d6a084e4aa6425f7
e086eb01f206971454c351b5a75ad5c0fe691bc1ee6796691812bf90796780f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a26e14b1b246588c6f3a84848053a90c1e10ae6842cd9179150345f4636ab1
e916c5c4045dd8e2c17ee1ddce9dd9515c4125bc52280b39e07fb83780055c14
eb9a859b4b75e248b087ead48d90e1112b8fd091224a827775a0ee86c16c2f5d
ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d
eefb5babdfd73f60a8ee80582972d65d13bfa7613db17e91843944037847e47c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f745fd0542aee5f49ecac8a7e8b38a7e9445bf0f891699121a23f02964f9eba5
faa2d073082188a0039399a9f374a523a9f3750ae9f1d2599ae63b27a860b149
fab8294d35a12278bfd9179ac66940d6d77145b986fc04e5826a8521f7aa1d49
fbc05ad16a8a088f7ba2560317767a30d0a9e001c1881242148037ba93ac43d6
fceba08a6bbdf2598e8f6d43e71b51854337da5f880c3fff252a25b9cd10b6ae
fe13fe0388b45529b8c11007bfc3c4c42e9888a95987a9d2d9165ff61051ca41
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

www.bitdefender.com.au Open in urlscan Pro 172.64.150.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

95 %HTTPS

0 %IPv6

46 Domains

76 Subdomains

66 IPs

7 Countries

4145 kBTransfer

8862 kBSize

84 Cookies

20 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bitdefender.com.au Open in urlscan Pro
172.64.150.107 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

95 %
HTTPS

0 %
IPv6

46
Domains

76
Subdomains

66
IPs

7
Countries

4145 kB
Transfer

8862 kB
Size

84
Cookies

153 HTTP transactions
0 data transactions