urlscan.io logo urlscan.io
SecurityTrails logo

stairwell.com Open in urlscan Pro
2606:4700:3032::6815:38d6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.stairwell.com/news/threat-research-report-maui-ransomware/
Effective URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Submission Tags: falconsandbox
Submission: On February 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 3 countries across 22 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3032::6815:38d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is stairwell.com. The Cisco Umbrella rank of the primary domain is 27079.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 19th 2022. Valid for: a year.
This is the only time stairwell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.246.175.123 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 206.81.21.44 ()
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 162.247.241.2 23467 (NEWRELIC-...)
70 27
7    2606:4700:3032::6815:38d6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.stairwell.com
stairwell.com
4    2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700:20::681a:46 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
2    2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
15    2606:4700:3031::ac43:9c07 (United States)

ASN13335 (CLOUDFLARENET, US)
stairwell.com
1    2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    54.246.175.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-175-123.eu-west-1.compute.amazonaws.com
log.cookieyes.com
2    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:20eb:a200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
2    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
api.hubspot.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2606:4700::6811:cacc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
5    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
app.hubspot.com
1    206.81.21.44 (None, )

ASN- ()
directory.cookieyes.com
5    2606:4700::6811:6d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2606:4700::6810:d7ed (United States)

ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent10.net
3    162.247.241.2 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
22 stairwell.com
www.stairwell.com
stairwell.com — Cisco Umbrella Rank: 27079
495 KB
8 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 2971
api.hubspot.com — Cisco Umbrella Rank: 4647
track.hubspot.com — Cisco Umbrella Rank: 2166
app.hubspot.com — Cisco Umbrella Rank: 5281
25 KB
6 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 17132
77 KB
5 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 6645
295 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 564
px4.ads.linkedin.com — Cisco Umbrella Rank: 6058
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
213 KB
3 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1736
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2425
20 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 704
10 KB
2 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 19580
directory.cookieyes.com
466 B
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2106
2 KB
1 hubspotusercontent10.net
f.hubspotusercontent10.net — Cisco Umbrella Rank: 39279
2 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 358
18 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3274
877 B
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 3883
438 B
1 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4532
25 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4579
21 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2005
20 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 2994
3 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2016
17 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813
378 B
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4464
2 KB
70 22
Domain Requested by
21 stairwell.com stairwell.com
6 cdn-cookieyes.com stairwell.com
cdn-cookieyes.com
5 static.hsappstatic.net app.hubspot.com
4 www.googletagmanager.com stairwell.com
www.googletagmanager.com
3 bam-cell.nr-data.net app.hubspot.com
3 app.hubspot.com js.usemessages.com
static.hsappstatic.net
app.hubspot.com
2 track.hubspot.com
2 api.hubspot.com js.usemessages.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 px.ads.linkedin.com 2 redirects
2 snap.licdn.com stairwell.com
js.hsadspixel.net
2 js.hs-scripts.com stairwell.com
1 f.hubspotusercontent10.net
1 js-agent.newrelic.com app.hubspot.com
1 directory.cookieyes.com cdn-cookieyes.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hsforms.com stairwell.com
1 region1.google-analytics.com www.googletagmanager.com
1 forms.hubspot.com js.hscollectedforms.net
1 js.hscollectedforms.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 px4.ads.linkedin.com stairwell.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 log.cookieyes.com cdn-cookieyes.com
1 ws.zoominfo.com stairwell.com
1 www.stairwell.com 1 redirects
70 30

This site contains links to these domains. Also see Links.

Domain
tour.stairwell.com
twitter.com
www.facebook.com
www.linkedin.com
bit.ly
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-19 -
2023-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.cdn-cookieyes.com
GTS CA 1P5		 2023-02-10 -
2023-05-11		 3 months crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2022-04-21 -
2023-04-21		 a year crt.sh
log.cookieyes.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-06-23		 4 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
geoip.cookieyes.com
R3		 2023-02-01 -
2023-05-02		 3 months crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2022-05-10 -
2023-05-10		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://stairwell.com/news/threat-research-report-maui-ransomware/
Frame ID: D40083AB267842A85BB7BCCBFF910C53
Requests: 56 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 0C67B604E187A822240C78A2FD5587EA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Threat report: Maui ransomware - Stairwell

Page URL History Show full URLs

  1. https://www.stairwell.com/news/threat-research-report-maui-ransomware/ HTTP 301
    https://stairwell.com/news/threat-research-report-maui-ransomware/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

70
Requests

96 %
HTTPS

81 %
IPv6

22
Domains

30
Subdomains

27
IPs

3
Countries

1248 kB
Transfer

3838 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.stairwell.com/news/threat-research-report-maui-ransomware/ HTTP 301
    https://stairwell.com/news/threat-research-report-maui-ransomware/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4077292%26time%3D1677517148474%26url%3Dhttps%253A%252F%252Fstairwell.com%252Fnews%252Fthreat-research-report-maui-ransomware%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&liSync=true&e_ipv6=AQI5hSNc3Jzn6gAAAYaT0FMbUnioOoaZqGClcvByFewVs0v4Czpow5ekcV8k0oUVGHEtjBv0

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stairwell.com/news/threat-research-report-maui-ransomware/
Redirect Chain
  • https://www.stairwell.com/news/threat-research-report-maui-ransomware/
  • https://stairwell.com/news/threat-research-report-maui-ransomware/
50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
5b257ae47d4b6d81f6a05f676cb1d290a1ebc489bf4ef2831a42cf1b644fd04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a02781afee091e7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 16:59:07 GMT
link
<https://stairwell.com/wp-json/>; rel="https://api.w.org/" <https://stairwell.com/wp-json/wp/v2/news/1465>; rel="alternate"; type="application/json" <https://stairwell.com/?p=1465>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcP7GsqCpzUkuPa26j7ReKLLGFQCxTyv4ZaZPJCHhOFcl0hEtolk0%2Fu6J7Tz7WnXbxpoB7UFXvdifnmzfffQ4OkZc5uLgIEzPvVWxqAGQFqPIql2qOcRgslzSt3pnId4C7XD8EBMsNizTWWG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 3
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
deny
x-powered-by
WP Engine
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7a027818eb9f91e7-FRA
content-type
text/html; charset=UTF-8
date
Mon, 27 Feb 2023 16:59:07 GMT
expires
Mon, 27 Feb 2023 17:48:22 GMT
location
https://stairwell.com/news/threat-research-report-maui-ransomware/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWb1NKgGSuxgQYPHn4kfGTFRSnPUubnEeyvu2I9TpEE2wdXsKZBVx3TWETnRZz7xuNuufRJa66F0q7inTcin2KmYPKYTmmuZ9fJhRChH7%2ByW8JU1AMq%2BtXta54eTMYwBJe67PMz99WyqIzQcOy4ZXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
x-cache
HIT: 3
x-cache-group
normal
x-cacheable
non200
x-content-type-options
nosniff
x-frame-options
deny
x-powered-by
WP Engine
x-redirect-by
WordPress
x-xss-protection
1; mode=block
style.css
stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/ 		404 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bb2b5db9183b4fa1c626456404804b3a41af051526044803892a70fc5aadc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 12:12:39 GMT
server
cloudflare
etag
W/"63dcfa37-650ae"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndE8oooaD%2B%2BhxBZ2avDYKRPEIUmf03lz2w7Jl6rkm0uAi8d3U3LEfKMNKAxMqLPfcXZWeBHau83vYgGQezIVT7BJCWRvuSxyBsGU3L7nVsG0IE5%2F3G%2Faj7ZFeyYNtyZx7UZaHGU7nkVb8VUD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a02781d0a8291e7-FRA
classic-themes.min.css
stairwell.com/wp-includes/css/ 		217 B
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
cloudflare
etag
W/"6357e86c-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CTGdVQTpMr5mgYhy4copzmYliYWl4QKD670gq6Zi%2BZ%2FMoke3w1jJV1EHS5qQ9k3R%2Fdp8G0RQk3eEnN%2By8EhTEeAUbUkY8K8psYtdBFhrFYMuDMt22c0eeqpzSf19tlKTzq61Po1rup6vrUX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a02781d0a8591e7-FRA
styles.css
stairwell.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 Feb 2023 06:55:24 GMT
server
cloudflare
etag
W/"63f1c7dc-b2b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa1FBmT9XJ335NyPfwLIZcwF03j%2F%2B9a4gbiqEZTGIv5b1QTyZyv9hvuarTo7uXfmo5IIXZkH01NBoOUSJ8PtGcXWb2%2FRNYnOnSmt0%2F4WkI1rvUCwW%2BIBbdkSfr4XDNqvaeCCmlTckvXNrnbP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a02781d0a8791e7-FRA
jquery.min.js
stairwell.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
cloudflare
etag
W/"632879b8-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTAJoNSuhxAKkphCCvMQOuFIbjRnDOZ9ofjuMICxrKRCpl1VEHzIE4PfXv0MtOYlwBg%2BIIREoS3LwHj253l0c4W78t6TRLDU%2F3X0h4kThbzNem4VmJoJIb6t17MQNa%2B5Sb%2BFNrzcBVoGckBk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a02781d0a8991e7-FRA
jquery-migrate.min.js
stairwell.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:38d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrKfWBUTXhvy5p2IhE7DgZrBhIp6aXD325JQItjGHk6ZJKtX%2BFBRIVs%2Fma1FXs25k9%2BTdYBhrwu2jNqSNSx9W3PpxE0IxSFIwJ0tqhXJ92ZwXfICM6FfcP%2BytQXCBNb8MIEOFoasHhD39zqw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a02781d0a8b91e7-FRA
js
www.googletagmanager.com/gtag/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180646454-1
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a443234ff254f56fbc8faf3472535f5bf5789a221306f6b028bc23e9b565844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44560
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 16:59:08 GMT
script.js
cdn-cookieyes.com/client_data/29f72abe3236264929833427/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/script.js
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db048837a5ce3c44aa06e26b0e427f25b1455ea384d7f933f0a91fc6d528d5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 00:38:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
83356
etag
W/"1798b-5f502c4cc36f7-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BhrZ%2BGJke3IkOodnfdRcf%2FAkgCtYVD9AJUFxt0HgT7E8Ck%2FxUomwZ0oe%2FoNW1aFGBH7g%2FRlaBo3v1hMgFBnCFaTcTg4zuaPsVRn%2BJw0Lyb4iyvZN2OrhgUlGQ%2BP3qu1jg%2BGMTPeBGQwHJVA%2FkIh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
7a02781d5cb3925f-FRA
8174064.js
js.hs-scripts.com/ 		2 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8174064.js
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688ef760c9073086f274a2dfdf9f932734f2028c8bc584997d7ad709fbd541ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 27 Feb 2023 07:27:21 GMT
server
cloudflare
x-hubspot-correlation-id
a2590bd8-d13d-48cf-a052-3c91fcf7702a
x-trace
2B5FFB88C4DB06A0BAF3F825BA079CD8F99D319C6C000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://stairwell.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
7a027821889a3a5e-FRA
expires
Mon, 27 Feb 2023 17:00:08 GMT
Stairwell-Logo-Blue.svg
stairwell.com/wp-content/uploads/2021/09/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stairwell.com/wp-content/uploads/2021/09/Stairwell-Logo-Blue.svg
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d857ed4cc48dd7e480a75a9eac3fe641334605dce8978228875a8741a4801300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 22 Sep 2021 21:34:54 GMT
server
cloudflare
etag
W/"614ba17e-11d1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jyk8uU2poVsJxC3F%2BR2X2uA%2BOAdE2v3s9u%2BAs8ewSxBZeBQXdDqaVEJjiM4q%2Brq1DvfVBQqvoKr6j8Mt0DJ7M8ZB1QOP4%2F1C%2Bg5pL91HJPeRZ6UNXz%2Fi8ZpT5M8qFkmSWE7iTmUaZNRBSw9H"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278215f7c3732-FRA
Stairwell-Logo-White.svg
stairwell.com/wp-content/uploads/2021/09/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stairwell.com/wp-content/uploads/2021/09/Stairwell-Logo-White.svg
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff341dbf76b3ce183d3a3d0daab548cf1d922b738ee11612c9d997b295eb11e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 22 Sep 2021 21:34:54 GMT
server
cloudflare
etag
W/"614ba17e-11d1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JmUCDsRqjvUcK8HdNssWpmPFYfhP2hXhB8I0vXlBiqk3sY%2BReIW7gseT8xi3xGYoKK5J4DaO0w8rOfgMDvwaVipAt9osHpHeB1N5nLQ5EtBDVTEtm4XeXxNPycwtU9BBf1oQOr13X0%2FKYo8"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278215f7e3732-FRA
contact.svg
stairwell.com/wp-content/uploads/2021/09/ 		46 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stairwell.com/wp-content/uploads/2021/09/contact.svg
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1212732bfd22cf2d7794e2cc27df850b2b5d67df0bdedf243dd82cd78fbba85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Sep 2021 14:57:29 GMT
server
cloudflare
etag
W/"6140b859-b929"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtNgIr59bMkrfEKEqphnKIG82Jt4lKaI2td4tGUWDjDe10EFWRKD%2F4waQJenvZIvwNfXFqCzzNYUPddHVuyg7P9AhwezdisI%2FlRz5txtWgcGWTTZPJEaDRtKf09JNCdp6R7TvU9xuvKNudcd"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278215f803732-FRA
security-analyst-summit-sas-2019_40633720473_o-e1643129364998.jpg
stairwell.com/wp-content/uploads/2022/01/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stairwell.com/wp-content/uploads/2022/01/security-analyst-summit-sas-2019_40633720473_o-e1643129364998.jpg
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adc1deda33f140f3d77263140255a5328290b4390a748de86f317ad0fbcf022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
86987
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Jan 2022 16:49:24 GMT
server
cloudflare
etag
"61f02a14-153cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ2qN2bsFSDJu7Is75W5Xbyc7%2FVziMFEBpHaB4f3NEGPNrGLRUK9%2B4cLCfzaY%2BuSsI1OGzNDb65EVc5Yn7fU8Nbzd7nwRQPBUqLHzX6xp6T%2FoIvh7LVcbbsM5wY9mJrrFXX%2F8ylwKSAALZKa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
accept-ranges
bytes
cf-ray
7a0278215f823732-FRA
email-decode.min.js
stairwell.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 22 Feb 2023 10:50:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"63f5f393-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0bu%2BFZaf8L3ThhMJqC%2FtlA7ruuYq2rRO%2FLsGo%2FW9FwWYb7s9zb%2Fd%2Ft5JWkbVQZwnjVEYFfaHihbEJVzOQNutUWExWYCRxLKsEk1XU9yq8r4ga8Z5AYDkvPXQwJOqe91DVZvOHzwmoT%2FH3wX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a0278206e123732-FRA
expires
Wed, 01 Mar 2023 16:59:08 GMT
vendor.js
stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/ 		712 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/vendor.js?ver=1.478
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
583ff972c53e74eeccb2120f18753c4478c7a7d92bc66ba1cefa8754a15f3271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 12:12:39 GMT
server
cloudflare
etag
W/"63dcfa37-b20cd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEuYg00BB4Q1ZzUqJnn5tybL3DBEbMp07dq2Tc1nFFWuIUhDV2B0IBxZS9Puzy7Sw20qrBv1P01mKdseLtnMODc%2Fxbcf%2F3LBAywXBjvycbLASjVXemQnZXpVnq7jbVyZ5K0tfM0fi5ZJKjT8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278207e343732-FRA
bundle.js
stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/ 		104 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/bundle.js?ver=1.478
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632badc3a0012a7e5dcc4cd74f48a61f0b29240b1d292715af5fd49cad89cf92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 12:12:39 GMT
server
cloudflare
etag
W/"63dcfa37-19f4e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JpIBpsWdAjalpGms7eIxTMOgMPeQEADgyxl%2BovMg8HVZ%2FberRKOZqf32KRqM7UchP74WdUZpBNX3OMzyu616HnadNjKgijMgr1JzRwskTPTvhxVPG1sOZqmD7ZxbTyT5TlPPzrURlk5Iz2S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a027820eee93732-FRA
index.js
stairwell.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 Feb 2023 06:55:24 GMT
server
cloudflare
etag
W/"63f1c7dc-2945"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkv33HbfNcIfgSbrSs2OQEA8dp0d0mFArUcOb7t2WtPBSXt5D4vhn36XTa5sIbC%2F6Q9ysdP33q2wTKSAj5ksHodgqLIT1BroeYUW0K2FxtV59Q6ICYEaZaaTzlTFbnSQBT4Qc8kUpfs3M4tA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278215f773732-FRA
index.js
stairwell.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
615618
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 19 Feb 2023 06:55:24 GMT
server
cloudflare
etag
W/"63f1c7dc-3294"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHElDW856wOYH0qmWfD9QsxjX2yWUDihZ%2BlBS96Imb8LT62BuDMNk86bS1spQKJNJXkb4ZaPXgNI5M%2F%2BIwhF3UH08iCxbHh1Rr%2FAxNjGaTkROa7puGBXKedk7NduRJ32tR11u8XxAmExJ%2FPS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278215f7b3732-FRA
8174064.js
js.hs-scripts.com/ 		2 KB
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/8174064.js?integration=WordPress&ver=10.0.21
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688ef760c9073086f274a2dfdf9f932734f2028c8bc584997d7ad709fbd541ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 27 Feb 2023 07:27:21 GMT
server
cloudflare
x-hubspot-correlation-id
44468a2d-8cb0-4fcc-88e6-c6e8f00fcf8c
x-trace
2BF7085086B295B35ACA7CB372D477E65CEEC15418000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://stairwell.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
7a02782188a03a5e-FRA
expires
Mon, 27 Feb 2023 17:00:08 GMT
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFTQ2KC
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e7abaf1845ccb761228d42ef019b859ba9fa9fcafa9dbd47ec8372d016f3664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45779
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 16:59:08 GMT
61b934c611d2a8001c3b0968
ws.zoominfo.com/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/61b934c611d2a8001c3b0968
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a26554884c2075dd19007f78250a9fd004c4620cbd5b1aeb0bdc087cc4b9bc88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7a027821abda2bc1-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
log
log.cookieyes.com/api/v1/ 		2 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.175.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-175-123.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://stairwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryK66KlWd34An4svHf

Response headers

access-control-allow-origin
*
date
Mon, 27 Feb 2023 16:59:08 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
banner.js
cdn-cookieyes.com/client_data/29f72abe3236264929833427/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47c6ce2ac523d41f3c5fafb8cd46ba29b63621b67bd14b870bc0f0fb2eed425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 00:38:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"176c4-5f502c4cc2757-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxLHlbl0mlkla%2F9Bu45pSCM97kFajQhhkFQJA3TFlFthOcXGRfQhaVB8CEa6FTv8N43dHEX70HdMjo2Vdd%2B6UP7RSprIsO4w%2F1exoLevig%2B8VxbyS9EVHDy1bu9wPSWoUFPfxJJt925R1isfJjne"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
7a0278215a26925f-FRA
BasierCircle-Regular.woff2
stairwell.com/wp-content/themes/stairwell-web-2021/static/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/fonts/BasierCircle-Regular.woff2?1
Requested by
Host: stairwell.com
URL: https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c7d9abc33fc2010c3aab6189a0b86735c8296096e5e6a8988474b4e8146bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Origin
https://stairwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15448
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 12:12:39 GMT
server
cloudflare
etag
"63dcfa37-3c58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1jJfXPI5bk41TEIQ4T6oTCt%2BBicy9iE2hA8jRn5iJ67bge7oMA08OIdOu7t3v%2Btv8MeA3P6OMrPaLTGHLns92Y6iDaIaluWlzbiok7qI6N32JM%2Fbpu9CXnRVEUICLpK7O%2BGN9%2FkWw3N4j5V"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
accept-ranges
bytes
cf-ray
7a0278216f863732-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=29394
accept-ranges
bytes
content-length
4777
Signifier-Extralight.woff2
stairwell.com/wp-content/themes/stairwell-web-2021/static/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/fonts/Signifier-Extralight.woff2?200
Requested by
Host: stairwell.com
URL: https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ff0016f576f6e63caf9a6b3768df5b35221d306856e6d9b7cd9aa6aaec4092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Origin
https://stairwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37728
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 12:12:39 GMT
server
cloudflare
etag
"63dcfa37-9360"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cguK8C8fXPokzJKvQoaERIeayIBPlp6IbKL73TYVEWvCzPypVSjWaU1Fg8UCNHqWMGwiNNMnYydX9LNXbLaZxAGl2uGTcL8I%2Fo%2B4Bk583QOPiCCBlegN4bcctnuCyysUaJAVSAecJM8yaJ2D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
accept-ranges
bytes
cf-ray
7a0278217fa23732-FRA
BasierCircle-SemiBold.woff2
stairwell.com/wp-content/themes/stairwell-web-2021/static/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/fonts/BasierCircle-SemiBold.woff2?600
Requested by
Host: stairwell.com
URL: https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a7bf011e5576755ec07e14cf3298b000a5627a3b257b0caf5d40d2d27f3ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stairwell.com/wp-content/themes/stairwell-web-2021/static/dist/style.css?ver=1.478
Origin
https://stairwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 Feb 2023 12:12:39 GMT
server
cloudflare
etag
"63dcfa37-3e7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BatfhTPWrobQhrYkKXgPttglk38OENg3MAD1vqd%2FQRXJ7dM9X9IvDfC%2FkJdik%2BDzjPAyXjf%2FvPquzFU7W9sDiJ7Bg74JK8if7dgRkj9%2FNlITot9gjz0nd9nbzv67gBN%2FQjCNfky2eABlCTW"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
accept-ranges
bytes
cf-ray
7a0278217fa63732-FRA
Circle-Background-Green-Animated.svg
stairwell.com/wp-content/uploads/2022/01/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stairwell.com/wp-content/uploads/2022/01/Circle-Background-Green-Animated.svg
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0015e5accaad79869e102949f819dd4917031d9a77fe59ed5d569f6c280685eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Jan 2022 16:04:47 GMT
server
cloudflare
etag
W/"61e6e51f-dcd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ng9GjaqjTqYohNMpS6Zzp8pbEl1TNwzdEOjJgQtX01yUe2UVqLUFQifVLNZs5nQuYH1RWTPORyStRnmDmwspbZndvTD6ym2gDEgXUVTBab3OlK79Jo%2Bwc7H6q%2BYy7AxOtkDc6X9mlSds2zE"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-frame-options
deny
cf-ray
7a0278218fc23732-FRA
token
cdn.linkedin.oribi.io/partner/4077292/domain/stairwell.com/ 		36 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4077292/domain/stairwell.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://stairwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 13:28:25 GMT
content-encoding
gzip
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
12643
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=34858
x-amz-cf-id
DWHHvGJJxiseH9lYt8VZFjrkZk1OeM9d6lFgGb3p8mXNePPSk7WF4A==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4077292%26time%3D1677517148474%26url%3Dhttps%253A%252F%252Fstairwell.com%252Fnews...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&liSync=true&e_ipv6=AQI5hSNc3Jzn6gAA...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&liSync=true&e_ipv6=AQI5hSNc3Jzn6gAAAYaT0FMbUnioOoaZqGClcvByFewVs0v4Czpow5ekcV8k0oUVGHEtjBv0
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: AB50278C25A64DE5B90633671732CC84 Ref B: FRAEDGE1516 Ref C: 2023-02-27T16:59:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1sWXHJrdaUAfUmxr5pA==

Redirect headers

date
Mon, 27 Feb 2023 16:59:08 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5F6496C2AF204C9F92CBD520AD231ABC Ref B: FRAEDGE2006 Ref C: 2023-02-27T16:59:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4077292&time=1677517148474&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&liSync=true&e_ipv6=AQI5hSNc3Jzn6gAAAYaT0FMbUnioOoaZqGClcvByFewVs0v4Czpow5ekcV8k0oUVGHEtjBv0
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1sWXEhioW9/IuhgMUQg==
8174064.js
js.hs-banner.com/ 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/8174064.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8174064.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b1ce98b51d48ab62fd659180a3dd43f3526845d73158b6d3616fbadac15971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
x-amz-version-id
CznIVWT2eNZsRQ1MLTpefqYL1B4pZhPq
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
2KM3GDYGYVD36VZB
x-amz-server-side-encryption
AES256
x-amz-id-2
5FGpF6LWfPgwV5dbHIe9E/yZfKwiKDJvt4A31/y6DgpBSJLqeM5B0WEFDPQ4ouVBR6EL/94kXH0=
last-modified
Thu, 05 Jan 2023 19:27:10 GMT
server
cloudflare
etag
W/"aba399e19116146646436fade474bb60"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://stairwell.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7a027822bc4d9bb8-FRA
expires
Mon, 27 Feb 2023 17:04:08 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8174064.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
552da695674e5ff5a53e685eac5440a231023675c5098e54c1516e73ec99f35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
x-amz-version-id
1ZaYK3sC7unZOzTPEqwB36un4rYvqT1Y
via
1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
336
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.327/bundles/pixels-release.js&cfRay=7a026feaf9389070-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Feb 2023 03:24:48 UTC
server
cloudflare
etag
W/"c5fb4d0d970e121f5c6f72a277677133"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
MISS
cache-control
max-age=600
cf-ray
7a0278229ce29028-FRA
x-amz-cf-id
h5uyeYmqBkGm6R2L9i_uT0of-cjdTfqbmS3dAW2jBuyV2GVCCid9kg==
x-hs-target-asset
adsscriptloaderstatic/static-1.327/bundles/pixels-release.js
8174064.js
js.hs-analytics.net/analytics/1677516900000/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1677516900000/8174064.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8174064.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c598fceaee3e949c90705320c8fa7d971289f2aadd8d4006085abf593806038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
176AHRXJMY2FKFKF
x-amz-server-side-encryption
AES256
x-amz-id-2
ZQzY2u2xFoMlSU47yIbC6Zw8nbZLSrQXWc+SnSq28xKJ2LH0ESo8U7PPxdNDbLqcCwE+jba3G3U=
last-modified
Tue, 21 Feb 2023 18:57:10 GMT
server
cloudflare
etag
W/"06f3ddedbbd1df846e6db8c46f85810b"
vary
origin, Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
7a027822ad04361d-FRA
expires
Mon, 27 Feb 2023 17:04:08 GMT
conversations-embed.js
js.usemessages.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8174064.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae2185bf9e0f1dc5a8f35de66bb1cb30b3e5ed3d726cb4077aaff72a2547f9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
x-amz-version-id
5k26n6jGKWvNXLRuEGyS9RQHyta3y8Zn
via
1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
220
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.12342/bundles/project.js&cfRay=7a0272c04e1e9bb8-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Fri, 24 Feb 2023 12:14:30 UTC
server
cloudflare
etag
W/"5014ca3fae42657f43ce2774728311ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
7a027822b83c9bf8-FRA
x-amz-cf-id
bsctjzn2dwL_qK_NtIREg552x9nRjrufmEKv8c4tfi_x-IgRg5UcaA==
x-hs-target-asset
conversations-embed/static-1.12342/bundles/project.js
collectedforms.js
js.hscollectedforms.net/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8174064.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b42aceb12f34135ce39544c6b143dbdd5690ee9a8809c49a3a37ba014bd200

Request headers

Referer
https://stairwell.com/
Origin
https://stairwell.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
x-amz-version-id
SRrb.93sqm.lmAPDUKFHizePSATAJlo.
via
1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
br
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.315/bundles/project.js&cfRay=7a027822aeb490a8-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Tue, 07 Feb 2023 01:17:58 UTC
server
cloudflare
etag
W/"257b82c9f242c143eb09b6862e336a56"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
cf-ray
7a027822aeb490a8-FRA
x-amz-cf-id
GWgR7-0OnTaIZuttjdSK9JgSirTGLgdzN9tet1bnf1CSoJ9Kb8g3Bg==
x-hs-target-asset
collected-forms-embed-js/static-1.315/bundles/project.js
js
www.googletagmanager.com/gtag/ 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TW84GPPQZ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFTQ2KC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28340752395d3a84f17c73578deb16cead2f8ebeef9fcf63ecb877442acff5b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82501
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Feb 2023 16:59:08 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180646454-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFTQ2KC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5ff985416c5b444bfb2036095dead358c14e5ad14cadc6c8ad0374b617a254b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44574
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Feb 2023 16:59:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180646454-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 15:12:19 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6409
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Feb 2023 17:12:19 GMT
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8174064&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1d045b44d1ebce2835dc493d62be5764916201d0e13def54d3bbf1b31fab53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://stairwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3a60575b-9bb3-44f6-9d85-7e9fd69f5f12
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stairwell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOqpQGmcYlZGHL4KciiSTxP361E8BdH2FHL5l4nqpMr4cbw4dvBtM8Xe5vuUSaTxGB7QjRB%2FEkTP0JxKwjjOO5QZMQ6dCGJl4ulOq1E0jkm0CGxBuqftFtOYd6AyYLQQMOWhh61s4fdafb5e5byE"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7a0278242bb13733-FRA
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TW84GPPQZ8&gtm=45je32m0&_p=229856743&cid=1886262041.1677517149&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677517148&sct=1&seg=0&dl=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&dt=Threat%20report%3A%20Maui%20ransomware%20-%20Stairwell&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TW84GPPQZ8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 16:59:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stairwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=229856743&t=pageview&_s=1&dl=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&ul=en-us&de=UTF-8&dt=Threat%20report%3A%20Maui%20ransomware%20-%20Stairwell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1454023590&gjid=1215840556&cid=1886262041.1677517149&tid=UA-180646454-1&_gid=134879331.1677517149&_r=1&gtm=457e32m0&did=dZTNiMT&gdid=dZTNiMT&z=1944297526
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stairwell.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Feb 2023 16:59:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stairwell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: stairwell.com
URL: https://stairwell.com/news/threat-research-report-maui-ransomware/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
a3cd7abe-c9b2-4337-9049-276e70c74c3d
x-trace
2B366B2AADE8F84FFDE24A74EDF1303BCF97E78351000000000000000000
vary
origin
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
7a027825486f9072-FRA
content-length
35
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8174064&conversations-embed=static-1.12342&mobile=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&traceId=d7944264912a4bcd92a6c76a8eb2302e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://stairwell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://stairwell.com
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a027826e86a3733-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Mon, 27 Feb 2023 16:59:09 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQIFiy%2BWNkJ%2FhQWJYUzZD0JWsHuNn8rne49Lq6DXaXPUYGXKWetGayNWcH%2BnOB7rI2Tkg4qB4lpuGDwx6gD3XNWRQrC4qYBE1sQbCWiOUEuA8nOdgnrHGNqjAncs5Qm93qHHjlYd%2BPtYtj8AdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-hubspot-correlation-id
cfcc092c-08be-4fae-b4ea-0e30b61d1e0f
x-trace
2BF8BF57AD125C2F0141CCCB00E49B06C56E4E2F1D000000000000000000
public
api.hubspot.com/livechat-public/v1/message/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=8174064&conversations-embed=static-1.12342&mobile=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&traceId=d7944264912a4bcd92a6c76a8eb2302e
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b8d0baa99d0a6b3149bb275cbf28170e9b9445bbda531db10ace73fa920d5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://stairwell.com/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://stairwell.com/news/threat-research-report-maui-ransomware/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2b0f2462-595f-4196-883f-41bf453ff460
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1404
server
cloudflare
x-trace
2B0E2DF9A0C54B4B31CE221102466BB84DEF5AD58F000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stairwell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wDMi1vl9OPRM7dmMlhXdJREERomX7%2BLj85ZzxnwSYcv0u%2BaZNJJq61NdPS5VCmRJBUOZKuJDW7MiES326dKVA98mOWxvYRVd8FNt2gcMLPcuGK5JnmWbShIjsSq2Sj3dEsiw4nP6AvTnRZGog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
7a027827ca543733-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		114 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8174064
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b984aa0a8d163abcb0290b6524c6beee3f209aaacf306e04b9e5534ce57be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0cf4538e-a7e2-483c-a6e9-38969bbcc990
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B06AB80DAA93E77AB24632AEBB56164FDA112C6D0000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://stairwell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOSmjjpKqKTC%2B58%2B%2BKy9iWGqhLfb2fw9I%2BGBFFNpYIDOBjB11opDBpIYfb56POVbDS37BlK8l3jt4qAHHLoSs1iNFbUDFE%2BNyCyzIwJsNJAMH1yBvCyEtv%2BndjtvzG8aeDPlGMyihzh3N1ex"}],"group":"cf-nel","max_age":604800}
access-control-max-age
180
access-control-allow-credentials
false
cf-ray
7a0278273f9c382c-FRA
access-control-allow-headers
*
schema
stairwell.com/wp-json/contact-form-7/v1/contact-forms/1460/feedback/ 		75 B
815 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-json/contact-form-7/v1/contact-forms/1460/feedback/schema
Requested by
Host: stairwell.com
URL: https://stairwell.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
1c9b1dda7a826c8a050ce0172e58c602af17d86eccc99a9f959b519a7c9a1500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, */*;q=0.1
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-cache-group
normal
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
content-encoding
br
x-powered-by
WP Engine
x-cache
HIT: 5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
allow
GET
vary
Accept-Encoding,Cookie
content-type
application/json; charset=UTF-8
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpvdP3ykt1jgZgf2FEtUP3f7Jh3b0hpe0sPO0AyeSSp6QwHVG9VqeO6rYZ5wlTeZLvvfqn5jqsz6kBGrdk9nVvfUycQV68IELOYo85Lby2HW6134eIJ5Q%2BCqgFH9YF6%2BtwD9JPbaszM%2BBBJ4"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
x-robots-tag
noindex
link
<https://stairwell.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
7a027826fea83732-FRA
JOE7NddW.json
cdn-cookieyes.com/client_data/29f72abe3236264929833427/ 		139 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/JOE7NddW.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b73e5a44a20db2de6e1cb18bfb05adb3ff14f8af9efbae243d511600b445b2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 00:38:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"8b-5f502c4cc2757"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5F1s%2Fvw4hnWwtrp5gpeFXsMkEGUK5z980jclTGgIH10%2F2HQcxLruUgKveFup%2F1A64vnvlmQo38rkxsyzENNx4rKX%2BTj9hvcKkKUYfwK1b8lyaqKIRaby0UfNXeo%2BqGM7w3%2FToBSQAuvA9T9UK8gS"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
7a0278273b7692c5-FRA
__ptq.gif
track.hubspot.com/ 		45 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1706262889&v=1.1&a=8174064&ct=blog-post&rcu=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&pu=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&t=Threat+report%3A+Maui+ransomware+-+Stairwell&cts=1677517149284&vi=3b8c753f70b1de19745d63ef3a1f3a06&nc=true&u=95665475.3b8c753f70b1de19745d63ef3a1f3a06.1677517149281.1677517149281.1677517149281.1&b=95665475.1.1677517149281&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9eae7758-796e-490e-b9f9-9b54e20d189d
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDccVdMZWTUVYxZbLPJqt1yo36OXhXoCwpHAvTjD%2FfNMen4eAcU3uSY6cre1RGnWz%2Bz7yWGOSKTnJmuWVIi396gpVd9t4cCx1G%2BCBEg1r%2BKO3QhcifRpfK8QWWuL2SWz9qi7noGv4t6q0BA%2Fsh1q"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a0278274c5f9130-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1706262889&v=1.1&a=8174064&ct=blog-post&rcu=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&pu=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&t=Threat+report%3A+Maui+ransomware+-+Stairwell&cts=1677517149285&vi=3b8c753f70b1de19745d63ef3a1f3a06&nc=true&u=95665475.3b8c753f70b1de19745d63ef3a1f3a06.1677517149281.1677517149281.1677517149281.1&b=95665475.1.1677517149281&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
6af6e464-9ad1-4eba-81fa-0dafb654e3a2
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIgLk8%2FCtwkRZtD17StO3gzL0YF%2FDzIMcte5xfZ00qQLBM%2Fa%2BCS1%2FXIg%2FCFTBkd6oqlawz9nakvpe2dmNzsS%2BZoVvKT0rFG4t5YCXBATQfexNG%2FQiQUh36aKPIaXqdKE6VJ5926xGMy4W%2FCzq7wQ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a0278274c629130-FRA
x-robots-tag
none
refill
stairwell.com/wp-json/contact-form-7/v1/contact-forms/1460/ 		2 B
755 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stairwell.com/wp-json/contact-form-7/v1/contact-forms/1460/refill
Requested by
Host: stairwell.com
URL: https://stairwell.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:9c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, */*;q=0.1
Referer
https://stairwell.com/news/threat-research-report-maui-ransomware/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-cache-group
normal
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cacheable
SHORT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
x-powered-by
WP Engine
x-cache
HIT: 4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
allow
GET
vary
Accept-Encoding,Cookie
content-type
application/json; charset=UTF-8
x-frame-options
deny
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MpD%2FOjXB85R5%2B9G%2FRGZDT%2BDgHzJZKA%2BEvvzHeDIAgPE7uDL7q3qTzKLM34jHoC31%2B0ZEkk7xidcmPyw%2F%2FM0D9In2bmmBJkdB8d7bZZzmG9ecURHa0ClueyT0iU%2FDbJNyZBWaPl%2B5YSPUozy"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex
link
<https://stairwell.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
7a0278271ecc3732-FRA
result.php
directory.cookieyes.com/geoip/checker/ 		113 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://directory.cookieyes.com/geoip/checker/result.php
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.81.21.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36f90d5dd2ef77a49c7fb8fda42f08bab452ab9e50d607d93e93edf02944777a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:13 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
113
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=29393
accept-ranges
bytes
content-length
4777
d7944264912a4bcd92a6c76a8eb2302e
app.hubspot.com/conversations-visitor/8174064/threads/utk/ Frame 0C67 		51 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d1a4eaec7041443d470897f3c75fe3de2534377fc82e1b6ca27082af5da8ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://stairwell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
age
2351
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
7a0278291f669130-FRA
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.14794/html/index.html&cfRay=7a0278291f669130&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F8174064%2Fthreads%2Futk%2Fd7944264912a4bcd92a6c76a8eb2302e%3Fuuid%3Daa342698bc1f48679b18ed8bc27bd86a%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dstairwell.com%26inApp53%3Dfalse%26messagesUtk%3Dd7944264912a4bcd92a6c76a8eb2302e%26url%3Dhttps%253A%252F%252Fstairwell.com%252Fnews%252Fthreat-research-report-maui-ransomware%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fstairwell.com%2F&cfenv=prod&pdt=2023-02-27&csp=ro
content-type
text/html; charset=utf-8
date
Mon, 27 Feb 2023 16:59:09 GMT
etag
W/"859591267aee245ffe44111e4a36f1f8"
last-modified
Fri, 24 Feb 2023 12:14:30 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints
default="https://exceptions.hubspot.com/csp/reports?cfRay=7a0278291f669130&resource=conversations-visitor-ui/static-1.14794/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront)
x-amz-cf-id
KCAA3fr76tJoeJFJ7H8FxxuBWO_OtR-4sv-pNnVwGtehV17gN0BJVQ==
x-amz-cf-pop
IAD55-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
4lf7Wrvm_b5e5YaV2ILZe8L5JvSUGK3g
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.14794/html/index.html
x-hs-worker-debug-mode
false
bundle.production.js
static.hsappstatic.net/head-dlb/static-1.270/ Frame 0C67 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/head-dlb/static-1.270/bundle.production.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71df9a91f89add02cba236b426b0dd7610a062d5e43a3c86a25a117a53cdf2cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Origin
https://app.hubspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-amz-version-id
LysCEn1IWOZ4CIC6b3SCgmmVc3yyp9tz
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
513982
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Feb 2023 16:39:40 GMT
server
cloudflare
etag
W/"3b99fcbae7301000b4029b060cd94242"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hubspot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SA1DFbxGLlSfoHj7POxXfBQR65QSt7Yi7tiXaaej3uveydhVYInCPq3KOpI9af89BhQlIIwT%2B1AcNyihkt1AKSuIURmTnMUTh5Vu2ezqcMdLh7vweK%2FDeBD2VDM3ee4y1uxk0tV6%2FWRR%2FC1jiV7majdEzj4%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
public, max-age=31536000
cf-ray
7a02782add845ca4-FRA
x-amz-cf-id
UnTd9uwLyfbURdVAeQkogTM8hrw3wVcZBzXRkUtNSAXBsFPOpYPMMw==
expires
Tue, 27 Feb 2024 16:59:09 GMT
visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/ Frame 0C67 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.14289/sass/visitor.css
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963563d75d17a3c2b444ad4d73e3e9c24a43f6f9e121cce484aa6c7d197af73c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-amz-version-id
8cTUQYaMqbf6Yv8IIYst6y8hd.mcxuTh
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
2294231
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 19 Jan 2023 19:32:55 GMT
server
cloudflare
etag
W/"3192955eca3e03437d10c02e718e1960"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNu%2FRzL6QBJp3bKc%2Fy517Yr7qBxJ0mOAm%2BOj5k6GOcX4VJ5dh0Ouf758lJ3VLOcnzBJy8nZANJAWOovhYgiCwx%2FFFTVxiLhL%2FhCgv3d3udt3pcCTJo%2BwalkoENxiBe13D8fUnU0r9fWJceLwYtxitXypyLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7a02782aec4737ea-FRA
x-amz-cf-id
1Z3ukzyEAAnGKtkNoQD5GD2rP1SUWcsHDa9kkwG71zr0dSuLlyzVtw==
expires
Tue, 27 Feb 2024 16:59:09 GMT
bundle.production.js
static.hsappstatic.net/hubspot-dlb/static-1.354/ Frame 0C67 		295 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/hubspot-dlb/static-1.354/bundle.production.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2449ac1a9451021a441c818e5eaed77a5e880504ad0815c40f0f19ab84ca6cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Origin
https://app.hubspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-amz-version-id
Aj74JH9zHucnM4eKyPxhPDYcnw_QEp7F
via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
1810982
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Feb 2023 23:38:38 GMT
server
cloudflare
etag
W/"e18613eeedf95727a868236b293e5f98"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hubspot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXTO%2B22CJu6WPgzsH2xmfHf9Jtnt1%2BogisrFfMzVQmiKfMT7SZBwKHa9zXQ0oyMmk%2BYIexm44CDrvexcLwk7RQqlZyUE52%2BWJV31uabBYxSdNC%2FeQCZaS3FmzuuwHZ4OzeB0d6QhhuvJbkhxsbWROJaXM8s%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
public, max-age=31536000
cf-ray
7a02782add875ca4-FRA
x-amz-cf-id
y5S071SLCryuOP_3r57HbanBBMKX0Wz79wODaPR0VyIdkCQknKGPbw==
expires
Tue, 27 Feb 2024 16:59:09 GMT
visitor.js
static.hsappstatic.net/conversations-visitor-ui/static-1.14794/bundles/ Frame 0C67 		608 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.14794/bundles/visitor.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9dec2536b45036a83edfa39f851d090deb7887b6999d696b50810f4369d962a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Origin
https://app.hubspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:09 GMT
x-amz-version-id
kKgY1OOBzpbpSW86TMyumKQwuwmgqC3E
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
age
319463
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Feb 2023 22:02:01 GMT
server
cloudflare
etag
W/"776953b15d90a240b58ce79cae08db0c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hubspot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CI4ZyEnDqGhSmPSLoU4WTWVLDq0fHLQsPCUV8l1tszALi3GcQLbGVIpOe4kpXlJNCGDGA2ngxvP4ypL91FVkvWR1JeYCJqJrF7USpgqjE0EQvg9VrD8iolAubz5yS01a6QIc6WccfT5HOcOfBhNLa1A8xM%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
public, max-age=31536000
cf-ray
7a02782add895ca4-FRA
x-amz-cf-id
BBbnCvKIR2EMqIS3J97akv4Pwwm-imuasl3ZAQ3vKf8SZfLcPCrFsA==
expires
Tue, 27 Feb 2024 16:59:09 GMT
i18n-data-data-locales-en-us.js
static.hsappstatic.net/conversations-visitor-ui/static-1.14711/ Frame 0C67 		776 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/conversations-visitor-ui/static-1.14711/i18n-data-data-locales-en-us.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7423b7bf0cf4294d4716ebd117701e2808fdaf5bffe46d6d3afa50d3359f537d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Origin
https://app.hubspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:10 GMT
x-amz-version-id
4AfzkA2T8U2tBNJMXMvOd2tbIqIJyMy3
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
344703
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Feb 2023 20:04:35 GMT
server
cloudflare
etag
W/"5fea6a21ebd166095e60e111878c4f64"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://app.hubspot.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJQPW5pKztwof%2BBJ08MP%2BOmVcBxT50oob4LoFEK2TzhBD9LZ0nh85HgKhD80zPU3NXcwwLbIJy9aftK3uQdx%2BkVUsPxWCzy%2FiR8eIkod8N0aGM%2FR6Wy2I0%2FF%2F77jb4mMKCheeoVlm5A6yv7StQ7SZAblrRY%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials
true
cache-control
public, max-age=31536000
cf-ray
7a02782c28405ca4-FRA
x-amz-cf-id
sjLQbbyQAAP2toLJGmLhViLI9BoQt5bcf3ftgFwMjBRDDIdYKOyOrQ==
expires
Tue, 27 Feb 2024 16:59:10 GMT
nr-spa-1216.min.js
js-agent.newrelic.com/ Frame 0C67 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
via
1.1 varnish
date
Mon, 27 Feb 2023 16:59:10 GMT
x-amz-request-id
DP5C34X5Z6YPAHYP
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
67zAQpTRyZG7pPDlS3UCix35OM10Kcjz/Vm9dpVF8RQfw3cfNLbbSTu8x/qYuCVGXVSe6wcFJKs=
x-served-by
cache-hhn-etou8220041-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1677517150.188798,VS0,VE0
etag
"63e2df852d15ab21d7ff8fc4363222e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2341
Stairwell_Logo.jpg
f.hubspotusercontent10.net/hub/8174064/hubfs/ Frame 0C67 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.hubspotusercontent10.net/hub/8174064/hubfs/Stairwell_Logo.jpg?width=108&height=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d7ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b76ae6666e7bb84a14d5ebd3fb59d89d2c1d8fcafebe56a9c9421a010cab38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
34308
x-amz-cf-pop
IAD55-P5
cf-polished
qual=85, origFmt=jpeg, origSize=1781
x-amz-server-side-encryption
AES256
edge-cache-tag
F-44387269728,P-8174064,FLS-ALL
cache-tag
F-44387269728,P-8174064,FLS-ALL
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
RefreshHit from cloudfront
content-disposition
inline; filename="Stairwell_Logo.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
content-length
1156
last-modified
Thu, 23 Feb 2023 01:46:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"43c35472d4ece4dd8bcd3b7f4deecd71"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7a02782d2e9e903d-FRA
x-amz-cf-id
XW2e5euZvJUEy-5ybg_kUDY57Fr7g7_r__0KpNN69g5QHgtiK8n2ig==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
rhumb
app.hubspot.com/api/cartographer/v1/ Frame 0C67 		0
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14794
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.14794/bundles/visitor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Feb 2023 16:59:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
eb7ed8a0-c061-4766-a272-44162a130e0a
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Cz0k0WjH6rqkLpPbGbUaxut4iOBpIuJbpyXGhB90B1HrTzUpuwG6dIEj7yAX7S9s7BrCAy1UOOV%2B58ApF8qR9A%2BKo3lQl5llMJLvPyAORUp0OQ92n1rQpF6rgPWP%2Fi5TDW4ctNsjsh6y4LCTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.hubspot.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age
604800
access-control-allow-credentials
true
cf-ray
7a02782cee399130-FRA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer
timing-allow-origin
*
welcomeMessages
app.hubspot.com/api/livechat-public/v1/bots/public/bot/1376144/ Frame 0C67 		580 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/api/livechat-public/v1/bots/public/bot/1376144/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.14794&conversations-visitor-ui=static-1.14794&traceId=d7944264912a4bcd92a6c76a8eb2302e&sessionId=AMOaWbIuk0OhpIgFMFnLA2VmtHuOVG08jH2AxY5bTm9VYvGe3-7XKU-ld-TnF95j9dI8I9kL0etcybUHLBwck1VQJosseGVp8eq_35FpJLwmBwfMkCRfXhqSxfhoMDb6TBEIJVi_tGUZUfEgpwhi-8Xdvhn5wHadKdSjIqxen4P-_ra1OlY6TsM
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ad314daa951c5d746fe032c70e70f19f3c115709e059a5828c394dce5140ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
bc050fb0-891a-4848-9f58-66a806f1af77
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B20F17895D576674A30BF83FC5D1831AD28EE333E000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXlFcBsEMGD0M%2FoK2ejhD2IIAqbBYce%2FAm4AeHl7VxNuuTvf2ir65XaB0zcC3y%2FCVBIhoPW51irz0KPsSMvTrouCrj3rmOhlXzIjFhffCi4kNsteyIE44vxo%2B3mxDhR%2FcMY%2BbhBFTC2LGyMU9g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
7a02782d0e7d9130-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
f9d051f404
bam-cell.nr-data.net/1/ Frame 0C67 		49 B
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=664&ck=1&ref=https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e&be=352&fe=558&dc=524&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1677517149597,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:17,%22rp%22:226,%22rpe%22:230,%22dl%22:234,%22di%22:524,%22ds%22:524,%22de%22:525,%22dc%22:557,%22l%22:557,%22le%22:558%7D,%22navigation%22:%7B%7D%7D&fp=655&ja=%7B%22nrSnippetVersion%22:%221216%22,%22environment%22:%22prod%22,%22deployed%22:true,%22hublet%22:%22na1%22,%22userAgentRaw%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.5481.177%20Safari/537.36%22,%22supportsPromiseRejectionEvent%22:true,%22hsOlderBrowserVersion%22:false,%22deviceMemory%22:8,%22cpuCores%22:4,%22downloadSpeedMbps%22:9.4,%22effectiveConnectionType%22:%224g%22,%22networkLatencyMs%22:0,%22conditionalPolyfillsInstalled%22:false,%22portalId%22:8174064,%22package%22:%22conversations-visitor-ui%22,%22packageVersion%22:%221.14794%22,%22template%22:%22visitor-index.html.tsx%22,%22user-online%22:true,%22visibility%22:%22visible%22,%22currentVisibility%22:%22visible%22,%22isEmbeddedInProduct%22:%22false%22,%22reactRhumbVersion%22:%221.8731%22,%22reaganVersion%22:%22react-rhumb%22,%22route%22:%22/%22,%22numReaganChecksStarted%22:1,%22numPreviousReaganChecksAborted%22:0,%22avgDurationBeforePreviousReaganAborts%22:0,%22numPreviousReaganChecksFailed%22:0,%22numPreviousReaganChecksSuccessful%22:0,%22supportsUserTiming%22:true,%22supportsPerformanceTimeline%22:true,%22supportsHighResolutionTime%22:true%7D&jsonp=NREUM.setToken
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.hubspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 27 Feb 2023 16:59:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cgaeg%2FHoDhz%2F5%2FSw0t0H3c6j0M4tvXBGDI9fEoDpWXKg7THhyB6xTnPA5KniynkOJdyUiNrIFDQ4Q2SMnpPBvVFqUi1EPWudtmG3TT97ji6rbACeVF74YEVIfDMD2xENqnlQb6NS"}],"group":"cf-nel","max_age":604800}
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7a02782e1da79202-FRA
f9d051f404
bam-cell.nr-data.net/ins/1/ Frame 0C67 		0
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/ins/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=970&ck=1&ref=https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.hubspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 27 Feb 2023 16:59:10 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFYuSmgiUONlW%2FlEvAOWg4qYMutRtQTqL6J%2Bnzmx1vIxnr%2FQoDAOlaWb1rgjUxVBqc7wm0rH4hz%2F67dPO45lJQM%2FzI1e5H%2F8V3uUx5CedjKmANhardRfcpqbr3BR0LbweJc5EEIJ"}],"group":"cf-nel","max_age":604800}
Access-Control-Allow-Origin
https://app.hubspot.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7a02782f1ebc9202-FRA
f9d051f404
bam-cell.nr-data.net/events/1/ Frame 0C67 		24 B
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/f9d051f404?a=205242107&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=976&ck=1&ref=https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/8174064/threads/utk/d7944264912a4bcd92a6c76a8eb2302e?uuid=aa342698bc1f48679b18ed8bc27bd86a&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=stairwell.com&inApp53=false&messagesUtk=d7944264912a4bcd92a6c76a8eb2302e&url=https%3A%2F%2Fstairwell.com%2Fnews%2Fthreat-research-report-maui-ransomware%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.2 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.hubspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 27 Feb 2023 16:59:10 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://app.hubspot.com
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3G7K%2FEqr4rOvUjRGIxMMpGcOJzpBmWzOHVYqXYCR5LILWqNnWJOugcgz%2FvJ6sbJjVOZyyWrxjJI8Ew008yTVtZjy2nVU4AQW4EblhvX4bm3PYNQ6xvryEMz58AcHCtEzG47VWH3"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7a02782f4810368c-FRA
Content-Length
24
uXYf7KzU.json
cdn-cookieyes.com/client_data/29f72abe3236264929833427/config/ 		30 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/config/uXYf7KzU.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1099b0eb43c0e616c3d66ec1d10782abea60c79249cdadd6450fc5d77fc91d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 00:38:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"76d4-5f502c4cc2757"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xxRHKcGAEMdOmLQSmcROy5gV7sAoIF%2BCjZOiH7kNRLjqCqB45Vlu0MDJqsJr4swa5EEP%2BpxRCA6QsJ5sPK5C%2B2tmDDv2cS1AOYHbrEPPnVslXeZFQlLcz3ZCUz%2FO1mACAiM8t5ubtDvcgcnFIQN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
7a027845697992c5-FRA
1XQWA7FE.json
cdn-cookieyes.com/client_data/29f72abe3236264929833427/translations/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/translations/1XQWA7FE.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e1b755c3f239538406088aeec966142d2f3b3bb75d443075b3ad015cf95214a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 00:38:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"73b-5f502c4cc4697"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhXM3J%2BBLLtlVfDeizkBWFx3bJlTbuReV5PSGXgkPGWd4Qheg%2BtFSf8tH3%2BDm%2F7XCUo%2F717%2B1vnKt8vkgIyi79JLdnndYGt2yi%2Br1rssB%2Fn4lMZrv1LCSMiidtnOx1nF7mQKmtl2s7UE2eNBVhJg"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
7a02784599a892c5-FRA
BwNu_Ky6.json
cdn-cookieyes.com/client_data/29f72abe3236264929833427/audit-table/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/audit-table/BwNu_Ky6.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/29f72abe3236264929833427/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9b00d10ac29cac74f9ac35bc48505a059a523e31a2dd9b355e52f32761ca39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stairwell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 16:59:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2023 00:38:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1884-5f502c4cc2757"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1IypDqO9LPtgw%2BTA1WthAjBcq8Rpta4cGPlEMfzE8BsLsBlNSx3PqKvqk6Dqm%2BiYjXWjwoduffCOofGN%2BGUFWwj%2Bd0Edj5LMJ%2FCFqcNAvyV5%2FbrOGtDejrt9BpWHqU3PreP7tSradWSddqAGy%2Bw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
7a027845c9d992c5-FRA
close.svg
cdn-cookieyes.com/assets/images/ 		0
0
log
log.cookieyes.com/api/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-cookieyes.com
URL
https://cdn-cookieyes.com/assets/images/close.svg
Domain
log.cookieyes.com
URL
https://log.cookieyes.com/api/v1/log

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless undefined| $ function| jQuery function| gtag object| dataLayer object| _hsq object| cookieyes string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| frontend_rest_object object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction boolean| _already_called_lintrk object| _hsp object| ziws boolean| PIXELS_RAN object| enabledEventSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __hsCollectedFormsDebug boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| require object| gsapVersions object| swv object| wpcf7 object| leadin_wordpress boolean| hubspot_live_messages_running object| HubSpotConversations boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

22 Cookies

Domain/Path Name / Value
.stairwell.com/ Name: cookieyes-consent
Value: consentid:bTRKTEZhekMzeEhpV010SURMVzZZUVlGZnZ3NmNWbDQ,consent:,action:,necessary:,functional:,analytics:,performance:,advertisement:,other:
stairwell.com/ Name: ln_or
Value: eyI0MDc3MjkyIjoiZCJ9
.ws.zoominfo.com/ Name: visitorId
Value: 9b14d09a134bc3f9b00b9f049360304d53ba8512dcdb5b7225918c0915f07e18
.zoominfo.com/ Name: __cf_bm
Value: rp_xrpBWUS84JoEBurqmMt2J7m1ar0TNxXFuQV2R66Y-1677517148-0-AS0VEhH+tYLWfarKIwsfGpVLRFoAGIrdEFoXoLxJtTDve9nyziVgodpELLRjOaaFIfpIG+fPKuMfPxmRN3cS/Ao=
.zoominfo.com/ Name: _cfuvid
Value: BkWl7d1PVRJr1XcvrLj.x0Pk6x6kRfGh7NxjeDfoK7s-1677517148582-0-604800000
.linkedin.com/ Name: UserMatchHistory
Value: AQL7VYTsk_-9UAAAAYaT0FHci2dN2YDDS_kkpioRMdsoNX5nJ2CavHvu4QTmnBlmaTXcaJ0811FX1g
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJwHyqET-13AwAAAYaT0FHcUsnznGZFpTlJSRcSvvmMyFyFnXu550jvJSCcCGRnEOyqP8_mJ7Cbtsji8zt-Ww
.linkedin.com/ Name: bcookie
Value: "v=2&be2534ce-eb3b-466e-867f-a8b295b14c93"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2518:u=1:x=1:i=1677517148:t=1677603548:v=2:sig=AQF5LMGd8lb4S33dNnkfD57NNwZJqIW4"
.www.linkedin.com/ Name: bscookie
Value: "v=1&202302271659080ff86539-0d2a-4883-8460-2a295dd2cf76AQECg5aEieDAlVPHYLnFyYUEzcgTyL6a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzc1MTcxNDg7MjswMjFpP4ghG8m4prZgYVNma0MUOudEgiOC/Wmv7geVxCGstw==
.stairwell.com/ Name: _ga_TW84GPPQZ8
Value: GS1.1.1677517148.1.0.1677517148.0.0.0
.stairwell.com/ Name: _ga
Value: GA1.2.1886262041.1677517149
.stairwell.com/ Name: _gid
Value: GA1.2.134879331.1677517149
.stairwell.com/ Name: _gat_gtag_UA_180646454_1
Value: 1
.stairwell.com/ Name: __hstc
Value: 95665475.3b8c753f70b1de19745d63ef3a1f3a06.1677517149281.1677517149281.1677517149281.1
.stairwell.com/ Name: hubspotutk
Value: 3b8c753f70b1de19745d63ef3a1f3a06
.stairwell.com/ Name: __hssrc
Value: 1
.stairwell.com/ Name: __hssc
Value: 95665475.1.1677517149281
.hubspot.com/ Name: __cf_bm
Value: fKwiRjnTvcwq0TUyWD3dSIXHTGMPAJzs.NwBh._j9DM-1677517149-0-AX0UvIq7lEG5p3eeXTL1yDblrg4+mlA78OsPDofK3+VNQsoiO/ZWeHcSO1/mftk2HhbrsiKKauzGhTb5QOybHLY=
.stairwell.com/ Name: messagesUtk
Value: d7944264912a4bcd92a6c76a8eb2302e
.nr-data.net/ Name: JSESSIONID
Value: e7008b9cbcaf09d8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
app.hubspot.com
bam-cell.nr-data.net
cdn-cookieyes.com
cdn.linkedin.oribi.io
directory.cookieyes.com
f.hubspotusercontent10.net
forms.hsforms.com
forms.hubspot.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
log.cookieyes.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
stairwell.com
static.hsappstatic.net
track.hubspot.com
ws.zoominfo.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.stairwell.com
cdn-cookieyes.com
log.cookieyes.com
13.107.42.14
151.101.194.137
162.247.241.2
2001:4860:4802:32::36
206.81.21.44
2600:9000:20eb:a200:2:53b2:240:93a1
2606:4700:20::681a:46
2606:4700:3031::ac43:9c07
2606:4700:3032::6815:38d6
2606:4700:4400::ac40:9a55
2606:4700::6810:5605
2606:4700::6810:a852
2606:4700::6810:d7ed
2606:4700::6811:45b0
2606:4700::6811:6d2
2606:4700::6811:70b0
2606:4700::6811:80ab
2606:4700::6811:cacc
2606:4700::6811:d3cc
2606:4700::6811:eccc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:400d:806::200e
2a00:1450:400d:80d::2008
2a02:26f0:3500:16::215:149b
54.246.175.123
0015e5accaad79869e102949f819dd4917031d9a77fe59ed5d569f6c280685eb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a443234ff254f56fbc8faf3472535f5bf5789a221306f6b028bc23e9b565844
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
17b984aa0a8d163abcb0290b6524c6beee3f209aaacf306e04b9e5534ce57be3
1a1d045b44d1ebce2835dc493d62be5764916201d0e13def54d3bbf1b31fab53
1c9b1dda7a826c8a050ce0172e58c602af17d86eccc99a9f959b519a7c9a1500
23b8d0baa99d0a6b3149bb275cbf28170e9b9445bbda531db10ace73fa920d5c
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2449ac1a9451021a441c818e5eaed77a5e880504ad0815c40f0f19ab84ca6cfa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28340752395d3a84f17c73578deb16cead2f8ebeef9fcf63ecb877442acff5b4
2adc1deda33f140f3d77263140255a5328290b4390a748de86f317ad0fbcf022
36b42aceb12f34135ce39544c6b143dbdd5690ee9a8809c49a3a37ba014bd200
36f90d5dd2ef77a49c7fb8fda42f08bab452ab9e50d607d93e93edf02944777a
3c598fceaee3e949c90705320c8fa7d971289f2aadd8d4006085abf593806038
3e1b755c3f239538406088aeec966142d2f3b3bb75d443075b3ad015cf95214a
4b73e5a44a20db2de6e1cb18bfb05adb3ff14f8af9efbae243d511600b445b2c
4e7abaf1845ccb761228d42ef019b859ba9fa9fcafa9dbd47ec8372d016f3664
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
552da695674e5ff5a53e685eac5440a231023675c5098e54c1516e73ec99f35a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
583ff972c53e74eeccb2120f18753c4478c7a7d92bc66ba1cefa8754a15f3271
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b257ae47d4b6d81f6a05f676cb1d290a1ebc489bf4ef2831a42cf1b644fd04c
60ff0016f576f6e63caf9a6b3768df5b35221d306856e6d9b7cd9aa6aaec4092
62ad314daa951c5d746fe032c70e70f19f3c115709e059a5828c394dce5140ef
632badc3a0012a7e5dcc4cd74f48a61f0b29240b1d292715af5fd49cad89cf92
688ef760c9073086f274a2dfdf9f932734f2028c8bc584997d7ad709fbd541ce
69bb2b5db9183b4fa1c626456404804b3a41af051526044803892a70fc5aadc2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71df9a91f89add02cba236b426b0dd7610a062d5e43a3c86a25a117a53cdf2cc
7423b7bf0cf4294d4716ebd117701e2808fdaf5bffe46d6d3afa50d3359f537d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
8b76ae6666e7bb84a14d5ebd3fb59d89d2c1d8fcafebe56a9c9421a010cab38a
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
963563d75d17a3c2b444ad4d73e3e9c24a43f6f9e121cce484aa6c7d197af73c
a26554884c2075dd19007f78250a9fd004c4620cbd5b1aeb0bdc087cc4b9bc88
aae2185bf9e0f1dc5a8f35de66bb1cb30b3e5ed3d726cb4077aaff72a2547f9e
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b1212732bfd22cf2d7794e2cc27df850b2b5d67df0bdedf243dd82cd78fbba85
b1a7bf011e5576755ec07e14cf3298b000a5627a3b257b0caf5d40d2d27f3ec1
c1099b0eb43c0e616c3d66ec1d10782abea60c79249cdadd6450fc5d77fc91d3
c3d1a4eaec7041443d470897f3c75fe3de2534377fc82e1b6ca27082af5da8ce
c5ff985416c5b444bfb2036095dead358c14e5ad14cadc6c8ad0374b617a254b
c6b1ce98b51d48ab62fd659180a3dd43f3526845d73158b6d3616fbadac15971
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf9b00d10ac29cac74f9ac35bc48505a059a523e31a2dd9b355e52f32761ca39
d47c6ce2ac523d41f3c5fafb8cd46ba29b63621b67bd14b870bc0f0fb2eed425
d857ed4cc48dd7e480a75a9eac3fe641334605dce8978228875a8741a4801300
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db048837a5ce3c44aa06e26b0e427f25b1455ea384d7f933f0a91fc6d528d5dd
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e2c7d9abc33fc2010c3aab6189a0b86735c8296096e5e6a8988474b4e8146bf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f9dec2536b45036a83edfa39f851d090deb7887b6999d696b50810f4369d962a
ff341dbf76b3ce183d3a3d0daab548cf1d922b738ee11612c9d997b295eb11e0