urlscan.io logo urlscan.io
SecurityTrails logo

labs.cyble.com Open in urlscan Pro
2606:2c40::c73c:67e2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s...
Effective URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Re...
Submission: On October 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 56 HTTP transactions. The main IP is 2606:2c40::c73c:67e2, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is labs.cyble.com.
TLS certificate: Issued by GTS CA 1P5 on September 16th 2023. Valid for: 3 months.
This is the only time labs.cyble.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
14 2606:2c40::c7... 209242 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
56 15
2    2606:4700:4400::6812:252e (United States)

ASN13335 (CLOUDFLARENET, US)
d2wc4w04.na1.hubspotlinks.com
14    2606:2c40::c73c:67e2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
labs.cyble.com
3    2606:4700::6810:6cd1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    2606:4700::6812:5ffd (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
4    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
track.hubspot.com
1    2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
3    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
cta-service-cms2.hubspot.com
forms.hubspot.com
1    2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
4    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:faa8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
2    2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
forms-na1.hsforms.com
6    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
Apex Domain
Subdomains		 Transfer
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
685 KB
14 cyble.com
labs.cyble.com
413 KB
7 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 6214
js.hubspot.com — Cisco Umbrella Rank: 7018
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6556
track.hubspot.com — Cisco Umbrella Rank: 2658
forms.hubspot.com — Cisco Umbrella Rank: 5406
27 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
91 KB
4 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2528
200 KB
3 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4956
forms-na1.hsforms.com — Cisco Umbrella Rank: 7966
perf-na1.hsforms.com — Cisco Umbrella Rank: 7501
3 KB
3 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 9766
7 KB
2 hubspotlinks.com
d2wc4w04.na1.hubspotlinks.com
3 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5287
22 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5142
86 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2519
21 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 6516
6 KB
56 12
Domain Requested by
14 labs.cyble.com d2wc4w04.na1.hubspotlinks.com
labs.cyble.com
js.usemessages.com
9 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com labs.cyble.com
www.gstatic.com
www.google.com
5 fonts.gstatic.com www.google.com
4 js.hs-banner.com labs.cyble.com
js.hs-banner.com
3 track.hubspot.com
3 cdn2.hubspot.net labs.cyble.com
2 d2wc4w04.na1.hubspotlinks.com 1 redirects
1 perf-na1.hsforms.com
1 forms.hubspot.com js.hsleadflows.net
1 cta-service-cms2.hubspot.com js.hubspot.com
1 forms-na1.hsforms.com labs.cyble.com
1 forms.hsforms.com labs.cyble.com
1 js.usemessages.com labs.cyble.com
1 js.hsleadflows.net labs.cyble.com
1 js.hubspot.com labs.cyble.com
1 js.hs-analytics.net labs.cyble.com
1 app.hubspot.com labs.cyble.com
1 static.hsappstatic.net labs.cyble.com
56 19
Subject Issuer Validity Valid
hubspotlinks.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
labs.cyble.com
GTS CA 1P5		 2023-09-16 -
2023-12-15		 3 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2023-04-06 -
2024-04-05		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Frame ID: C930CF4253153A9796858F576A05654B
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Frame ID: 29F1BFE33833401C50D1D424AC67EB6A
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 732968E96745CD0367E90D34F3F2FE01
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cyble Q3 Ransomware Threat Landscape Report 2023Follow us on FacebookFollow us on LinkedInFollow us on TwitterShare

Page URL History Show full URLs

  1. https://d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6l... Page URL
  2. https://d2wc4w04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87... HTTP 307
    https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

56
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

19
Subdomains

15
IPs

2
Countries

1564 kB
Transfer

3620 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvslJJN7hHBqYlFTMyN8kp0c6TbvWmN3RVL9HbvT2LMFZ-_fQf51FW7TMb7z3xSnS0V37jMj1ldVh3W2pMk9n36-3_4W59TymK3gWKyTW87qcr68LY2RmW4flkvL4JXfRQW3KGdRv2_n9WbN38Fcq61WTVzW7Zslwt1KQdx0W49cvDw47SYmLW81NsMc7St5N4W1L70PL7s5dwwW4WKS8_4YLNyPVPPl4n8WD4s_W3qH8xS4cwmjQW3NVj1l5TgnLgVy1z1w8s8tBjVP75lV12wSS8W5-zFLf6GnT48W1P_W-s4tqb0YW854MMp5hMtHnW26qcC334Pvpqf6z8dzx04 Page URL
  2. https://d2wc4w04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvslJJN7hHBqYlFTMyN8kp0c6TbvWmN3RVL9HbvT2LMFZ-_fQf51FW7TMb7z3xSnS0V37jMj1ldVh3W2pMk9n36-3_4W59TymK3gWKyTW87qcr68LY2RmW4flkvL4JXfRQW3KGdRv2_n9WbN38Fcq61WTVzW7Zslwt1KQdx0W49cvDw47SYmLW81NsMc7St5N4W1L70PL7s5dwwW4WKS8_4YLNyPVPPl4n8WD4s_W3qH8xS4cwmjQW3NVj1l5TgnLgVy1z1w8s8tBjVP75lV12wSS8W5-zFLf6GnT48W1P_W-s4tqb0YW854MMp5hMtHnW26qcC334Pvpqf6z8dzx04?_ud=1ec8cfc0-bff1-465d-895f-9c07050ec2a6&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvslJJN7hHBqYlFTMyN8kp0c6TbvWmN3RVL9HbvT2LMFZ-_fQf51FW7TMb7z3xSnS0V37jMj1ldVh3W2pMk9n36-3_4...
d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvslJJN7hHBqYlFTMyN8kp0c6TbvWmN3RVL9HbvT2LMFZ-_fQf51FW7TMb7z3xSnS0V37jMj1ldVh3W2pMk9n36-3_4W59TymK3gWKyTW87qcr68LY2RmW4flkvL4JXfRQW3KGdRv2_n9WbN38Fcq61WTVzW7Zslwt1KQdx0W49cvDw47SYmLW81NsMc7St5N4W1L70PL7s5dwwW4WKS8_4YLNyPVPPl4n8WD4s_W3qH8xS4cwmjQW3NVj1l5TgnLgVy1z1w8s8tBjVP75lV12wSS8W5-zFLf6GnT48W1P_W-s4tqb0YW854MMp5hMtHnW26qcC334Pvpqf6z8dzx04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:252e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
814f7a63abcc928d-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 12 Oct 2023 12:52:06 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
15
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7d997f8c5-md8bk
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
93593f89-ffa1-4ccd-95fc-65e341893022
x-request-id
93593f89-ffa1-4ccd-95fc-65e341893022
x-robots-tag
none
Primary Request q3-2023-ransomware-report
labs.cyble.com/
Redirect Chain
  • https://d2wc4w04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvsl...
  • https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6...
53 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Requested by
Host: d2wc4w04.na1.hubspotlinks.com
URL: https://d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvslJJN7hHBqYlFTMyN8kp0c6TbvWmN3RVL9HbvT2LMFZ-_fQf51FW7TMb7z3xSnS0V37jMj1ldVh3W2pMk9n36-3_4W59TymK3gWKyTW87qcr68LY2RmW4flkvL4JXfRQW3KGdRv2_n9WbN38Fcq61WTVzW7Zslwt1KQdx0W49cvDw47SYmLW81NsMc7St5N4W1L70PL7s5dwwW4WKS8_4YLNyPVPPl4n8WD4s_W3qH8xS4cwmjQW3NVj1l5TgnLgVy1z1w8s8tBjVP75lV12wSS8W5-zFLf6GnT48W1P_W-s4tqb0YW854MMp5hMtHnW26qcC334Pvpqf6z8dzx04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ac1d825922dae46d1c411dd75a6e69a40f2deb50738a7c9952659b95219f6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://d2wc4w04.na1.hubspotlinks.com/Ctc/W*113/d2wc4w04/VW-LRf3JlJ7_Vm10M12qWSpyW87_Sgk54xFRqMQqrWF3qn9gW95jsWP6lZ3n7W96TkMP503qSgW3s71Mw8vSKr2W1hGMsS8NSHDbN6fYvYhvslJJN7hHBqYlFTMyN8kp0c6TbvWmN3RVL9HbvT2LMFZ-_fQf51FW7TMb7z3xSnS0V37jMj1ldVh3W2pMk9n36-3_4W59TymK3gWKyTW87qcr68LY2RmW4flkvL4JXfRQW3KGdRv2_n9WbN38Fcq61WTVzW7Zslwt1KQdx0W49cvDw47SYmLW81NsMc7St5N4W1L70PL7s5dwwW4WKS8_4YLNyPVPPl4n8WD4s_W3qH8xS4cwmjQW3NVj1l5TgnLgVy1z1w8s8tBjVP75lV12wSS8W5-zFLf6GnT48W1P_W-s4tqb0YW854MMp5hMtHnW26qcC334Pvpqf6z8dzx04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=10800, max-age=0
cf-ray
814f7a679b810857-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 12 Oct 2023 12:52:07 GMT
edge-cache-tag
CT-137764383561,P-21289959,CW-100868428434,PGS-ALL,SW-0,GC-100375887270,GC-79460441944,TS-79811457458
etag
W/"ec92596e194ba36e86c0c8a30707a676"
last-modified
Thu, 12 Oct 2023 05:33:33 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDVL7Z8mfX%2FwIIY1ogGQ3RKlrM7GVdxkJqlxC%2BZvzW6DJ3FW0Y4Q0Y7io3LyOhw%2FzuhVLVBe5le93IVxD2MNDn%2BDoasKcIOFiUFq8apNOEfYG3duIN45HQxn%2Bt7oDI46Zi1sZmT3f%2F%2FhPs0V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cache-control
s-maxage=10800, max-age=0
x-hs-cf-cache-status
HIT
x-hs-content-campaign-id
daefd824-13a2-4efc-bc10-7bea5ccd4a2e
x-hs-content-id
137764383561
x-hs-https-only
worker
x-hs-hub-id
21289959
x-hs-prerendered
Thu, 12 Oct 2023 05:33:33 GMT

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
814f7a664dd8928d-FRA
date
Thu, 12 Oct 2023 12:52:06 GMT
link
<https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email>; rel="canonical"
location
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
41
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7d997f8c5-75r5f
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
8011cb0c-e684-4a1c-9135-fccf1be5cd15
x-request-id
8011cb0c-e684-4a1c-9135-fccf1be5cd15
x-robots-tag
none
index.js
labs.cyble.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 5cb605e8100138acccc04f094724133e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
15024415
x-amz-cf-pop
CDG52-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Apr 2023 15:17:56 GMT
server
cloudflare
etag
W/"0bbd63c0750f141fd5cec04a9393647e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrP%2BWBuBGRwYzMzKC9HAXaKo6FG3x%2B4f%2B%2B3dZMOIdcboQlU9PAIo1Hhen%2BfCytoTQSvzuzGIS8vLkRafkNu2E2Dtbi9Ng6qM0MKMvIOwnIOjXCuG1e8sZIPzxcQfWuGC5mOyXhND0TBIojNF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814f7a683c520857-FRA
x-amz-cf-id
1HpAFXqvL-enGli7aFtbEYFS9QYd6YvOX2Rnrw2xQ2piSsJZzYKgAg==
expires
Fri, 11 Oct 2024 12:52:07 GMT
project.js
labs.cyble.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
17808222
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FGIg3tOPRSFYMVlekjvJW%2Fqq2iQ3nzWtRkAXessDuylshf149iUlWNR8HitBCFlHQkIwyMgFRyJ%2FHqOpMSPe3FCtO%2BoATdiuvfMFyYEIOyYPl%2FyT1FscanQFJy%2BMOLTFat0Ix%2B8jCi0dRjm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814f7a683c560857-FRA
x-amz-cf-id
vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires
Fri, 11 Oct 2024 12:52:07 GMT
v2.js
labs.cyble.com/_hcms/forms/ 		549 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
45
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3812/bundles/project-v2.js&cfRay=814f795046755b9e-FRA
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-evy-trace-listener
listener_https
etag
W/"84d6c03b19ba72ee08ca8c27dee147c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3812/bundles/project-v2.js
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-amz-version-id
4b09e6_AhU37WJHx62r2StyRWH0KMlOF
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
662ce5d8-5709-42ff-a5c0-dc6375b2cd4e
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
662ce5d8-5709-42ff-a5c0-dc6375b2cd4e
last-modified
Fri, 22 Sep 2023 08:13:06 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z7L%2FRqzQtmXnQIZnG7Fd%2FzJLkbt7bp2w94YL7s8y%2FHfPpfqbk6ayfZ%2Ful2ThHYiWua8AmZwzwHLUXjZ%2F%2FW92rPi%2Bba5oRZiLa0lBq%2BqvK4swcRiniHLk6y%2FE4lkft4g6KlLptCWuSqsAoAV"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-q9rvq
cf-ray
814f7a683c580857-FRA
x-amz-cf-id
X8jznFdBpK7nCRnBKI_MXowcFm_jrfZy6-fz6ZiaqQxoyhBf_WKxjg==
main.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1697064026829/hubspot/session/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1697064026829/hubspot/session/css/main.min.css
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e96257807abd6337cae06f2c9d920eb5845610fc80b63f578299abbef87193

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
age
49884
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"6d4bc52d462932903e37dabcdfb33b48"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1697064027731
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 12:52:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
3fd39129-d562-4ea9-a236-c72b08f05d5b
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
179
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
3fd39129-d562-4ea9-a236-c72b08f05d5b
last-modified
Wed, 11 Oct 2023 22:40:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnvmZVZrrF7h%2FdpiliY8Y7GY%2Bh%2BSjsMVMkAZftM9rUFXMjNpgKH1ZTRtXseRa4UXwLTLrSSeXc7FpcoreFvkbC0Efa%2Fsq4OVCTh6vtVdiEosg7p9aydONPEyUpaNdZJBI7z7U14OsEp%2FzpRGjYo%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-5745477c8b-xgsnc
cf-ray
814f7a685e6d2c6a-FRA
module_100868428434_CYB-headerModule.min.css
labs.cyble.com/hs-fs/hub/21289959/hub_generated/module_assets/100868428434/1688985642259/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/hs-fs/hub/21289959/hub_generated/module_assets/100868428434/1688985642259/module_100868428434_CYB-headerModule.min.css
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc5265b338a0b399b621fd1f88944205240e2e88eab29bf686fffc4b4716f9d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
281
x-amz-request-id
2584XTXTCS4QDT8T
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"f894e71507b3f878f2015f0f94351002"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1688985642259
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
Ak2EEI2TiSiS_WVoDk66mVfUNEipgFLO
x-amz-cf-pop
IAD55-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
d9a85a8c-e0e3-461d-9afd-19e054f2b664
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
139
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5llhrLLcRo3zIiEE6R6JcPdr638G/LfKfvhtDqCu+ctAFz2a6u5YC8DOIqR1LEA3PwRzzevuaQM=
x-evy-trace-route-configuration
listener_https/all
x-request-id
d9a85a8c-e0e3-461d-9afd-19e054f2b664
last-modified
Mon, 10 Jul 2023 10:40:43 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6pa9xhgar8%2B6Fl0n%2FZRm4%2FCNXmBrlVNt9NsRv9%2BtArQ65UHdoKNj%2BRaZpGzIOtV0kcXF15hfokJjr%2Fjo%2BtgWsXPb1mX45HJo40sv8WHlcDBSdWz8SVbBwQg1NRynGdGsAHjuMkl0pKKWBM%2B"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-fhfns
access-control-allow-credentials
false
cf-ray
814f7a683c5d0857-FRA
x-amz-cf-id
xc8pQIlrF_6eU8R0_RNNW08gG5Cl3pp2BVbxTq4WIKtRJb3Lj5es8A==
module_-25202478153_Social_follow.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202478153/1697071647253/ 		459 B
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-25202478153/1697071647253/module_-25202478153_Social_follow.min.css
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4e4967787fc6c9881f25d2ba38ae05efb92c04cc9b5398434f6ff8d0d1cbb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
age
35497
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"cf49039ec9fd99bef19ea0c926c9328e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1697071647253
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 12:52:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
939c1583-2c0a-4a6e-b21b-221a8d6553a9
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
129
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
939c1583-2c0a-4a6e-b21b-221a8d6553a9
last-modified
Thu, 12 Oct 2023 00:47:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1dJeu%2BdpmQTX08dgV%2B2O2MPQ0OZB0Z4w1Dp7DIWUo7%2B5%2BvAyakt%2BsyqngsVqOa3YZDJEkhBwgo9XKYsXZHN4dSWnItJC33e%2Bw9vKn9VnXa3zciFxlHhihrusYYEa4bffyllm3xqzXj64zWPfNI%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-5745477c8b-fc8qf
cf-ray
814f7a685e6f2c6a-FRA
menu-bar.png
labs.cyble.com/hubfs/ 		1004 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.cyble.com/hubfs/menu-bar.png
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9288feaa511ecdf49dcc958a3452852f73bc8d24016f21ee627aa0db8efffdc8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-107185494103,P-21289959,FLS-ALL
age
10329
x-amz-request-id
BQYT8Q4X9ESTHG1H
x-amz-server-side-encryption
AES256
edge-cache-tag
F-107185494103,P-21289959,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="menu-bar.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"20d4c97b1ae3020e8f0a48f31dbc9ba1"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1679307832377
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
UUIj9BS7p6BQFwtP.huO_YYWu7Oz6uYW
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=2681
x-cache
Miss from cloudfront
cache-tag
F-107185494103,P-21289959,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
1004
x-amz-id-2
HvK2fmvwxf0b3uRJOappwcQCI6HccJa/GGo/SSS9TcvnZdqtBxEsyQsCkQCyTq068Ub7FZaoUKk=
last-modified
Mon, 20 Mar 2023 10:23:53 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME1GgbYfpPUL%2BYYmqlWEq8tXZlWR0Ut0gt1erIXFfabo7MXcHnRqv4amrHxUsk5EKN0v1GJ7ZU5%2FDlfziUejm%2FRGVmnvDtSmz82hZ52l9elT61hFmd%2F1YpfmN6q3c1c3rv5vh3Mf7n4vUs80"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814f7a689ac23813-FRA
x-amz-cf-id
0ejAf8n-rfU4B57-9-ASmTMZwsAYtQviAzlf3K-jXj4Fj__UCZ_nTw==
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.388/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5ffd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via
1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
DUS51-P2
age
81521
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 15 Aug 2023 19:48:57 GMT
server
cloudflare
etag
W/"8741985292d64b839be39c64b14f3783"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2ByRTLv38Ign%2Fc2ZUrMlhp1CjdDs5RBCrn3Rtrc%2BtE%2B9FTm7bJpQnlok60A5ySh%2Baz2dT%2B0ZNQM9in937HJvD7dkOwRYAzGd4Slz%2BtksvuXBOrxHbidvl0vgO6WD9JU6wY1qm4738aV9lUsUVgLL3AI9su4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
814f7a68acd49113-FRA
x-amz-cf-id
YDylR4RA-ioM82E76gpw0GmOvVJnidMJ5Tl6FSfBPrITbWeOk-EgyA==
expires
Fri, 11 Oct 2024 12:52:07 GMT
main.min.js
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1697064012899/hubspot/session/js/ 		1 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1697064012899/hubspot/session/js/main.min.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d649407e18affe1292546e36fd4eeee261e1b375681c693cfd82a2dc3bd154d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
age
49884
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-evy-trace-listener
listener_https
etag
W/"e39ff6f05e683a9282b3054a913d03fc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1697064013057
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 12:52:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
4a8fdc9f-43d9-4689-9016-ab86438f2d67
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
121
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
4a8fdc9f-43d9-4689-9016-ab86438f2d67
last-modified
Wed, 11 Oct 2023 22:40:14 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD4q2Ko5pSmUlVye6glVNanRQqhPzP9ppM4Y0bTmCjC1%2F9%2BTL%2BlANaFYTAaGtFxgnFNor008xXKZh5Xc6Mi9f1joMvOoo5Rsr9hnEMdZZce6DRDGTmoPI1DYvq6lYiOqhzYj7gQI7Jq%2Bj3PLncM%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-5745477c8b-fc8qf
cf-ray
814f7a689eb12c6a-FRA
21289959.js
labs.cyble.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/hs/scriptloader/21289959.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc73f3b427eb307080cbf941ba2d857f942304763b333570dbbfaa2d5067e9a0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d126a6f5-0a17-46ae-9676-701094fbcf50
content-encoding
br
x-envoy-upstream-service-time
29
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d126a6f5-0a17-46ae-9676-701094fbcf50
last-modified
Thu, 12 Oct 2023 10:01:01 GMT
server
cloudflare
x-trace
2BE4B5AE9C1BEC96F4DC937FCB83D59692B3E3321E000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://labs.cyble.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-fvfc4
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEsNBYKZKnnQ0FvbYMNRh2scli8pbjdS99fLqCZio15FX7GJFcWH%2FixpjipIrgLfLeAkSmOf1LkXIWF63kI2W3MfmqwB9CvTxd8emDAT7mNrpjqnNt%2FtXyI%2Fz7LXu%2BWKvVxtkZ0RB%2BooonhZ"}],"group":"cf-nel","max_age":604800}
cf-ray
814f7a689ac43813-FRA
expires
Thu, 12 Oct 2023 12:53:07 GMT
bg-image.jpg
labs.cyble.com/hubfs/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.cyble.com/hubfs/bg-image.jpg
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
091e161ccb19a452f85a48c09dec8f0cabe44af562941e7772cd940938025f93
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-139804765706,P-21289959,FLS-ALL
age
10316
x-amz-request-id
4X1DT6XM4C2S6SGC
x-amz-server-side-encryption
AES256
edge-cache-tag
F-139804765706,P-21289959,FLS-ALL
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"735e695b8423f123c62a107b24e7d31e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1697082055022
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
DTd21tYbASfepELdpjH8db9tJeaMcw_d
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
degrade=85, origSize=133466, status=webp_bigger
x-cache
RefreshHit from cloudfront
cache-tag
F-139804765706,P-21289959,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
87588
x-amz-id-2
KugZxPJrc6Jyxo/rNoAFGXaDJJO45kNe+qXPpIe1OMUWI7fiR8Xuh+QPDn+I3tjNI+SCqmdNkw0=
last-modified
Thu, 12 Oct 2023 03:40:56 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvEQFtMpaBSpKyDRXge2%2F5m7oZZZhclJPgQVygBSG2U0irv8PPQfSaONLQJqeOycmp0VmYfRuIaNIv94xGpL5NtGlBteFhvB3lMo8Ag8QuXoTYPAQ%2BYiXaiNoWP5tvluY5LCsRvVd7PDpoWU"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814f7a689ac73813-FRA
x-amz-cf-id
ct-HoAHIzBA33nwKwerOgUKYVJc0tNTn52UBEoCGrhdYi3u4fWWeDQ==
900.woff2
labs.cyble.com/_hcms/googlefonts/Nunito_Sans/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/_hcms/googlefonts/Nunito_Sans/900.woff2
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
636c8043c0ceea00700ae11bc14d6b1412a8a619d6de6f52d8290254085297d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 12:52:07 GMT
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P7
x-amz-request-id
5RNWCREMJJFNDDSD
x-amz-server-side-encryption
AES256
x-amz-version-id
vBJl2Ogdk0cdY1bslrPiXkoocmYgPe0h
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
36096
x-amz-id-2
SDFRD+DMogVD1zSfLSOfaYxHGOg1VjWDNUW6VZGwH4fp4GbG3Qd87kukgchR7A4VplJfOuCnqIGJDHvcLrG66DaOh8yVrcNr9TNyD12dIB0=
last-modified
Tue, 12 Sep 2023 21:22:56 GMT
server
cloudflare
etag
"02a7863d3c0ba6efd0b130c3a42f80ef"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkx8UH1stPlkpLTi5aDXDup2U1GvvDulKw6OwLBot6VCGWLmJrtQU3T0XeyS1ilCLzPrwdQzZmuiUemHmUb%2B1HQFEwIWYl4VrXe7kCHCp7Qdi4o04jKiEnd2cvcDVgWyS8BrPAoqvFHO6Klw"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814f7a689ad13813-FRA
x-amz-cf-id
C_jk-kRZP2GjgbsxKXO3WI6aaHb6vgVoMB9_NVFJyP6klKb03V1Dzg==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
800.woff2
labs.cyble.com/_hcms/googlefonts/Nunito_Sans/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/_hcms/googlefonts/Nunito_Sans/800.woff2
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fdf62b7a40e52d0bc3228ae48f26ee3c6da5fc94c46f4e1ff26c68422c44347
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 12:52:07 GMT
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P7
x-amz-request-id
ATJ2PN6JC9D5VR0A
x-amz-server-side-encryption
AES256
x-amz-version-id
mobmwledOPkeAkMxxvT4lDEsovPvW4Rf
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
35888
x-amz-id-2
IPVwqewFZAQ4nfwsof7R9PSJwSy+EYIWRQXDZEclYUYuWRocmuLFlPpuEIJbI+gY5M+khCw7OBo=
last-modified
Tue, 12 Sep 2023 21:22:50 GMT
server
cloudflare
etag
"b24f5136c9157df7aebc8fa3c1589efd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h85UYIiPw38Zhmhw9bHrx%2F98wVJEhDYfqzCHzc82dDIAB%2FQARStswqWmwNBa6Cj%2FXaltJNs114HDPENkra4GSZp0x%2FaTZsx1Z%2FwnLkqP%2BX1%2FwlNdkgu0fuHeL%2B%2BlOg6VY2W7B8D93oB8xywq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814f7a689ad33813-FRA
x-amz-cf-id
UjNU8MGhPEsMo-DyYv-rpSuP-yCaFas0ZCTGnwJsVsia2et7wtnFtw==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
regular.woff2
labs.cyble.com/_hcms/googlefonts/Nunito_Sans/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/_hcms/googlefonts/Nunito_Sans/regular.woff2
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30c9d985f1c79c6540bb8fc727e4bbd4ab87b8bcb4a19da59dd9c15db2bf00d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Thu, 26 Oct 2023 12:52:07 GMT
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P7
x-amz-request-id
0WSB03C80V79BEBC
x-amz-server-side-encryption
AES256
x-amz-version-id
kavfBS1Y0UuyaUfkpYMDRF3Ino.M2lq0
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
alt-svc
h3=":443"; ma=86400
content-length
35636
x-amz-id-2
Jua0AFyqTA9Wvb3oOSZ7hnrKHFcvVtF5kNVmrokCIURPQ9So1aZJl7tZTA3MGGZMIVK8B+/pkgg=
last-modified
Tue, 12 Sep 2023 21:22:58 GMT
server
cloudflare
etag
"f334ad016f38ad7436ed757c63e83cbd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKmju4EiygOQEI3G%2BARkuDQo0yObEclAtMKbkwXlLxzlTV%2Fh2FkiLOqg0lTtqGQYVZBZSn8STIs4wENJFjabF7c5zq3BKKlZm2XUNWbNm1ptMOKol%2FG2H07uQ1PF7YeojDwKbB4dF8KMwCFn"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
814f7a689ad43813-FRA
x-amz-cf-id
Vmx-Ke6-pR1RM3pgA7sQBS-7SD0dsQOsfyY-tqR4Zv1RX0gU3mUs6g==
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
cyble-black-logo.png
labs.cyble.com/hubfs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.cyble.com/hubfs/cyble-black-logo.png
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a930e15514e09df85ea324c56f2a08ef3b1790be6b2bbf521b7d8d05fa0c8abe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-82853552823,P-21289959,FLS-ALL
age
10329
x-amz-request-id
BQYZ3ZX45YVR6QFY
x-amz-server-side-encryption
AES256
edge-cache-tag
F-82853552823,P-21289959,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="cyble-black-logo.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"e0297631574467339d79e2d64eabf380"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1661321993748
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
none
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
2OJGpxdJjyYqTFQBsFZV1JnAgOImzIOO
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=3755
x-cache
Miss from cloudfront
cache-tag
F-82853552823,P-21289959,FLS-ALL
x-amz-meta-index-tag
none
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
2920
x-amz-id-2
DgFkPUb1AQ70XqPmqCWZlO4aWrIzadvkIWYKfPWbtixKqzJ8M5gzWc/OAAFy5YaYH1lnah9Sux8=
last-modified
Wed, 24 Aug 2022 06:19:54 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRn%2FPuzoz4usuVPQH2qszrvTAFz70oqb9QYrTONYmCaK%2B1stbX8uKQTTdZnxEdBWV6xAjrTEHuVORamNY6g70f0FzSHwcSbgF5W8%2BGsVhMCRMtre65ZxP23VdOUegE2472W1lwR0gCl2HLOq"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
814f7a68bae83813-FRA
x-amz-cf-id
F3TRcmNwSgrBm6nf-fymMYozBE1uqwmfLrd1dSDIxk2g99Y-rp4G8w==
json
labs.cyble.com/_hcms/forms/embed/v3/form/21289959/3c19e9f5-611b-4b92-96fb-9aa6384667d8/ 		42 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/_hcms/forms/embed/v3/form/21289959/3c19e9f5-611b-4b92-96fb-9aa6384667d8/json?hs_static_app=forms-embed&hs_static_app_version=1.3812&X-HubSpot-Static-App-Info=forms-embed-1.3812
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc764d4cec1fb035cf0b839f4733def77caecc7b86c938cbf0baac90d839aee4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-origin-hublet
na1
date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
56024e06-3126-41ff-984b-9a89bde2c22b
content-encoding
br
x-envoy-upstream-service-time
41
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
56024e06-3126-41ff-984b-9a89bde2c22b
server
cloudflare
x-trace
2B9F6E1582F9C7A22C428BB89C209F630AB61F24A9000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-max-age
180
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-r4cs8
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftnjuyK%2BqNggfrwez9KUQVpm1KjxarBhmH5BIY7QX7wFzgf4z%2BbDvFIa%2FE2wFiWuGVxEpkxqfLW%2F6i3zBp0b2mSYPQIdNgbmPdIGoDll70YBbtiVhMJJTLqAEURWzqPKEOODp%2BvAXQI2nNin"}],"group":"cf-nel","max_age":604800}
cf-ray
814f7a692b833813-FRA
access-control-allow-headers
*
x-robots-tag
none
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=21289959&callback=jsonpHandler
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
982a26a4-f148-416f-9296-e687ab97f4e8
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=814f7a697d7a3a3e&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
982a26a4-f148-416f-9296-e687ab97f4e8
server
cloudflare
x-trace
2B613193CD1EE0BE39858CDBE65E3B09FBB4A028EF000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-mlg6m
x-evy-trace-virtual-host
all
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
814f7a697d7a3a3e-FRA
21289959.js
js.hs-analytics.net/analytics/1697115000000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1697115000000/21289959.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/hs/scriptloader/21289959.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac0a2640002afaa7042fbbd84fc1ee1b00df136b311e25cac9dabf9f483c3a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
DCMS4RNEEQC492CT
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
9e35b248-f01c-4ad2-8d6b-3fc3b8f52b53
x-envoy-upstream-service-time
28
x-amz-id-2
QsnoU7Vk55yApf02QNFx7lm63Wz/KQuQd0KuUQ/1PA3lHCtZIFBKmC4OvbyXQNOsavQV0tW45yg=
x-evy-trace-listener
listener_https
x-request-id
9e35b248-f01c-4ad2-8d6b-3fc3b8f52b53
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 11 Oct 2023 06:35:48 GMT
server
cloudflare
etag
W/"e34c20781d72c76ea68d1cdecd0a76b4"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
814f7a6aaad92c5f-FRA
expires
Thu, 12 Oct 2023 12:57:07 GMT
web-interactives-embed.js
js.hubspot.com/ 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/hs/scriptloader/21289959.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb73112c646c0cfca5313dce411270cee90340454a51c3ee1218834774ddd5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.579/bundles/project.js&cfRay=814f7a6aa9e92c75-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"61cf09f2840246c03b083d2b2aaedbaf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.579/bundles/project.js
date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
ZH1lXdEo36sSD12T68pVuRktbLMj6Y_H
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
1cb6d396-8967-4652-beef-31cd84d4962e
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-request-id
1cb6d396-8967-4652-beef-31cd84d4962e
last-modified
Wed, 04 Oct 2023 10:21:17 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RavT9pvki4XnLGem8XuU726WWXMUnMNX5qFV66bJ2Qh%2BahgmBvIQN0ShJpz9A5FOXIavQatrgIdKry52IKMIFVfjKAYZWRwlnVnPusPjXsX43w4bHSdobc0EeAe2KfjnGri9Vp4PE0Hshu4t"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-cq5v7
cf-ray
814f7a6aa9e92c75-FRA
x-amz-cf-id
OtijuNIAXOpwADBvSTq32gWQpFFYsv_imfEC1JajzvjgPGXxk0Mwsw==
leadflows.js
js.hsleadflows.net/ 		540 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/hs/scriptloader/21289959.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-encoding
br
age
10332
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js&cfRay=814e7e285fb02c73-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b41828c438dcec976b93ddee1edebd6d"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js
date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
w9qtR_oGTBab1H9Wt5L5qiHDqxRKIaLE
via
1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
d76a6a5e-106d-47aa-8019-c8e1f063d671
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-evy-trace-route-configuration
listener_https/all
x-request-id
d76a6a5e-106d-47aa-8019-c8e1f063d671
last-modified
Mon, 04 Sep 2023 12:55:59 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-sgzbx
cf-ray
814f7a6abd6c2c65-FRA
x-amz-cf-id
puQDzK-yH_5_CMOyOxxdfiRhnrAeDJuKNN4oCwu8rySa4kmWvoIGTA==
banner.js
js.hs-banner.com/v2/21289959/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21289959/banner.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/hs/scriptloader/21289959.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc992ac697275fb26c1638c176cee54c1aebae3ee2be24974ed0d6ec73ce34f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
DQiemF3tmvdiDI8Q4FbXc4Is0Sk.lRpy
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
DXQ612PZ9E7TR7PP
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
46956c64-6b6e-4e41-bd52-1c23d5af5efc
x-envoy-upstream-service-time
17
x-amz-id-2
1C7U6SP3IDRi3rq8bIlI2qDrHQZC35Ziluc+b/L9dOjSz1+zd3+a0QoI7UjzR6OlR4RCm5SUfaQ=
x-evy-trace-listener
listener_https
x-request-id
46956c64-6b6e-4e41-bd52-1c23d5af5efc
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 26 Sep 2023 21:58:23 GMT
server
cloudflare
etag
W/"41a0fc192fcdeba78bb36b60f0a347cd"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://cyble.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-c5f7fd779-mnjxc
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
814f7a6abb670408-FRA
expires
Thu, 12 Oct 2023 12:57:07 GMT
conversations-embed.js
js.usemessages.com/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/hs/scriptloader/21289959.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
q7mMdyrgJRb2V1PNW0MT.lJmDYHWhi5r
via
1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
555
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14392/bundles/project.js&cfRay=814f6cdc5e1839e5-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
909465c0-6cef-4e7d-9b09-c00265639743
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
909465c0-6cef-4e7d-9b09-c00265639743
last-modified
Tue, 10 Oct 2023 02:47:57 UTC
server
cloudflare
etag
W/"8150bb6bff68cbcd9e5f8f6c23b586ae"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7c89bb96b9-mlg6m
cf-ray
814f7a6aaa0a1951-FRA
x-amz-cf-id
eQCIQQJZBLP7Wtw7oktUdQtTHRoxj1NK2NWrtMlXGfh-dBxZtSGd8g==
x-hs-target-asset
conversations-embed/static-1.14392/bundles/project.js
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 12:52:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
e44fc2ab-44ed-46e7-a0cf-ab05332c5079
x-envoy-upstream-service-time
24
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e44fc2ab-44ed-46e7-a0cf-ab05332c5079
Server
cloudflare
X-Trace
2B3FD3C61E13529D37620252205484DA63F42AD420000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-48whc
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
814f7a6ab914996c-FRA
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_360d6478_241d_43d3_afdf_78b03cb1e74c&render=explicit&hl=en
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0873179144c75d3519ec9bea6468688fca4006ebbcde5be191527134b47cb0e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 12:52:07 GMT
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 12:52:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
7546fb46-317f-4b87-a5c6-c1ccb56d0186
x-envoy-upstream-service-time
31
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7546fb46-317f-4b87-a5c6-c1ccb56d0186
Server
cloudflare
X-Trace
2B4D1D7012A7DD6BC5801ABB4B397A352FD92D4B19000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-lmntd
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
814f7a6adb633600-FRA
widget
labs.cyble.com/_hcms/livechat/ 		541 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://labs.cyble.com/_hcms/livechat/widget?portalId=21289959&conversations-embed=static-1.14392&mobile=false&messagesUtk=418ad23c99c74e98bad24dbf5797dff5&traceId=418ad23c99c74e98bad24dbf5797dff5
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
36153b1633abc95bea4c4bf1e8648bc0d225c0ca340f488c00acb96b42b1c5d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ec65c2d8-7302-4c51-bf27-4a434b1b2b3d
x-envoy-upstream-service-time
8
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ec65c2d8-7302-4c51-bf27-4a434b1b2b3d
server
cloudflare
x-trace
2B55B3BB3A324A8D0E6270224DB7B7C065A6E7CC39000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-x526w
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2F%2B551FbYnM%2FCYBw8cX5u4Eq2dpN6PgD5%2BTvE8w9sMhG4ypYCrfu8GD%2FNZuXieD6%2Bl7ONSEYtBn0BtLlmzVsvcF8xOrakpCFoy37%2BC6StdLkkcnDMBl%2FYApncn02L3OGD5UYVsFwL5UMW4Oj"}],"group":"cf-nel","max_age":604800}
cf-ray
814f7a6afd613813-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_360d6478_241d_43d3_afdf_78b03cb1e74c&render=explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189597
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:38:16 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 29F1 		58 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
041d6320b6af2fc5cb58f2d9e88788e2737f1be585efdbb68b1d7e7fc8d25516
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vJlxyCR7PML0U0mTkXSzZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vJlxyCR7PML0U0mTkXSzZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 12:52:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		207 B
1014 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=21289959&currentUrl=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report%3Futm_id%3Dq3report%26utm_campaign%3DAll%2520Database%2520-%2520Q3%2520Ransomware%2520Report%26utm_medium%3Demail%26_hsmi%3D278051406%26_hsenc%3Dp2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA%26utm_content%3D278051406%26utm_source%3Dhs_email&contentId=137764383561
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
18ed72b0-b444-4368-af0e-5b8a18429402
content-encoding
br
x-envoy-upstream-service-time
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
18ed72b0-b444-4368-af0e-5b8a18429402
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://labs.cyble.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NU820D6eh76iZwFieJNIXlr7AvEYX2Ki99XjwfK2LcjIpAKVluN1jga1CSL1WH15RN%2BIHNXPavV9bD6cP%2FwKUP37bSZPZc2hrEW%2FIXhyLMerFngvD5moEv9xSOj8Es3YIHuvpJ2Mcq4%2BD3Zw3JyD2OM5Py%2BoZ08z%2BzA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
814f7a6bbb432c75-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-x2zdh
view
js.hs-banner.com/v2/activity/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/21289959/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 12 Oct 2023 12:52:08 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-hubspot-correlation-id
2186f61d-f1c4-4ef7-b317-face11463738
x-envoy-upstream-service-time
84
x-evy-trace-route-configuration
listener_http/all, listener_https/all
x-evy-trace-listener
listener_http, listener_https
x-request-id
2186f61d-f1c4-4ef7-b317-face11463738
server
cloudflare
x-trace
2BBFAAC6EBA9F503EF256445E47785734DA35B6EAD000000000000000000
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host
all, all
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-874b7f86f-c8mbz, iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin
https://labs.cyble.com
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
814f7a6e39772c1b-FRA
view
js.hs-banner.com/v2/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://labs.cyble.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://labs.cyble.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
814f7a6bdde52c1b-FRA
content-length
0
content-type
application/octet-stream
date
Thu, 12 Oct 2023 12:52:08 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
ca4f2160-68bc-4d94-8f48-c98c7fc3814c
x-request-id
ca4f2160-68bc-4d94-8f48-c98c7fc3814c
styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 29F1 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:38:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 29F1 		464 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189597
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:38:16 GMT
Lato-Regular.woff2
js.hs-banner.com/v2/fonts/Lato/ 		178 KB
180 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/fonts/Lato/Lato-Regular.woff2
Requested by
Host: labs.cyble.com
URL: https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer
https://labs.cyble.com/
Origin
https://labs.cyble.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
x-amz-version-id
19GiAjtnZtKA4vYvvfjxgs0SOFKRH2df
cf-cache-status
HIT
x-amz-request-id
QG45J0E54BEHF38K
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
99789c9a-baef-4b53-886e-16d31bc86a0d
age
10329
x-envoy-upstream-service-time
56
content-length
182708
x-amz-id-2
YrMMl6PPAIJeBgGM/RDQkBcBqsLMlgKT/6hXq/qbenkEEHGoip28vT0wd5Nfaudx0Emp6lZQ2p0=
x-evy-trace-listener
listener_https
x-request-id
99789c9a-baef-4b53-886e-16d31bc86a0d
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 12 Sep 2022 19:35:55 GMT
server
cloudflare
etag
"bd03a2cc277bbbc338d464e679fe9942"
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://labs.cyble.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
access-control-allow-credentials
true
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
814f7a6bdde32c1b-FRA
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 29F1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 00:18:29 GMT
x-content-type-options
nosniff
age
563618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 13 Oct 2023 00:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29F1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
453898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29F1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options
nosniff
age
573932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 21:26:35 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 29F1 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=lLirU0na9roYU3wDDisGJEVT
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5063a68a88966cff9baa3bf09bf0352e9c05164c66e9b4ef2c4d5453dc9e1ca7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9sYWJzLmN5YmxlLmNvbTo0NDM.&hl=en&v=lLirU0na9roYU3wDDisGJEVT&size=invisible&badge=inline&cb=x14ziep5btbi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 12:52:07 GMT
__ptq.gif
track.hubspot.com/ 		45 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=21289959&pi=137764383561&ct=landing-page&ccu=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report&cpi=137764383561&lpi=137764383561&lvi=137764383561&lvc=en&pu=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report%3Futm_id%3Dq3report%26utm_campaign%3DAll%2520Database%2520-%2520Q3%2520Ransomware%2520Report%26utm_medium%3Demail%26_hsmi%3D278051406%26_hsenc%3Dp2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA%26utm_content%3D278051406%26utm_source%3Dhs_email&t=Cyble+Q3+Ransomware+Threat+Landscape+Report+2023&cts=1697115127828&rv=1&vi=095771e911605dd65f177fbee71f5e0a&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
38936132-8815-4171-82a3-c641b2247446
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
6
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
38936132-8815-4171-82a3-c641b2247446
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnd2bycpoVZxtalqL2ts4Ek3bnQzRATnz7%2FxRudGeBJFSmddinAtzPZgzb52aoCZ8slHQPnvGsvkv98MT7eWo6HlBfGwhgiBGJ%2FZWmlv4Fhl014RusHs%2By%2BR7B%2F6yUutcDiw%2Bho9SNJfBjoXYiz3"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-nmm4s
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
814f7a6d0a353a3e-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=3c19e9f5-611b-4b92-96fb-9aa6384667d8&fci=360d6478-241d-43d3-afdf-78b03cb1e74c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=21289959&pi=137764383561&ct=landing-page&ccu=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report&cpi=137764383561&lpi=137764383561&lvi=137764383561&lvc=en&pu=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report%3Futm_id%3Dq3report%26utm_campaign%3DAll%2520Database%2520-%2520Q3%2520Ransomware%2520Report%26utm_medium%3Demail%26_hsmi%3D278051406%26_hsenc%3Dp2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA%26utm_content%3D278051406%26utm_source%3Dhs_email&t=Cyble+Q3+Ransomware+Threat+Landscape+Report+2023&cts=1697115127831&rv=1&vi=095771e911605dd65f177fbee71f5e0a&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1776308c-801f-41c2-887a-2e2d0f6838b3
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
12
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1776308c-801f-41c2-887a-2e2d0f6838b3
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr1eYb04Lmj3arj%2FBf2guzODTdydV9085hRaMevfmGtPJkRWVa1D9RJtWwkx2pZ8UNB6F2W8kZ66QyN5IHI%2BcDboA8Nv%2BIpX1W6f7IeJVs6XQxj3DypxU%2FrjfscHxML2pxYWNKk2cMRjA3SIJiTP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-pptkh
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
814f7a6d0a363a3e-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=3c19e9f5-611b-4b92-96fb-9aa6384667d8&fci=360d6478-241d-43d3-afdf-78b03cb1e74c&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3335903367&v=1.1&a=21289959&pi=137764383561&ct=landing-page&ccu=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report&cpi=137764383561&lpi=137764383561&lvi=137764383561&lvc=en&pu=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report%3Futm_id%3Dq3report%26utm_campaign%3DAll%2520Database%2520-%2520Q3%2520Ransomware%2520Report%26utm_medium%3Demail%26_hsmi%3D278051406%26_hsenc%3Dp2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA%26utm_content%3D278051406%26utm_source%3Dhs_email&t=Cyble+Q3+Ransomware+Threat+Landscape+Report+2023&cts=1697115127833&rv=1&vi=095771e911605dd65f177fbee71f5e0a&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
65f78ce9-6381-4a89-a431-fe297778e2de
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
8
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
65f78ce9-6381-4a89-a431-fe297778e2de
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iTxTVlFHcl18K5S3oVqpaHl92N%2BHeozLm0Uwtv9ifzTap%2BHSY%2FgeiNZ8LKjSKQw75jocl5gH3wV%2B1sYczIKk%2FkF0NzSxiURUdB7FaqU%2BJOPceT%2FW%2BuDtlj1v7FJnlHW7uMqfIYm%2FB44zC7c%2BfvU"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-nmm4s
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
814f7a6d0a383a3e-FRA
x-robots-tag
none
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=21289959&contentId=137764383561&currentUrl=https%3A%2F%2Flabs.cyble.com%2Fq3-2023-ransomware-report%3Futm_id%3Dq3report%26utm_campaign%3DAll%2520Database%2520-%2520Q3%2520Ransomware%2520Report%26utm_medium%3Demail%26_hsmi%3D278051406%26_hsenc%3Dp2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA%26utm_content%3D278051406%26utm_source%3Dhs_email
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef8de7c99a6d52231cc38931f29dc357d772d4a3568a4a0393dca6f2f5b8806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
99b7f6ab-6af3-4a6b-9086-2f9fe051aa83
content-encoding
br
x-envoy-upstream-service-time
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
99b7f6ab-6af3-4a6b-9086-2f9fe051aa83
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://labs.cyble.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6WvzIngeZtSU%2BmXBpwcn9Gvkkom9rSJgN%2BJ7JzQgtjzzTjX1HmCLyleWkue%2F0cqSyqvssQoVaqtLVZkKIhegRggOkEFDL9HOB%2Bo2IWI3tqbuuN4qVvopFMDqKiJYjaLJhkRD3CGRTvqiYKa7K7k"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
814f7a6d5d082c75-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-tj9jf
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 12:52:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
226d4989-ba08-4227-b724-8afb49dc8743
x-envoy-upstream-service-time
23
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
226d4989-ba08-4227-b724-8afb49dc8743
Last-Modified
Thu, 12 Oct 2023 12:52:08 GMT
Server
cloudflare
X-Trace
2B28E7A97847FB1DA7640DDF04DA025C3C41E71ACC000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-79986f96f-4qqf5
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
814f7a6d6d399049-FRA
bframe
www.google.com/recaptcha/enterprise/ Frame 7329 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2786d530fced5e31b85984582970a527c626f0c41f3822854057883a03d20a4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PrxKdNm-zs1sRIWMVpw6Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.cyble.com/q3-2023-ransomware-report?utm_id=q3report&utm_campaign=All%20Database%20-%20Q3%20Ransomware%20Report&utm_medium=email&_hsmi=278051406&_hsenc=p2ANqtz-83Nv2X0JhoiGgJg7M-djwuAS6JawoRse3xkk0X1BQgWiIDOmepCB7K9js9-YaYyeeD94_DWgY0BY0szbSIXzhtKssaOA&utm_content=278051406&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PrxKdNm-zs1sRIWMVpw6Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Oct 2023 12:52:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 7329 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:38:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 7329 		464 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189597
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 12:38:16 GMT
reload
www.google.com/recaptcha/enterprise/ Frame 7329 		41 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a3e135c55734b7bec3ec8244858457c7ec73906ae9454d583e3e84655e8deb3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 12 Oct 2023 12:52:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 12:52:08 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7329 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 09:41:47 GMT
x-content-type-options
nosniff
age
443421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 14 Oct 2023 09:41:47 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7329 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 15:22:46 GMT
x-content-type-options
nosniff
age
509362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 13 Oct 2023 15:22:46 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 7329 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:43:50 GMT
x-content-type-options
nosniff
age
551298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 13 Oct 2023 03:43:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7329 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
453899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7329 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:38:03 GMT
x-content-type-options
nosniff
age
551645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 03:38:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7329 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options
nosniff
age
573933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 21:26:35 GMT
payload
www.google.com/recaptcha/enterprise/ Frame 7329 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/enterprise/payload?p=06AFcWeA7eEh8SOV90Ch3tV5Tdp7QIuEAN7xYgG5GTzXCGmjsPsxmul1TC8F-Lwm1jFmd72vzKp2r5udd_gefLKI3La-hKD3qChi7RWgnW-R5NfX5LeG5MS8fxxaBpOQRZ1kdupvSaNtd0600YA0cJzZPja_Mw4ORw9MZSI9tSdU6F1s6wy6u_BIQURgzbfBA331bxm85yxODJP3QpDZqXhk09Zi6kr4odZA&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8797cd3c900f9f14a50a5baafcafe5c651751b621c1bcf66304c418cb1118f78
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=lLirU0na9roYU3wDDisGJEVT&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:52:08 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 12:52:08 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _hsp function| myFunction object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| options function| jsonpHandler function| hsRecaptchaLoaded_360d6478_241d_43d3_afdf_78b03cb1e74c boolean| hubspot_live_messages_running object| HubSpotConversations object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| closure_lm_925222 object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| __hsWebInteractiveInstance boolean| hubspot_web_interactives_running boolean| _hspb_loaded boolean| _hspb_ran object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

4 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANI2T2Fo9vcr5VSwdrUwtU6_A74l3Yq6fFGYfKL8GHgvRXPLLddg7_R8MhxULn0-EzbZxOtIfkGurfg2hvf0vAY
.labs.cyble.com/ Name: __cf_bm
Value: 1pDfckQmNClze829X2LYDOvaouWiaFx4IJtj2cvnrF4-1697115127-0-Acw2an0VJVfzdFk3WQVL/ThFLKif4uBztXbE2xKKoJCdWwERPEfH/IPBRNATukYx21VZ6RIm/upF25pj93U3Mfo=
.labs.cyble.com/ Name: __cfruid
Value: 01a0ed80904d85703e294308e9adef73b0e8f218-1697115127
.hubspot.com/ Name: __cf_bm
Value: QZtc0y8wpumQ0PjZW9diG_rW7bNI2zWbOnalWxZwVkQ-1697115127-0-Aa6gBaqsrbfSVxqYMgmaBHr4N1kFfYBdkpsb2zlhF0MzEj+XolOA9E9lCdLNArdJmNziWLH+Lo5XhWjMytnURt0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
cdn2.hubspot.net
cta-service-cms2.hubspot.com
d2wc4w04.na1.hubspotlinks.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
labs.cyble.com
perf-na1.hsforms.com
static.hsappstatic.net
track.hubspot.com
www.google.com
www.gstatic.com
2606:2c40::c73c:67e2
2606:4700:4400::6812:252e
2606:4700:4400::ac40:991b
2606:4700::6810:50ba
2606:4700::6810:6cd1
2606:4700::6811:faa8
2606:4700::6812:5ffd
2606:4700::6812:7c0c
2606:4700::6812:a07d
2606:4700::6812:b07d
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2003
041d6320b6af2fc5cb58f2d9e88788e2737f1be585efdbb68b1d7e7fc8d25516
0873179144c75d3519ec9bea6468688fca4006ebbcde5be191527134b47cb0e3
091e161ccb19a452f85a48c09dec8f0cabe44af562941e7772cd940938025f93
10e7b81bac41ad0da1d3f4a3498669f984e84db9d54eedf10e8e7d5b059c5d08
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2786d530fced5e31b85984582970a527c626f0c41f3822854057883a03d20a4d
2fdf62b7a40e52d0bc3228ae48f26ee3c6da5fc94c46f4e1ff26c68422c44347
30c9d985f1c79c6540bb8fc727e4bbd4ab87b8bcb4a19da59dd9c15db2bf00d0
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
36153b1633abc95bea4c4bf1e8648bc0d225c0ca340f488c00acb96b42b1c5d1
3a3e135c55734b7bec3ec8244858457c7ec73906ae9454d583e3e84655e8deb3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
48e96257807abd6337cae06f2c9d920eb5845610fc80b63f578299abbef87193
4e1f5dae1f231a3e6c42993418f2c2b7670e62db5b3ffee9afe0afa6657504f5
5063a68a88966cff9baa3bf09bf0352e9c05164c66e9b4ef2c4d5453dc9e1ca7
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
636c8043c0ceea00700ae11bc14d6b1412a8a619d6de6f52d8290254085297d5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8797cd3c900f9f14a50a5baafcafe5c651751b621c1bcf66304c418cb1118f78
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
9288feaa511ecdf49dcc958a3452852f73bc8d24016f21ee627aa0db8efffdc8
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
a24e66d830ef814bbcc4553b662e0c2afe733f8f30fb4a86be6df577d146bec2
a930e15514e09df85ea324c56f2a08ef3b1790be6b2bbf521b7d8d05fa0c8abe
abb73112c646c0cfca5313dce411270cee90340454a51c3ee1218834774ddd5c
b1a65063717196413801187164cad067a3c8b3f1c8d7cf768de32d1230ecdf3c
b399c5e2375b9f5d108af3cc74f7d665747a5d1955f5fde2db7f110b30a1f65e
b5ac1d825922dae46d1c411dd75a6e69a40f2deb50738a7c9952659b95219f6b
bc992ac697275fb26c1638c176cee54c1aebae3ee2be24974ed0d6ec73ce34f2
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cac0a2640002afaa7042fbbd84fc1ee1b00df136b311e25cac9dabf9f483c3a8
d649407e18affe1292546e36fd4eeee261e1b375681c693cfd82a2dc3bd154d7
db4e4967787fc6c9881f25d2ba38ae05efb92c04cc9b5398434f6ff8d0d1cbb0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc5265b338a0b399b621fd1f88944205240e2e88eab29bf686fffc4b4716f9d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc73f3b427eb307080cbf941ba2d857f942304763b333570dbbfaa2d5067e9a0
fc764d4cec1fb035cf0b839f4733def77caecc7b86c938cbf0baac90d839aee4
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fef8de7c99a6d52231cc38931f29dc357d772d4a3568a4a0393dca6f2f5b8806