URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-we...
Submission: On June 15 via api from US

Summary

This website contacted 19 IPs in 6 countries across 19 domains to perform 36 HTTP transactions. The main IP is 142.0.160.17, located in Ashburn, United States and belongs to NETDYNAMICS, US. The main domain is security.umbrella.com.
TLS certificate: Issued by HydrantID SSL ICA G2 on December 24th 2019. Valid for: 2 years.
This is the only time security.umbrella.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.0.160.17 7160 (NETDYNAMICS)
3 2.20.132.142 20940 (AKAMAI-ASN1)
1 95.101.198.119 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2 142.0.160.13 7160 (NETDYNAMICS)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.218.245.217 16509 (AMAZON-02)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 23.2.218.8 16625 (AKAMAI-AS)
3 68.232.35.12 15133 (EDGECAST)
2 143.204.237.27 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
3 35.190.114.154 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.195.36.108 16509 (AMAZON-02)
1 93.184.220.42 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.223.187.167 15169 (GOOGLE)
36 19
Domain Requested by
6 www.google-analytics.com 1 redirects www.googletagmanager.com
security.umbrella.com
4 eloqua-assets.s3-us-west-2.amazonaws.com security.umbrella.com
3 sfc.leadspace.com www.googletagmanager.com
sfc.leadspace.com
3 cdn.bizible.com www.googletagmanager.com
security.umbrella.com
cdn.bizible.com
3 images.security.umbrella.com security.umbrella.com
2 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
2 js.driftt.com security.umbrella.com
js.driftt.com
2 s860818199.t.eloqua.com 1 redirects security.umbrella.com
1 sfgw.leadspace.com cdn.bizible.com
1 fonts.googleapis.com sfc.leadspace.com
1 cdn.bizibly.com security.umbrella.com
1 6057776.global.siteimproveanalytics.io security.umbrella.com
1 b.6sc.co security.umbrella.com
1 c.6sc.co j.6sc.co
1 www.google.de security.umbrella.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 siteimproveanalytics.com security.umbrella.com
1 j.6sc.co security.umbrella.com
1 www.googletagmanager.com security.umbrella.com
1 code.jquery.com security.umbrella.com
1 img03.en25.com security.umbrella.com
1 security.umbrella.com
36 23

This site contains links to these domains. Also see Links.

Domain
umbrella.cisco.com
www.cisco.com
Subject Issuer Validity Valid
security.umbrella.com
HydrantID SSL ICA G2
2019-12-24 -
2021-12-24
2 years crt.sh
images.security.umbrella.com
HydrantID SSL ICA G2
2020-01-28 -
2022-01-28
2 years crt.sh
*.en25.com
DigiCert SHA2 Secure Server CA
2019-06-21 -
2020-08-19
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
*.t.eloqua.com
DigiCert SHA2 Secure Server CA
2020-03-09 -
2022-04-08
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2019-11-09 -
2020-12-10
a year crt.sh
*.6sc.co
DigiCert SHA2 Secure Server CA
2020-01-07 -
2021-04-07
a year crt.sh
io.bizible.com
DigiCert SHA2 Secure Server CA
2020-05-20 -
2022-02-18
2 years crt.sh
drift.com
Amazon
2019-10-03 -
2020-11-03
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-06-09 -
2021-06-09
a year crt.sh
*.leadspace.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-11 -
2021-11-10
2 years crt.sh
www.google.de
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh
*.global.siteimproveanalytics.io
DigiCert SHA2 Secure Server CA
2020-03-30 -
2022-04-04
2 years crt.sh
s2.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-05-01 -
2020-11-18
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Frame ID: 4743AB7ADB97EF391C02020AB5CDEA00
Requests: 35 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: D02FC5EDE951D6FA435E374B54014951
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

36
Requests

100 %
HTTPS

43 %
IPv6

19
Domains

23
Subdomains

19
IPs

6
Countries

930 kB
Transfer

1489 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://s860818199.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=860818199&PURLSiteID=7&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=312&PURLRecordID=0&PURLGUID=79735E00C25B47EAB0A0BC85F5EBF419&UseRelativePath=True&elq={90E4C5D1-50B9-4CF3-A4A4-F1FC851F20D5}&firstPartyCookieDomain=tracking.umbrella.com&elqGUID=79735e00-c25b-47ea-b0a0-bc85f5ebf419&elq_ck=0&utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elqaid=829&elqat=1&elqCampaignId=1298 HTTP 302
  • https://s860818199.t.eloqua.com/eloquaimages/tinydot.gif
Request Chain 18
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1437979916&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=303540432&gjid=1064295409&cid=1928057387.1592249824&tid=UA-37287893-1&_gid=568120505.1592249824&_r=1&gtm=2wg640NRNHZWW&cd7=1928057387.1592249824&z=170468843 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_gid=568120505.1592249824&gjid=1064295409&_v=j82&z=170468843 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_v=j82&z=170468843 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_v=j82&z=170468843&slf_rd=1&random=4133837431

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set webinar-malware-authors
security.umbrella.com/
74 KB
14 KB
Document
General
Full URL
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.0.160.17 Ashburn, United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
0270808ea790f33bc3c6eb6e4f6c44dc7c170527b2147092d496881cad2a8652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
security.umbrella.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Set-Cookie
ELOQUA=GUID=79735E00C25B47EAB0A0BC85F5EBF419&FPCVISITED=1; domain=umbrella.com; expires=Thu, 15-Jul-2021 19:37:02 GMT; path=/;SameSite=None; secure
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options
nosniff
Date
Mon, 15 Jun 2020 19:37:02 GMT
Content-Length
13730
%7B516ff170-d767-44eb-a35e-bdc35d7aedf8%7D_53018CiscoSans.css
images.security.umbrella.com/Web/CiscoSaaS/
3 KB
888 B
Stylesheet
General
Full URL
https://images.security.umbrella.com/Web/CiscoSaaS/%7B516ff170-d767-44eb-a35e-bdc35d7aedf8%7D_53018CiscoSans.css
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.132.142 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-20-132-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41bf3de3a7972c6a7854ee473ce6a2143b4a77cb35fbb2ca7f89c3c4ef343b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 29 Jan 2020 15:09:12 GMT
ETag
"7bd13a10b6d6d51:0"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Mon, 15 Jun 2020 19:37:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
361
Expires
Mon, 15 Jun 2020 19:37:03 GMT
%7B9c6b7b56-86f4-4fbd-9906-901ce9be4c09%7D_092317-sig-cisco-umbrella-logo.png
images.security.umbrella.com/EloquaImages/clients/CiscoSaaS/
6 KB
7 KB
Image
General
Full URL
https://images.security.umbrella.com/EloquaImages/clients/CiscoSaaS/%7B9c6b7b56-86f4-4fbd-9906-901ce9be4c09%7D_092317-sig-cisco-umbrella-logo.png
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.132.142 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-20-132-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbd4cebdfcdf28583a6d5d4e288aa41793c668bdae2ecb4245c6a9bfeb578f42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Nov 2019 19:51:29 GMT
ETag
"d79e53bc129fd51:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Mon, 15 Jun 2020 19:37:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6181
Expires
Mon, 15 Jun 2020 19:37:03 GMT
livevalidation_standalone.compressed.js
img03.en25.com/i/
13 KB
4 KB
Script
General
Full URL
https://img03.en25.com/i/livevalidation_standalone.compressed.js
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.198.119 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-198-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2020 16:32:53 GMT
ETag
"c76422eb111d61:0"
Vary
Accept-Encoding
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Mon, 15 Jun 2020 19:37:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3638
Expires
Mon, 15 Jun 2020 19:37:03 GMT
jquery-3.4.1.js
code.jquery.com/
274 KB
81 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Origin
https://security.umbrella.com

Response headers

Date
Mon, 15 Jun 2020 19:37:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-4472c"
Vary
Accept-Encoding
X-HW
1592249823.dop001.fr8.t,1592249823.cds072.fr8.shn,1592249823.cds072.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
82889
tinydot.gif
s860818199.t.eloqua.com/eloquaimages/
Redirect Chain
  • https://s860818199.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=860818199&PURLSiteID=7&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=312&PURLRecordID=0&PURLGUID=79735E00C25B47EAB0A0BC85F5E...
  • https://s860818199.t.eloqua.com/eloquaimages/tinydot.gif
49 B
478 B
Image
General
Full URL
https://s860818199.t.eloqua.com/eloquaimages/tinydot.gif
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.0.160.13 Ashburn, United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2020 16:32:50 GMT
ETag
"ae3f332cb111d61:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Mon, 15 Jun 2020 19:37:03 GMT
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
49
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Mon, 15 Jun 2020 19:37:03 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
/eloquaimages/tinydot.gif
Cache-Control
private,no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Length
142
Expires
-1
gtm.js
www.googletagmanager.com/
106 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRNHZWW
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e873b4a378557eb3acf5dd7a6e2f89e21aaffbb4278501c882e42ff1b9e9db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:03 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37381
x-xss-protection
0
last-modified
Mon, 15 Jun 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Jun 2020 19:37:03 GMT
%7B543228bb-b1ea-4415-8e2c-9a71562b1a65%7D_cy20-apr-lp-img-woman-working-from-laptop-on-couch.jpg
images.security.umbrella.com/EloquaImages/clients/CiscoSaaS/
195 KB
196 KB
Image
General
Full URL
https://images.security.umbrella.com/EloquaImages/clients/CiscoSaaS/%7B543228bb-b1ea-4415-8e2c-9a71562b1a65%7D_cy20-apr-lp-img-woman-working-from-laptop-on-couch.jpg
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.132.142 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-20-132-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e07dafa6eab4d0319849fec4293bcf81fbed0e0af827175e542f89d3e19c25c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 May 2020 19:50:21 GMT
ETag
"ed327929628d61:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-cache, no-store
Date
Mon, 15 Jun 2020 19:37:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
199874
Expires
Mon, 15 Jun 2020 19:37:03 GMT
1544721850525_CiscoSansTT.woff2
eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/
50 KB
51 KB
Font
General
Full URL
https://eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/1544721850525_CiscoSansTT.woff2
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.245.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
59162f4567dfcd9b8e487036663d00f7eee602db6dee8375c32d98a4910e73b9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://images.security.umbrella.com/Web/CiscoSaaS/%7B516ff170-d767-44eb-a35e-bdc35d7aedf8%7D_53018CiscoSans.css
Origin
https://security.umbrella.com

Response headers

Date
Mon, 15 Jun 2020 19:37:05 GMT
ETag
"0870cbaca1d10a6dc3ca8869bf7d7717"
Last-Modified
Mon, 27 Jan 2020 17:57:58 GMT
Server
AmazonS3
x-amz-request-id
C5EF2BD3007114DD
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
51676
x-amz-id-2
ATInuF9OFyJ8ctJtTmpLv1ShDMev1Y2Ddu+/1+votKEmm+5TiDkf+HtJT4VQBJk5Cb8/supiyVg=
1544721850525_CiscoSansTT-ExtraLight.woff2
eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/
51 KB
51 KB
Font
General
Full URL
https://eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/1544721850525_CiscoSansTT-ExtraLight.woff2
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.245.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b33a3510a2449d3c4ff563bca4fbc7ea2e0d555411201638802991c18acb17eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://images.security.umbrella.com/Web/CiscoSaaS/%7B516ff170-d767-44eb-a35e-bdc35d7aedf8%7D_53018CiscoSans.css
Origin
https://security.umbrella.com

Response headers

Date
Mon, 15 Jun 2020 19:37:05 GMT
ETag
"4029f2d2412209f8106ee5841aa15082"
Last-Modified
Mon, 27 Jan 2020 17:57:57 GMT
Server
AmazonS3
x-amz-request-id
7202D04DC984A85E
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
52120
x-amz-id-2
0tzJj9xw6ZgXyyqgpIHiTL1xGg5b8FvwPZq2lSbiLZp+dtj+W2t+f7uQxzOOf6968r0EXl7Nhdc=
1544721850525_CiscoSansTTLight.woff2
eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/
51 KB
52 KB
Font
General
Full URL
https://eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/1544721850525_CiscoSansTTLight.woff2
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.245.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
56ce554287b6b316d4c6966746fce7d1e7e42af22aacfe27ff7bbd519fdc5620

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://images.security.umbrella.com/Web/CiscoSaaS/%7B516ff170-d767-44eb-a35e-bdc35d7aedf8%7D_53018CiscoSans.css
Origin
https://security.umbrella.com

Response headers

Date
Mon, 15 Jun 2020 19:37:05 GMT
ETag
"9086e6e1f0f835ef14d8745e1be94ead"
Last-Modified
Mon, 27 Jan 2020 17:57:58 GMT
Server
AmazonS3
x-amz-request-id
58D1E83C23B09954
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
52628
x-amz-id-2
uE7K+CfoKldZCWVJRcXMdeATvMoBKJIONcSOCAR1y5A7dZXapTI2Ii7Mf/yKRF2f8R7bEBOj4YE=
1544721850525_CiscoSansTT-Heavy.woff2
eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/
52 KB
53 KB
Font
General
Full URL
https://eloqua-assets.s3-us-west-2.amazonaws.com/registration-page-2p0/1544721850525_CiscoSansTT-Heavy.woff2
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.245.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1a3f259d18aea37cd400690fec6d0fe09d16ed6cbc364915b381e5d16100516f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://images.security.umbrella.com/Web/CiscoSaaS/%7B516ff170-d767-44eb-a35e-bdc35d7aedf8%7D_53018CiscoSans.css
Origin
https://security.umbrella.com

Response headers

Date
Mon, 15 Jun 2020 19:37:05 GMT
ETag
"23aa6f6b21c8c3d404108536ddff3ce2"
Last-Modified
Mon, 27 Jan 2020 17:57:57 GMT
Server
AmazonS3
x-amz-request-id
5F0FE03CA21881AB
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
53476
x-amz-id-2
HFKRN18+LL7b5I546PxKp08oEM5sLlGZXTEh5psxa9BVU3DsMKi/ZB8hQ3sw5ub69+B6jMmlWE4=
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRNHZWW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2444
date
Mon, 15 Jun 2020 18:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 15 Jun 2020 20:56:19 GMT
6si.min.js
j.6sc.co/
14 KB
7 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5535d2c567dac9fb9a8eb888a5415164e87c4aa6f08f70a6cc6ab1c0cd3bac12

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Jun 2020 19:37:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Apr 2020 02:02:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e9276ac-3997"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
6031
bizible.js
cdn.bizible.com/scripts/
87 KB
33 KB
Script
General
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRNHZWW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (waw/17BD) /
Resource Hash
4e565f1d8d81e94cdd1ee567c3d757932dc7062e1fe64580ed81addaf51681bf

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:03 GMT
content-encoding
gzip
last-modified
Fri, 12 Jun 2020 01:04:47 GMT
server
ECS (waw/17BD)
age
248545
etag
"ee7f78775540d61:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
accept-ranges
bytes
content-length
34012
fd2h6g6rw8bb.js
js.driftt.com/include/1592250000000/
137 KB
45 KB
Script
General
Full URL
https://js.driftt.com/include/1592250000000/fd2h6g6rw8bb.js
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.237.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-27.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-amz-cf-pop
CPH50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 04 Jun 2020 16:05:51 GMT
server
nginx
date
Mon, 15 Jun 2020 19:37:03 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
79y4qjX8ssqMUyq2azrVdnC5VTJiuIr_uvqvOpdyEUGyskyPzdrwTw==
6878.js
script.crazyegg.com/pages/scripts/0011/
9 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0011/6878.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRNHZWW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
880d94c002fd6c00044c05dc29bef307370959fc19b5b0917636e95ce145470f

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
357523
cf-polished
origSize=8801
status
200
cf-request-id
035b1548eb0000bea68d2eb200000001
last-modified
Thu, 11 Jun 2020 16:18:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
5a3ebe54a9bebea6-FRA
cf-bgj
minify
siteanalyze_6057776.js
siteimproveanalytics.com/js/
12 KB
5 KB
Script
General
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6057776.js
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06d2aba0548caff3bbdbf01fcf81d08e5b26f4558884fd9292b7cad253607e8

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
292
cf-ray
5a3ebe54bb240629-FRA
status
200
content-length
4497
x-amz-id-2
/pk0/d/C+idysJJA4/kZnZfq1kGDuaEZ+WUejsylYYxI0oVBMb4+OqS+SyuWU6WipPlCJjMjALY=
last-modified
Mon, 06 Apr 2020 17:46:38 GMT
server
cloudflare
etag
"b8f7b455353048f1721a3bede5bf6164"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
A0DCB878AB18258E
cache-control
max-age=86400, no-transform
cf-request-id
035b1548f3000006295f0ee200000001
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
SmartForms.js
sfc.leadspace.com/
3 KB
3 KB
Script
General
Full URL
https://sfc.leadspace.com/SmartForms.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRNHZWW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.114.154 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
154.114.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1b84a5146e45bc386d51d3e087ea5ca187ecc823b76783ea1437e81f605cfe80

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:10:44 GMT
age
1579
x-guploader-uploadid
AAANsUlGasg-c6vK8YDGDjpoNgssQ_szMSyNJciCwxQFb6cXIQvgnbSorynmi-oFvDtRtSccuP_oewRiT_u1XETZB_mmqR0tyA
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
2586
last-modified
Sun, 14 Jun 2020 05:24:35 GMT
server
UploadServer
etag
"b53c5601ca3863c46b1d16e520150bdc"
x-goog-hash
crc32c=F8H3Bg==, md5=tTxWAco4Y8RrHRblIBUL3A==
x-goog-generation
1592112275044992
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
2586
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Jun 2020 20:10:44 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1437979916&t=pageview&_s=1&dl=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26ut...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_gid=568120505.1592249824&gjid=1064295409&_v=j82&z=170468843
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_v=j82&z=170468843
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_v=j82&z=170468843&slf_rd=1&random=4133837431
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_v=j82&z=170468843&slf_rd=1&random=4133837431
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jun 2020 19:37:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jun 2020 19:37:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37287893-1&cid=1928057387.1592249824&jid=303540432&_v=j82&z=170468843&slf_rd=1&random=4133837431
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
90 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1437979916&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwebinar-malware-authors&el=0%25&_u=aGDACEABB~&jid=&gjid=&cid=1928057387.1592249824&tid=UA-37287893-1&_gid=568120505.1592249824&gtm=2wg640NRNHZWW&z=2069480970
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 00:42:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
586475
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
90 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1437979916&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwebinar-malware-authors&el=25%25&_u=aGDACEABB~&jid=&gjid=&cid=1928057387.1592249824&tid=UA-37287893-1&_gid=568120505.1592249824&gtm=2wg640NRNHZWW&z=582597822
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 00:42:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
586475
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
119 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1437979916&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwebinar-malware-authors&el=50%25&_u=aGDACEABB~&jid=&gjid=&cid=1928057387.1592249824&tid=UA-37287893-1&_gid=568120505.1592249824&gtm=2wg640NRNHZWW&z=1367011987
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 00:42:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
586475
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
90 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1437979916&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fwebinar-malware-authors&el=75%25&_u=aGDACEABB~&jid=&gjid=&cid=1928057387.1592249824&tid=UA-37287893-1&_gid=568120505.1592249824&gtm=2wg640NRNHZWW&z=894218712
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 00:42:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
586475
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
c.6sc.co/
47 B
377 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c5e0bdba0b0c18882a680305d8126238ec66733e5abf2a3aacc17a36a765c35

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Jun 2020 19:37:03 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://security.umbrella.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f5921f25a282a513e6b58a3e99a0b966&svisitor=&visitor=441bce70-4b2d-43ac-84ef-effb2b014bf6&session=d63b8156-1eeb-4ff0-86a2-b98cf324df06&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Cybersecurity%20webinar%20series%20on%20demand.%20Register%20today!%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%22%7D&cb=49823546&r=&thirdParty=%7B%7D
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.2.218.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-2-218-8.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Jun 2020 19:37:03 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:51:25 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e5026ad-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
image.aspx
6057776.global.siteimproveanalytics.io/
34 B
613 B
Image
General
Full URL
https://6057776.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&res=1600x1200&accountid=6057776&rt=1618&prev=1592249843012&luid=c6e89783-f751-915f-7779-e3b4aed11853&rnd=84541
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.36.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-36-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Jun 2020 19:37:03 GMT
Cache-Control
max-age=0
Expires
Mon, 15 Jun 2020 19:37:03 UTC
Connection
keep-alive
Content-Type
image/gif
Content-Length
34
P3p
NOI OUR IND COM NAV INT
ipv
cdn.bizible.com/m/
43 B
304 B
Image
General
Full URL
https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=889a6ebc896e4697bb12085ed1a2aa05&_biz_s=6495b6&_biz_l=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&_biz_t=1592249823631&_biz_i=null&_biz_n=0&rnd=111185&cdn_o=a&_biz_z=1592249823633
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (waw/17D3) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jun 2020 19:37:03 GMT
last-modified
Sat, 13 Jun 2020 18:35:06 GMT
server
ECS (waw/17D3)
age
176517
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
no-cache, no-store
accept-ranges
bytes
content-type
Image/GIF
content-length
43
expires
-1
11.1.34.js
script.crazyegg.com/pages/versioned/common-scripts/
59 KB
19 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.34.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/6878.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f9306e3c8095f7aafa333ff527e7ab05baa41a82fa28895855baa075d86346

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
357558
cf-polished
origSize=60426
status
200
cf-request-id
035b1549990000bea68d2f9200000001
last-modified
Tue, 09 Jun 2020 12:20:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5a3ebe55ca9abea6-FRA
cf-bgj
minify
BizibleAcct.js
cdn.bizible.com/
377 B
521 B
Script
General
Full URL
https://cdn.bizible.com/BizibleAcct.js?_biz_u=889a6ebc896e4697bb12085ed1a2aa05&_biz_h=-1906410348&cdn_o=a&jsVer=4.20.05.18
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (waw/17D3) /
Resource Hash
0c279870d677b7294791326d7a83b7a09d8aedac2a09790a40053f43fe3d8049

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:02 GMT
content-encoding
gzip
server
ECS (waw/17D3)
etag
6D7F75BB
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
private, must-revalidate, max-age=21600
content-type
text/javascript; charset=utf-8
content-length
317
74041.js
sfc.leadspace.com/
54 KB
54 KB
Script
General
Full URL
https://sfc.leadspace.com/74041.js
Requested by
Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/SmartForms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.114.154 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
154.114.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1e9d69a05b8b545cd911ddd0a19456af730d9cc67335fde68b6bacae4251170e

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:03:26 GMT
age
2017
x-guploader-uploadid
AAANsUkbHaaUTZFsbG-warXWB-DywSYS83brO-lO6ZRTlt09EXjlFH-S-TjQRviGaTQPUls8J1mlNph03jOBT-oK2NM
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
54917
last-modified
Sat, 15 Feb 2020 22:07:03 GMT
server
UploadServer
etag
"26f5f81a97666911e822e4f88ca2b5e4"
x-goog-hash
crc32c=nvEwHw==, md5=JvX4GpdmaRHoIuT4jKK15A==
x-goog-generation
1581804423719897
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
54917
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Jun 2020 20:03:26 GMT
u
cdn.bizibly.com/
43 B
406 B
Image
General
Full URL
https://cdn.bizibly.com/u?_biz_u=889a6ebc896e4697bb12085ed1a2aa05&_biz_s=6495b6&_biz_l=https%3A%2F%2Fsecurity.umbrella.com%2Fwebinar-malware-authors%3Futm_medium%3Demail%26utm_source%3Dprospect%26utm_campaign%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26utm_term%3Dpgm%26utm_content%3Dumb-fy20-q4-na-0601-webinar-malware-authors%26elqTrackId%3D0B245B82A17EF3E23A1BD61BDD149B38%26elq%3D90e4c5d150b94cf3a4a4f1fc851f20d5%26elqaid%3D829%26elqat%3D1%26elqCampaignId%3D1298&_biz_t=1592249823869&_biz_i=null&rnd=904576&cdn_o=a&_biz_z=1592249823869
Requested by
Host: security.umbrella.com
URL: https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (waw/17D3) / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 19:37:03 GMT
x-aspnet-version
4.0.30319
age
499718
x-powered-by
ASP.NET
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
content-length
43
pragma
no-cache
x-aspnetmvc-version
5.2
last-modified
Wed, 10 Jun 2020 00:48:25 GMT
server
ECS (waw/17D3)
content-type
Image/GIF
cache-control
no-cache, no-store
accept-ranges
bytes
expires
-1
sf5.js
sfc.leadspace.com/
192 KB
193 KB
Script
General
Full URL
https://sfc.leadspace.com/sf5.js
Requested by
Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/SmartForms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.114.154 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
154.114.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e871722315a3e848ce80cca06f42d8a5cfa7bc90a14c78d53cc4c6d7a31a4131

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 18:45:30 GMT
age
3093
x-guploader-uploadid
AAANsUmw4-JZi9iJGIbtsSIuJoO72hCTOrBzqrVe9YiagYahatWu0fZqcqagc6X-F909Q-CNUST5ACgXciObHuVVbHU
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
197016
last-modified
Mon, 15 Jun 2020 06:40:26 GMT
server
UploadServer
etag
"6189d7aab5a4820ad502754bebed96bd"
x-goog-hash
crc32c=IM9rWw==, md5=YYnXqrWkggrVAnVL6+2WvQ==
x-goog-generation
1592203226893811
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
197016
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 15 Jun 2020 19:45:30 GMT
css
fonts.googleapis.com/
783 B
482 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway
Requested by
Host: sfc.leadspace.com
URL: https://sfc.leadspace.com/sf5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Jun 2020 18:39:00 GMT
server
ESF
date
Mon, 15 Jun 2020 19:37:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jun 2020 19:37:04 GMT
match
sfgw.leadspace.com/ip/
138 B
250 B
XHR
General
Full URL
https://sfgw.leadspace.com/ip/match
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.223.187.167 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
167.187.223.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
007876206287a9eb056465fb029e1d6bae6d445172b712f67b385207c83b7874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
74041
Content-Type
application/json

Response headers

date
Mon, 15 Jun 2020 19:37:04 GMT
referrer-policy
no-referrer
server
istio-envoy
status
200
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
https://security.umbrella.com
x-xss-protection
1; mode=block
access-control-allow-credentials
true
x-envoy-upstream-service-time
20
strict-transport-security
max-age=31536000; includeSubdomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Origin
x-content-type-options
nosniff
x-content-security-policy
frame-ancestors 'none'
index.html
js.driftt.com/deploy/assets/ Frame D02F
0
0
Document
General
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1592250000000/fd2h6g6rw8bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.237.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-27.cph50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://security.umbrella.com/webinar-malware-authors?utm_medium=email&utm_source=prospect&utm_campaign=umb-fy20-q4-na-0601-webinar-malware-authors&utm_term=pgm&utm_content=umb-fy20-q4-na-0601-webinar-malware-authors&elqTrackId=0B245B82A17EF3E23A1BD61BDD149B38&elq=90e4c5d150b94cf3a4a4f1fc851f20d5&elqaid=829&elqat=1&elqCampaignId=1298

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
894
server
nginx
last-modified
Thu, 04 Jun 2020 16:05:51 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Jun 2020 19:37:04 GMT
etag
"6122d5a5b8b089e576e93e0e31168c41"
cache-control
max-age=10
x-cache
Hit from cloudfront
via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
batC-ucnEOp9t7qy7VH3eoqEzS59EePrdWYOQVA5-C9Z4FRtUjcsRA==

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga object| _6si function| drift function| driftt function| LiveValidation function| LiveValidationForm object| Validate function| handleFormSubmit function| resetSubmitButton function| addChangeHandler object| form object| nodes number| len object| node string| selectedValue number| j object| dom0 object| fe5265 object| dom1 object| fe5266 object| dom2 object| fe5267 object| dom3 object| fe5268 object| dom4 object| fe5269 object| dom5 object| fe5270 object| dom6 object| fe5271 object| dom7 object| fe5272 function| getParentElement function| $ function| jQuery function| umbrellaPassQueryParams string| defaultHiddenFieldNameValue function| getQueryStringParamValue object| theForms function| setUTM object| gaplugins object| gaGlobal object| gaData object| _sz boolean| _storagePopulated object| true object| Bizible object| BizTrackingA object| BizA object| CE2 object| CE2BH object| Device object| sf$ object| __core-js_shared__ object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__ object| _vis_opt_queue object| LC_API function| sfjq$ object| sf5 object| _elqQ

14 Cookies

Domain/Path Name / Value
.umbrella.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22XDomain%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%7D
security.umbrella.com/ Name: driftt_aid
Value: 9908c346-66ba-4c65-9761-fba4f8d817a7
.umbrella.com/ Name: _biz_pendingA
Value: %5B%5D
security.umbrella.com/ Name: _gd_svisitor
Value: af991002b12a0000decde75ef6010000140f0000
.umbrella.com/ Name: _biz_sid
Value: 6495b6
.umbrella.com/ Name: _biz_uid
Value: 889a6ebc896e4697bb12085ed1a2aa05
.security.umbrella.com/ Name: nmstat
Value: 1592249843012
security.umbrella.com/ Name: _gd_session
Value: d63b8156-1eeb-4ff0-86a2-b98cf324df06
.umbrella.com/ Name: _biz_nA
Value: 1
.umbrella.com/ Name: _gat_UA-37287893-1
Value: 1
security.umbrella.com/ Name: _gd_visitor
Value: 441bce70-4b2d-43ac-84ef-effb2b014bf6
.umbrella.com/ Name: _gid
Value: GA1.2.568120505.1592249824
.umbrella.com/ Name: _ga
Value: GA1.2.1928057387.1592249824
.umbrella.com/ Name: ELOQUA
Value: GUID=79735E00C25B47EAB0A0BC85F5EBF419&FPCVISITED=1

2 Console Messages

Source Level URL
Text
console-api log URL: https://sfc.leadspace.com/sf5.js(Line 1)
Message:
initializing SF5
console-api log URL: https://sfc.leadspace.com/sf5.js(Line 8)
Message:
[object Location]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6057776.global.siteimproveanalytics.io
b.6sc.co
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
code.jquery.com
eloqua-assets.s3-us-west-2.amazonaws.com
fonts.googleapis.com
images.security.umbrella.com
img03.en25.com
j.6sc.co
js.driftt.com
s860818199.t.eloqua.com
script.crazyegg.com
security.umbrella.com
sfc.leadspace.com
sfgw.leadspace.com
siteimproveanalytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
142.0.160.13
142.0.160.17
143.204.237.27
18.195.36.108
2.20.132.142
2001:4de0:ac19::1:b:3a
23.2.218.8
2606:4700::6813:9408
2606:4700:e0::ac40:6f24
2a00:1450:4001:814::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:825::2008
2a00:1450:400c:c00::9d
35.190.114.154
35.223.187.167
52.218.245.217
68.232.35.12
93.184.220.42
95.101.198.119
007876206287a9eb056465fb029e1d6bae6d445172b712f67b385207c83b7874
0270808ea790f33bc3c6eb6e4f6c44dc7c170527b2147092d496881cad2a8652
0c279870d677b7294791326d7a83b7a09d8aedac2a09790a40053f43fe3d8049
1a3f259d18aea37cd400690fec6d0fe09d16ed6cbc364915b381e5d16100516f
1b84a5146e45bc386d51d3e087ea5ca187ecc823b76783ea1437e81f605cfe80
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e9d69a05b8b545cd911ddd0a19456af730d9cc67335fde68b6bacae4251170e
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
41bf3de3a7972c6a7854ee473ce6a2143b4a77cb35fbb2ca7f89c3c4ef343b2c
4e565f1d8d81e94cdd1ee567c3d757932dc7062e1fe64580ed81addaf51681bf
5535d2c567dac9fb9a8eb888a5415164e87c4aa6f08f70a6cc6ab1c0cd3bac12
56ce554287b6b316d4c6966746fce7d1e7e42af22aacfe27ff7bbd519fdc5620
59162f4567dfcd9b8e487036663d00f7eee602db6dee8375c32d98a4910e73b9
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5e873b4a378557eb3acf5dd7a6e2f89e21aaffbb4278501c882e42ff1b9e9db1
6c5e0bdba0b0c18882a680305d8126238ec66733e5abf2a3aacc17a36a765c35
7c04e1ad3893819bce8b4590d91b4b02a175ef4b6ae9ffffac8e670bd7c0c9b6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
880d94c002fd6c00044c05dc29bef307370959fc19b5b0917636e95ce145470f
89f9306e3c8095f7aafa333ff527e7ab05baa41a82fa28895855baa075d86346
aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b33a3510a2449d3c4ff563bca4fbc7ea2e0d555411201638802991c18acb17eb
bbd4cebdfcdf28583a6d5d4e288aa41793c668bdae2ecb4245c6a9bfeb578f42
c06d2aba0548caff3bbdbf01fcf81d08e5b26f4558884fd9292b7cad253607e8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e07dafa6eab4d0319849fec4293bcf81fbed0e0af827175e542f89d3e19c25c9
e871722315a3e848ce80cca06f42d8a5cfa7bc90a14c78d53cc4c6d7a31a4131
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab