www.evaluatorgroup.com Open in urlscan Pro
35.197.4.246 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.evaluatorgroup.com/ls/click?upn=KZL-2FFhm0E-2FA0U20xZaT0Ehlg83tNRsnZpHd-2B56jZoMLF-2FNxfxTgy4EewqMCnFd1O21BBdXiDg54...
Effective URL:
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Submission: On June 22 via manual (June 22nd 2021, 5:45:42 pm UTC) from CR

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 21 HTTP transactions. The main IP is 35.197.4.246, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is www.evaluatorgroup.com.
TLS certificate: Issued by R3 on May 30th 2021. Valid for: 3 months.

This is the only time www.evaluatorgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.124 167.89.123.124	11377 (SENDGRID) (SENDGRID)
1 5	35.197.4.246 35.197.4.246	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
7	108.161.188.228 108.161.188.228	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.77.117 65.9.77.117	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.94 13.224.193.94	16509 (AMAZON-02) (AMAZON-02)
1	3.14.38.68 3.14.38.68	16509 (AMAZON-02) (AMAZON-02)
21	10

1 167.89.123.124 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x124.outbound-mail.sendgrid.net

link.evaluatorgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.197.4.246 (The Dalles, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 246.4.197.35.bc.googleusercontent.com

www.evaluatorgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.161.188.228 (United States)

ASN33438 (HIGHWINDS2, US)

1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.117 (United States)

ASN16509 (AMAZON-02, US)

app.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-94.fra2.r.cloudfront.net

sc.cdnma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.14.38.68 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-38-68.us-east-2.compute.amazonaws.com

widgetapi.purechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	netdna-ssl.com 1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com	53 KB
6	evaluatorgroup.com 2 redirects link.evaluatorgroup.com www.evaluatorgroup.com	287 KB
4	gstatic.com fonts.gstatic.com	83 KB
2	purechat.com app.purechat.com widgetapi.purechat.com	5 KB
2	youtube.com www.youtube.com	43 KB
1	cdnma.com sc.cdnma.com	8 KB
1	googleapis.com fonts.googleapis.com	644 B
21	7

	Domain	Requested by
7	1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com	www.evaluatorgroup.com
5	www.evaluatorgroup.com	1 redirects www.evaluatorgroup.com
4	fonts.gstatic.com	fonts.googleapis.com
2	www.youtube.com	www.evaluatorgroup.com www.youtube.com
1	widgetapi.purechat.com	app.purechat.com
1	sc.cdnma.com	www.evaluatorgroup.com
1	app.purechat.com	www.evaluatorgroup.com
1	fonts.googleapis.com	www.evaluatorgroup.com
1	link.evaluatorgroup.com	1 redirects
21	9

This site contains no links.

Subject Issuer	Validity	Valid
www.evaluatorgroup.com R3	`2021-05-30` - `2021-08-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.purechat.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
sc.cdnma.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Frame ID: E87EDBCEB2A98BBFB0AF0D4CE84D5D7A
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://link.evaluatorgroup.com/ls/click?upn=KZL-2FFhm0E-2FA0U20xZaT0Ehlg83tNRsnZpHd-2B56jZoMLF-2FNxfxTgy4Ee... HTTP 302
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study HTTP 301
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

40 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

479 kB
Transfer

1507 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.evaluatorgroup.com/ls/click?upn=KZL-2FFhm0E-2FA0U20xZaT0Ehlg83tNRsnZpHd-2B56jZoMLF-2FNxfxTgy4EewqMCnFd1O21BBdXiDg54nqOieqBIbqIpi5wB-2BCoV1XNAMO58aUCWFqsgSFy5COXJNRQbF3E2luQua3X1AtHi7hgPezC-2BJ9kmd60rNQ8HxE8pbtHo0sTrW4j8halMn1cuc1OtbfsNFxXByxLALR5Z-2FjBKh9KAS0vp5r0feaSfHOeBsxRTlsEI-3DjA_b_29QiiZ2K4aGQ2vLdffUQvbER2EIDFyXO-2ByPf2TGbKcrX44NWe-2BCngsHeJicd6OTP26cfN62kJW4TvtR1SdxtcnwzGs8Ypza3T-2B1ppx74-2FHQYO6RPak3xObD1aeZaUBrW6zRt54QsGEQVrmZfg60TfJh3UVTjxq5qyBS6uYbHntoEFBd0nfQT8QfujKoaxgqCAUFK9KiLzen46bRx4gLdo15qL2maikf0TkOgh4iRgBZ-2Fa5saABitGGxuJJylsqNSiMi1PB1-2BGW3F5-2F7nD6hZkw-3D-3D HTTP 302
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study HTTP 301
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Redirect Chain

http://link.evaluatorgroup.com/ls/click?upn=KZL-2FFhm0E-2FA0U20xZaT0Ehlg83tNRsnZpHd-2B56jZoMLF-2FNxfxTgy4EewqMCnFd1O21BBdXiDg54nqOieqBIbqIpi5wB-2BCoV1XNAMO58aUCWFqsgSFy5COXJNRQbF3E2luQua3X1AtHi7hgP...
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study
https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/

83 KB
17 KB

158ms
158ms

Document
text/html

35.197.4.246
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.197.4.246 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

246.4.197.35.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

bb44879844e200b07989b4c0406c9ed9e466abc3864e620bf68af8e2aaec18b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.evaluatorgroup.com
:scheme: https
:path: /document/ransomware-pulse-survey-2021-research-study/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 22 Jun 2021 17:45:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
link: <https://www.evaluatorgroup.com/wp-json/>; rel="https://api.w.org/" <https://www.evaluatorgroup.com?p=53231>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 17
x-cache-group: normal
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; object-src 'none'
content-encoding: br

Redirect headers

server: nginx
date: Tue, 22 Jun 2021 17:45:26 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
expires: Tue, 22 Jun 2021 18:35:48 GMT
pragma: no-cache
x-redirect-by: WordPress
x-powered-by: WP Engine
vary: Accept-Encoding
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 15
x-cache-group: normal
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; object-src 'none'

GET
H2 200 6eedc5fb7b1184020fdc2a725ebcbfc0.css
www.evaluatorgroup.com/wp-content/cache/min/1/ 499 KB
63 KB 187ms
186ms Stylesheet
text/css 35.197.4.246
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.evaluatorgroup.com/wp-content/cache/min/1/6eedc5fb7b1184020fdc2a725ebcbfc0.css

Requested by

Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.197.4.246 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

246.4.197.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

661f05ed0ba12e77656b3d60a7f33bcc466d066900720ff3085e9a22dbd9fa69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; object-src 'none'

Request headers

:path: /wp-content/cache/min/1/6eedc5fb7b1184020fdc2a725ebcbfc0.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.evaluatorgroup.com
referer: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: br
last-modified: Tue, 01 Jun 2021 14:17:27 GMT
server: nginx
etag: W/"60b64177-7cdc8"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; object-src 'none'

GET
H2 200 css
fonts.googleapis.com/ 4 KB
644 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C600%2C700&display=swap

Requested by

Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b96d14e9928812e3681307fa02d0eb843d0ec499bb5c2723a1602ee8d085f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 17:45:26 GMT
server: ESF
date: Tue, 22 Jun 2021 17:45:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Jun 2021 17:45:26 GMT

GET
H2 200 jquery.json.min.js Show response
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/plugins/gravityforms/js/ 2 KB
1 KB 123ms
53ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/plugins/gravityforms/js/jquery.json.min.js
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 15:33:19 GMT
server: NetDNA-cache/2.2
etag: W/"5e9f123f-738"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
825 B 20ms
20ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44b1936529ffcfdf315d0e56760a396b6a33729b0e0c3ae272a5433ced0bf628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 22 Jun 2021 17:45:26 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9a8768c59fb97194bf8bc1b3c1045bc46fc5c332a69611a044b2a8f2f0c5ad7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52a16039da83815b929aa56ed143c3400bcb8601644ccf8ac94359dc36d45c61

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wp-polyfill.min.js Show response
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 101ms
36ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: gzip
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: NetDNA-cache/2.2
etag: W/"5ef9d585-183ee"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-includes/js/dist/ 7 KB
2 KB 109ms
45ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-includes/js/dist/hooks.min.js
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: NetDNA-cache/2.2
etag: W/"60367782-1b19"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 i18n.min.js Show response
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-includes/js/dist/ 10 KB
4 KB 115ms
52ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-includes/js/dist/i18n.min.js
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: NetDNA-cache/2.2
etag: W/"60367782-27b6"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5485c67b00a7b68cebe7ea7175d77c6241de9db537156f36ed92920cd4ae02cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lazyload.min.js Show response
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 20ms
19ms Script
application/javascript 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 23:06:07 GMT
server: NetDNA-cache/2.2
etag: W/"605bc5df-1ed2"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 f9e96287916998a120cc1c9f5a440557.js Show response
www.evaluatorgroup.com/wp-content/cache/min/1/ 463 KB
131 KB 265ms
265ms Script
application/javascript 35.197.4.246
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.evaluatorgroup.com/wp-content/cache/min/1/f9e96287916998a120cc1c9f5a440557.js

Requested by

Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.197.4.246 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

246.4.197.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e26e7f6da6b1a3704bd774a675fea402f96ee4e17c678b716955e068e4a68f2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; object-src 'none'

Request headers

:path: /wp-content/cache/min/1/f9e96287916998a120cc1c9f5a440557.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.evaluatorgroup.com
referer: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
content-encoding: br
last-modified: Tue, 22 Jun 2021 12:48:09 GMT
server: nginx
etag: W/"60d1dc09-73d7d"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; object-src 'none'

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20736f297cc96191469ee02ba7d5fdd73881279cac19e8a8a25af4d54feb9047

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C600%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.evaluatorgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 03:34:39 GMT
x-content-type-options: nosniff
age: 310248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21080
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 03:34:39 GMT

GET
H3-29 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C600%2C700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.evaluatorgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:47:47 GMT
x-content-type-options: nosniff
age: 3460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20444
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:47:47 GMT

GET
H3-29 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C600%2C700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.evaluatorgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 12:13:52 GMT
x-content-type-options: nosniff
age: 279095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21072
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:13:52 GMT

GET
H2 200 fontawesome-webfont.woff2
www.evaluatorgroup.com/wp-content/plugins/shiftnav-pro/assets/css/fontawesome/fonts/ 75 KB
76 KB 160ms
159ms Font
font/woff2 35.197.4.246
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.evaluatorgroup.com/wp-content/plugins/shiftnav-pro/assets/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/wp-content/cache/min/1/6eedc5fb7b1184020fdc2a725ebcbfc0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.197.4.246 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

246.4.197.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; object-src 'none'

Request headers

:path: /wp-content/plugins/shiftnav-pro/assets/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://www.evaluatorgroup.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.evaluatorgroup.com
referer: https://www.evaluatorgroup.com/wp-content/cache/min/1/6eedc5fb7b1184020fdc2a725ebcbfc0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.evaluatorgroup.com
Referer: https://www.evaluatorgroup.com/wp-content/cache/min/1/6eedc5fb7b1184020fdc2a725ebcbfc0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
last-modified: Tue, 21 Apr 2020 15:33:20 GMT
server: nginx
etag: "5e9f1240-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests; object-src 'none'
accept-ranges: bytes
content-length: 77160

GET
H3-29 200 7cHrv4kjgoGqM7E_Cfs7wH8.woff2
fonts.gstatic.com/s/barlow/v5/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow%3A400%2C400i%2C600%2C700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.evaluatorgroup.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 13:42:15 GMT
x-content-type-options: nosniff
age: 273792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22548
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 13:42:15 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/2fa3f946/www-widgetapi.vflset/ 126 KB
42 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fa3f946/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

664268bd0efac94af0eb610c4e167cfa0103d9e000486554dbb9e338da99c97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 20:22:20 GMT
server: sffe
age: 59115
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42733
x-xss-protection: 0
expires: Wed, 22 Jun 2022 01:20:12 GMT

GET
H2 200 WidgetScript Show response
app.purechat.com/VisitorWidget/ 12 KB
4 KB 77ms
21ms Script
application/javascript 65.9.77.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.purechat.com/VisitorWidget/WidgetScript
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/wp-content/cache/min/1/f9e96287916998a120cc1c9f5a440557.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac797f95b070018aae7d322d8448fe99e4851a97a80075233a5a97fcde172f0c

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 20:59:52 GMT
server: AmazonS3
age: 14160
etag: W/"79f2762727044fdc45805900e6c1a9f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
cache-control: public,max-age=14400
date: Tue, 22 Jun 2021 13:49:28 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: UDl0g7ROkSE9M17BmPfwSvqNN96ipABNZMaPVe1i_lxH5RPdQjgJjw==

GET
H2 200 capture.js Show response
sc.cdnma.com/apps/5631/ 28 KB
8 KB 112ms
30ms Script
application/javascript 13.224.193.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.cdnma.com/apps/5631/capture.js

Requested by

Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/wp-content/cache/min/1/f9e96287916998a120cc1c9f5a440557.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-94.fra2.r.cloudfront.net

Software

Resource Hash

8f2a995e50ba46c37e20386121794277866049d4d81ffd07ae77c6ff429ca68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 21:03:27 GMT
age: 11657
etag: W/"60186c9f-7102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
date: Tue, 22 Jun 2021 14:31:10 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tsYQFc2EgjT9WcUZYBcptaMQeyI7cVGsZnqdXfGcXkf328gJxbB2Sw==
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
expires: Tue, 22 Jun 2021 18:31:10 GMT

GET
H2 200 icon-search.png
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/themes/evaluator-aor/img/ 1 KB
2 KB 20ms
19ms Image
image/webp 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/themes/evaluator-aor/img/icon-search.png
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cb05856dafe2b0ee4667a66e34bd1ed1c8a6cf2f33ef9ed107e8041064512572

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
last-modified: Wed, 24 Mar 2021 23:06:07 GMT
server: NetDNA-cache/2.2
etag: "605bc5df-5ea"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1514
expires: Tue, 21 Jun 2022 07:16:25 GMT

GET
H2 200 EvaluatorGroup-Logo1-300x58.png
1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/ 6 KB
7 KB 21ms
20ms Image
image/webp 108.161.188.228
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/EvaluatorGroup-Logo1-300x58.png
Requested by: Host: www.evaluatorgroup.com
URL: https://www.evaluatorgroup.com/document/ransomware-pulse-survey-2021-research-study/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.228 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5477ebfa4c9f3722e0b4c51744845184001e2ebf1c5e2d78d266abbdb4852f8d

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:27 GMT
last-modified: Fri, 25 Sep 2020 15:57:10 GMT
server: NetDNA-cache/2.2
etag: "5f6e1356-19c0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6592
expires: Tue, 21 Jun 2022 07:16:25 GMT

GET
H2 200 a34defda-9e4a-4c72-9f92-994116a45141 Show response
widgetapi.purechat.com/api/visitorwidget/widgetversions/ 170 B
511 B 353ms
122ms XHR
application/json 3.14.38.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.purechat.com/api/visitorwidget/widgetversions/a34defda-9e4a-4c72-9f92-994116a45141
Requested by: Host: app.purechat.com
URL: https://app.purechat.com/VisitorWidget/WidgetScript
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.14.38.68 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-14-38-68.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 595bb01818aa159dc8eb079e91e349970d89f8cb399d78743eaf64cfeedd0cd7

Request headers

Referer: https://www.evaluatorgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:45:28 GMT
server: Microsoft-IIS/10.0
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.evaluatorgroup.com
access-control-expose-headers: X-Requires-Auth
cache-control: max-age=60
access-control-allow-credentials: true
content-length: 170

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bgdo52kv27s1jc91u2u5ew6-wpengine.netdna-ssl.com
app.purechat.com
fonts.googleapis.com
fonts.gstatic.com
link.evaluatorgroup.com
sc.cdnma.com
widgetapi.purechat.com
www.evaluatorgroup.com
www.youtube.com
108.161.188.228
13.224.193.94
167.89.123.124
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2003
2a00:1450:4001:831::200a
3.14.38.68
35.197.4.246
65.9.77.117
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
0b96d14e9928812e3681307fa02d0eb843d0ec499bb5c2723a1602ee8d085f3f
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
20736f297cc96191469ee02ba7d5fdd73881279cac19e8a8a25af4d54feb9047
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
44b1936529ffcfdf315d0e56760a396b6a33729b0e0c3ae272a5433ced0bf628
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
52a16039da83815b929aa56ed143c3400bcb8601644ccf8ac94359dc36d45c61
5477ebfa4c9f3722e0b4c51744845184001e2ebf1c5e2d78d266abbdb4852f8d
5485c67b00a7b68cebe7ea7175d77c6241de9db537156f36ed92920cd4ae02cc
595bb01818aa159dc8eb079e91e349970d89f8cb399d78743eaf64cfeedd0cd7
62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497
661f05ed0ba12e77656b3d60a7f33bcc466d066900720ff3085e9a22dbd9fa69
664268bd0efac94af0eb610c4e167cfa0103d9e000486554dbb9e338da99c97d
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
8f2a995e50ba46c37e20386121794277866049d4d81ffd07ae77c6ff429ca68d
ac797f95b070018aae7d322d8448fe99e4851a97a80075233a5a97fcde172f0c
bb44879844e200b07989b4c0406c9ed9e466abc3864e620bf68af8e2aaec18b3
cb05856dafe2b0ee4667a66e34bd1ed1c8a6cf2f33ef9ed107e8041064512572
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
e26e7f6da6b1a3704bd774a675fea402f96ee4e17c678b716955e068e4a68f2a
e9a8768c59fb97194bf8bc1b3c1045bc46fc5c332a69611a044b2a8f2f0c5ad7

www.evaluatorgroup.com Open in urlscan Pro 35.197.4.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

40 %IPv6

7 Domains

9 Subdomains

10 IPs

2 Countries

479 kBTransfer

1507 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.evaluatorgroup.com Open in urlscan Pro
35.197.4.246 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

40 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

479 kB
Transfer

1507 kB
Size

0
Cookies

21 HTTP transactions
4 data transactions