get.quorum.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mlsend2.com/link/c/YT0xOTE3NTU0MDI5MDM5MTk2MjExJmM9dzNnNCZlPTAmYj05NTA0Mzc3NTcmZD1qMHI3cDhk.6z7WUAXZ0wZyS0c7...
Effective URL:
https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerabl...
Submission: On March 30 via api (March 30th 2022, 7:26:01 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 47 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is get.quorum.com.
TLS certificate: Issued by R3 on January 25th 2022. Valid for: 3 months.

This is the only time get.quorum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:2e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
3	108.157.4.99 108.157.4.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:3800:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	23.20.88.204 23.20.88.204	14618 (AMAZON-AES) (AMAZON-AES)
13	18.66.242.146 18.66.242.146	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	52.21.234.110 52.21.234.110	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 6	2600:9000:224... 2600:9000:224a:400:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	54.73.212.173 54.73.212.173	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
47	23

1 2606:4700:10::ac43:2e6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

click.mlsend2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

get.quorum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-99.dus51.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:3800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.88.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-88-204.compute-1.amazonaws.com

tracking.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.66.242.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-146.dus51.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.234.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-234-110.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:7::17d8:4dcd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:224a:400:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.212.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-212-173.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	112 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2575 d.adroll.com — Cisco Umbrella Rank: 1600	19 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 385 www.linkedin.com — Cisco Umbrella Rank: 595 px4.ads.linkedin.com — Cisco Umbrella Rank: 4868	4 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 17089	38 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5640	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 7	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	gstatic.com fonts.gstatic.com	64 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 280 fonts.googleapis.com — Cisco Umbrella Rank: 45	26 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 938	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 24620	245 B
1	leadlander.com tracking.leadlander.com — Cisco Umbrella Rank: 119388
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	64 KB
1	quorum.com get.quorum.com	11 KB
1	mlsend2.com 1 redirects click.mlsend2.com — Cisco Umbrella Rank: 117880	299 B
47	19

	Domain	Requested by
13	d9hhrg4mnvzow.cloudfront.net	get.quorum.com
6	s.adroll.com	2 redirects www.googletagmanager.com get.quorum.com s.adroll.com
3	builder-assets.unbounce.com	get.quorum.com
2	www.google.de	get.quorum.com
2	www.google.com	get.quorum.com
2	www.facebook.com	get.quorum.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	get.quorum.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	d34qb8suadcc4g.cloudfront.net	get.quorum.com d34qb8suadcc4g.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	d.adroll.com	s.adroll.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	get.quorum.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	events.ub-analytics.com	get.quorum.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	tracking.leadlander.com	get.quorum.com
1	www.googletagmanager.com	get.quorum.com
1	ajax.googleapis.com	get.quorum.com
1	get.quorum.com
1	click.mlsend2.com	1 redirects
47	25

This site contains no links.

Subject Issuer	Validity	Valid
get.quorum.com R3	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2020-04-28` - `2022-04-28`	2 years	crt.sh
*.ub-analytics.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-06` - `2022-04-06`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Frame ID: 849A776ABBB9A9DAFB69235B59F1DB98
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get a Free Live Demo - Quorum

Page URL History Show full URLs

https://click.mlsend2.com/link/c/YT0xOTE3NTU0MDI5MDM5MTk2MjExJmM9dzNnNCZlPTAmYj05NTA0Mzc3NTcmZD1qMHI3c... HTTP 302
https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_ev... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

91 %
HTTPS

67 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

489 kB
Transfer

1241 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mlsend2.com/link/c/YT0xOTE3NTU0MDI5MDM5MTk2MjExJmM9dzNnNCZlPTAmYj05NTA0Mzc3NTcmZD1qMHI3cDhk.6z7WUAXZ0wZyS0c7fRi3H5B4jLm690rjf1ITesEYbTg HTTP 302
https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsletter%26utm_term%3D2022-03-30%26utm_medium%3Demail HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1041060%26time%3D1648668356229%26url%3Dhttps%253A%252F%252Fget.quorum.com%252F%253Futm_campaign%253Dupdate_cisa_consider_every_sector_vulnerable%2526utm_source%253Dnewsletter%2526utm_term%253D2022-03-30%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsletter%26utm_term%3D2022-03-30%26utm_medium%3Demail&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsletter%26utm_term%3D2022-03-30%26utm_medium%3Demail&liSync=true&e_ipv6=AQKff14I-hQh_gAAAX_cSrBy143x2kYWz8xKtLWNI5Ro9dz4GgpoGlanQpcVyCd_gwum_l1Q

Request Chain 34

https://s.adroll.com/j/exp/QPOPT74FAVGP3KXV652H27/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 35

https://s.adroll.com/j/pre/QPOPT74FAVGP3KXV652H27/XTLIQJM44RCAJIK42OAXWF/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
get.quorum.com/
Redirect Chain

https://click.mlsend2.com/link/c/YT0xOTE3NTU0MDI5MDM5MTk2MjExJmM9dzNnNCZlPTAmYj05NTA0Mzc3NTcmZD1qMHI3cDhk.6z7WUAXZ0wZyS0c7fRi3H5B4jLm690rjf1ITesEYbTg
https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

68 KB
11 KB

82ms
18ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d879b245eac6242a0c4ac1196e066f02ab5ac9d9abaa053cfa995b1d2511a028

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

connection: close
content-encoding: gzip
content-location: https://get.quorum.com/
content-type: text/html; charset=UTF-8
date: Wed, 30 Mar 2022 19:25:55 GMT
etag: "c:c3f8c27170d367e561bec24bb0e24226"
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
link: <https://get.quorum.com/>; rel="canonical"
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: 0c507ccf-2abf-44b5-8e1b-4fc775314bb3
x-unbounce-variant: c
x-unbounce-visitorid: 2ec5bc6a-432e-464a-90a1-47cbaf75cafb

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 6f433be638d39183-FRA
content-encoding: gzip
date: Wed, 30 Mar 2022 19:25:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 51ms
9ms Stylesheet
text/css 108.157.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 01:12:18 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:54 GMT
server: AmazonS3
age: 4644818
etag: "43729a62fb549c1f6784cd5cc32082e0"
x-cache: Hit from cloudfront
x-amz-version-id: kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: 495hsxZqPByxlxFPirj_8m0w7NRcwDtGOf5kCWa4H0vmhi25FAuaRQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Mar 2023 20:46:38 GMT

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 51ms
10ms Script
application/javascript 108.157.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:20:08 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 22:29:05 GMT
server: AmazonS3
age: 29189148
etag: "ea132b475b756b7f755049edca93b98c"
x-cache: Hit from cloudfront
x-amz-version-id: KxeWw.rsdMt236FNaf3m5f2PRohd8nQX
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 1991
x-amz-cf-id: DcBLnM_6te-dHB6AYZ9QKQDUyPdMRdWqOBi3A24fdFLRtEmO8KySHQ==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 159ms
7ms Script
application/javascript 2600:9000:2156:3800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 03 May 2021 00:38:38 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 28666038
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: 7EIv7UeS3s-068Qsv5Vijhof-QOzfpc0OqTgAPQzh_NdxQQdn7ea4w==

GET
H2 200 main.bundle-fed11df.z.js Show response
builder-assets.unbounce.com/published-js/ 102 KB
33 KB 12ms
12ms Script
application/javascript 108.157.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 06 May 2021 20:57:02 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 18:27:02 GMT
server: AmazonS3
age: 28333734
etag: "02427a0829fed4e24e9864e2f6f1d669"
x-cache: Hit from cloudfront
x-amz-version-id: PY5jXkWzij7RMiymy035twJKn1QV7eth
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
content-length: 33154
x-amz-cf-id: -xm5NMnGEt5rHxMzY7Jpw_QJJrsXMTOZv7nZug3ebw0YSaz7Gg10lw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
64 KB 145ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBH3M8V

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19fa33f73fb44d77960e3d2a676f456afd865dd12a9870caa77d74916cb966fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65154
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Mar 2022 19:25:56 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 403 lt.min.js
tracking.leadlander.com/ 0
0 346ms
100ms Script
text/html 23.20.88.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.leadlander.com/lt.min.js
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.88.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-88-204.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 97401aa6-bg-image_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 49 KB
49 KB 467ms
434ms Image
image/jpeg 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/97401aa6-bg-image_100000000000000000001o.jpg
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc635f34c74b3eb937c02f2e7e812d486b3f05f40e3351a8da5a3451ca94a4fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "d9622004155832ea5963730367e2dd7d"
x-cache: Miss from cloudfront
x-amz-version-id: 2_a8.c6R6bBemkjGLdgxYv.FiFu.vo9O
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 49746
x-amz-cf-id: YWd-6jr5p_2Cy_pvahYQSuxsS8dOu8m7bhdMKqv8L0dQQXlt0CSZlw==

GET
BLOB 200
OK 732219e8-d826-4e22-b0b3-fe13037f2d20
https://get.quorum.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.quorum.com/732219e8-d826-4e22-b0b3-fe13037f2d20
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:700,regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61b17c625de03a127c2579de26aea78d2c57662217a58c71c7ca23097a675d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 19:25:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 30 Mar 2022 19:25:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Mar 2022 19:25:56 GMT

GET
H2 200 fef179ed-pcmag-logo_105903f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 2 KB
2 KB 437ms
436ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/fef179ed-pcmag-logo_105903f000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0dc6ec78e949b73288651196ab4d5c4f727a229085127f8e3bddfe0ee9b6f44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "7b35709f7273f56f5c2feef4bed5ef7b"
x-cache: Miss from cloudfront
x-amz-version-id: z..sIn3dFdBRHNPymYy_cS6JzMeNqQsE
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1803
x-amz-cf-id: SqcXnGjYmOEU5aO3_MZ7STI8aF1YAlDDnHJ5SCrZJOe8tkabVYZiSg==

GET
H2 200 d2dcc93b-quorum-logo-transparent_1060023000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 4 KB
4 KB 436ms
435ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/d2dcc93b-quorum-logo-transparent_1060023000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aa491678f71dd8b428cf3c939e33cc8f49c7eaa79ab8796e0bb34b5a639d9a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "10e7f2369f81120a54f1decabcb3b644"
x-cache: Miss from cloudfront
x-amz-version-id: 8nwMTheJ2IyseyqqRCg3SmIlV6IEXQkJ
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 3907
x-amz-cf-id: 6YNXR9Q-Z1FK7WY40dL7yoPyI5-GnCxkkJwoVb3GheGclhpRPSb4Ag==

GET
H2 200 d9e9b262-dickenson-county-public-schools-b-w-transparent_103102t03102s000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 6 KB
6 KB 444ms
444ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/d9e9b262-dickenson-county-public-schools-b-w-transparent_103102t03102s000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4046725c9f75b88e93a9b1f4c9431b3b137ebf07153f159b43d6b3ffd48317

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "c42a144700161d1554c4a01a0d4761f7"
x-cache: Miss from cloudfront
x-amz-version-id: hWzNF3jqlX8IeaH7D2eDF1QlaNjVT.NE
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 6023
x-amz-cf-id: zwLXGGUO-BpXGJKRwkRA0CvOohk88oGYrph6L_IVxb21aL71BvR7GQ==

GET
H2 200 086ddb08-f-m-bank-b-w-transparent_102f01t02e01r000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 1 KB
2 KB 454ms
453ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/086ddb08-f-m-bank-b-w-transparent_102f01t02e01r000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02161a60773c171239e5aa283fc593e886693d4b6e8795ca2c16bec3a3e87c31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "e0c350e0de3ebf9d20b4ef8389decbc4"
x-cache: Miss from cloudfront
x-amz-version-id: Fyq9CToIvHCKz70CwfZicSXJKr4w0U18
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1518
x-amz-cf-id: lWbSN6IixpZUNyupNBVPFReACyze3bIGRTdHQuMfG-e1nqumYuOHAw==

GET
H2 200 ec96b4fb-lg-chem-logo-b-w-transparent_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 1 KB
2 KB 430ms
429ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ec96b4fb-lg-chem-logo-b-w-transparent_1000000000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50635f09f92e649a828239e21346ea253ea41f3fd4e0880dd11b8608a46b3b2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "8bff4c8726e68c50906c99c582429e91"
x-cache: Miss from cloudfront
x-amz-version-id: ydPo_RAsjb_b9CyX4B5IMOwOmok5s8pu
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1376
x-amz-cf-id: og73dSDLEvqhJJ_-ZNr9L0zbYYH4jhVhkLqUwdKb9H2ZGuwFKpghGg==

GET
H2 200 73a404e2-westin-hotel-resorts-transparent_105j02105i020000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 5 KB
5 KB 430ms
429ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/73a404e2-westin-hotel-resorts-transparent_105j02105i020000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d1cfeafa97af940fe2039b743a1d102b1fba0f5d6a18f3f4829e08a38001cc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "8cd161840e69d62bf45a85a65aba4393"
x-cache: Miss from cloudfront
x-amz-version-id: AT0xgzsLt7pV6UqWtyTwUun0ozuJIqpy
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 4668
x-amz-cf-id: CFZtB1GrgAH6pnZ5Zenaz5FxeHxpd-Wf_M7CPVgakjHeaPS-fSrFlg==

GET
H2 200 25b1260a-franklin-weinrib-rudell-vassollo-b-w-transparent_104100y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 2 KB
2 KB 428ms
427ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/25b1260a-franklin-weinrib-rudell-vassollo-b-w-transparent_104100y000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e8bb36a037cc3bf95b372e165867dae5477851dad0083e5b61f24b4978fc620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "0dd48c070ea50900fc54b9da61570f90"
x-cache: Miss from cloudfront
x-amz-version-id: PWUSQrHXtzc.WtzZstY7twFMleXcnQoN
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 1817
x-amz-cf-id: 9TiAvNkQ6b-6RBF6f0YWAbPrTO3H_6VgHvlRLUV6jBz-C5dkoaFDWQ==

GET
H2 200 8f4389b7-alacarte-stars-full_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 297 B
677 B 424ms
423ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/8f4389b7-alacarte-stars-full_1000000000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df6c6512fb50662938ad2a4bcf8654b7cb8bcf26c83a4ab3dc51a5f1874abee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "6fc3d377c405fa23af1564230605180f"
x-cache: Miss from cloudfront
x-amz-version-id: nhEX_xeS27y.T_Apzotr4Oe20JeADQt7
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 297
x-amz-cf-id: EDU2PViyrNRYvaQOWvU2Xzf2MHMNafsAt87h9yoFdsxB4-9PvzP8WQ==

GET
H2 200 e0e47440-58afdad6829958a978a4a693_100g00g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 224 B
607 B 486ms
485ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/e0e47440-58afdad6829958a978a4a693_100g00g000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd6b1d4745daf2de34801be0651b2fb8de80deee3f6de1bb8481b97aac328bf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "9cb156bd8193eb50709213a36324ff49"
x-cache: Miss from cloudfront
x-amz-version-id: 91.FImSPKSBnTHC85EvFtxCuwnRhHoYp
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 224
x-amz-cf-id: l0Hmnt7hIvpm2QmFOnpw9wGG_xmXhYkP3QhdT5CnpKsF_4EHYuXURQ==

GET
H2 200 9a54ded9-red-circle-hallow_100g00g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 269 B
650 B 418ms
417ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/9a54ded9-red-circle-hallow_100g00g000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c619f677948a2d987c0edeec6a3c774d530b769b06ec47d7ff39725dcdb8ee50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "4be67a21569820c2609a31b21098e3a7"
x-cache: Miss from cloudfront
x-amz-version-id: NIYr4or71TuSIda0bpYx0eG04nEx6Si8
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 269
x-amz-cf-id: AMZVkH4L5xMzLYAbOHfygnd83OQ8SybIJJApXCwkbY53oNVgX9tgww==

GET
H2 200 7d11355c-gartner-peer-insights-logo_106z01k000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 3 KB
4 KB 504ms
503ms Image
image/png 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/7d11355c-gartner-peer-insights-logo_106z01k000000000000028.png
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbe318cf21424f82226b787e4803e10d12357df79b34686698051fa570c7f9d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "b4185138b59943144a94eeeb8a8d1611"
x-cache: Miss from cloudfront
x-amz-version-id: FKAG50F7AJiQjVvlPhaF1ZTKQBjCThED
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 3251
x-amz-cf-id: nU8l2fJiqEJjH9MABTzJc-7LtdUgbouFXVCaGeEEFg57pFA6Hlo1hA==

GET
H2 200 1109604b-bo-heinemeyer_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/get.quorum.com/ 1 KB
2 KB 494ms
494ms Image
image/jpeg 18.66.242.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.quorum.com/1109604b-bo-heinemeyer_100000000000000000001o.jpg
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-146.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85e6bbaaebf6e98b3f88ec4ef4724eab21a2c8463cd4f90efc0d5126337f7a5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:57 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Sat, 05 Jun 2021 06:13:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "8a0f25bd0f4a1c585b5e35b1f446e023"
x-cache: Miss from cloudfront
x-amz-version-id: qh6FFZN5ov3H8WSVZUm_vU3LaLaJwfo6
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 1204
x-amz-cf-id: 1ES6eOMClcLrmuW5GYZfp9By8LF4qLeQsMq-NgJbhoFdnvu6314fzw==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 13ms
13ms Script
application/javascript 2600:9000:2156:3800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 17:27:36 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 2167101
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: SHR2_eS9FXXkBMEutsqrvtTF5aLSE2HOALT3gT0ZxY2xE6Ak0Ey8EA==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 312ms
98ms Image
image/gif 52.21.234.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1648668356038&e=pv&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&page=Get%20a%20Free%20Live%20Demo%20-%20Quorum&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=6b3e8c8a-6bbb-4ff1-90c9-9ef19dad0f2b&dtm=1648668356036&vp=1600x1200&ds=1600x1466&vid=1&sid=0bd11a91-5f10-497d-b0c3-21055128cf9a&duid=7d244877-4164-4534-8428-f496bcd22fc9&uid=2ec5bc6a-432e-464a-90a1-47cbaf75cafb&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMGM1MDdjY2YtMmFiZi00NGI1LThlMWItNGZjNzc1MzE0YmIzIiwidmFyaWFudElkIjoiYyIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.234.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-234-110.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 30 Mar 2022 19:25:56 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v19/ 34 KB
34 KB 161ms
77ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.quorum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:33:05 GMT
x-content-type-options: nosniff
age: 604371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:33:05 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v19/ 29 KB
30 KB 116ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v19/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get.quorum.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 19:33:05 GMT
x-content-type-options: nosniff
age: 604371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Mar 2023 19:33:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBH3M8V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6666
date: Wed, 30 Mar 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 30 Mar 2022 19:34:50 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 143ms
58ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBH3M8V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14883
x-xss-protection: 0
server: cafe
etag: 14534967036905587165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:25:56 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 43ms
8ms Script
application/x-javascript 2a02:26f0:3500:7::17d8:4dcd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBH3M8V
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:7::17d8:4dcd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 19:25:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Mar 2022 23:45:34 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=76145
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3104

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: TfbKDP1WNnBsWAn7JIOIuJfast1E96jC9d1WZla8pyXDxT/n1xgFmnwuY9Kzh0WBofLLlYSZAjEVM4i/bZuInQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 30 Mar 2022 19:25:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 46 KB
15 KB 62ms
12ms Script
text/javascript 2600:9000:224a:400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBH3M8V
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d08ed7aef62fa1be527ce516628565144f91a7fea0d8ae83563b2f99be3be40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id: _3nFfYATNy_pI_.EJZcV.RH2qsgiIWTu
Content-Encoding: gzip
Etag: W/"6cc81f48f8a423da1a2a12c72202a61f"
Age: 1028
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Last-Modified: Tue, 29 Mar 2022 16:21:44 GMT
Server: AmazonS3
Date: Wed, 30 Mar 2022 19:08:58 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Vt0Qzpm6o-b6dqKMwrz7pXQuhKA6Ce8H6-BgFyza5YU1SyD81LcYdQ==

GET
H2 200 2342589122432627 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2342589122432627?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec56483982a0f05c40744fe0f67f04cac9f0d80b3c24fd1e66a0e2c5b6325b49

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: F1j8MaSV6sGVmkIRleIio4ckyeX8kNOM8GwaAanSlGtczkgIksr78lwCiHT89LdzhqWqUDSOntQOF/FBI0SjxA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 30 Mar 2022 19:25:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsle...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1041060%26time%3D1648668356229%26url%3Dhttps%253A%252F%252Fget.quorum.com%252F%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsle...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsl...

0
481 B

201ms
183ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsletter%26utm_term%3D2022-03-30%26utm_medium%3Demail&liSync=true&e_ipv6=AQKff14I-hQh_gAAAX_cSrBy143x2kYWz8xKtLWNI5Ro9dz4GgpoGlanQpcVyCd_gwum_l1Q
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:56 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 298C6364E6524E8E9FB025BBEA208A54 Ref B: FRAEDGE1321 Ref C: 2022-03-30T19:25:56Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXbdIPEKNjVt13SDwFUQw==
x-li-fabric: prod-lor1

Redirect headers

date: Wed, 30 Mar 2022 19:25:56 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 06059BE1088B4706A13BC9115815C4C0 Ref B: FRAEDGE1321 Ref C: 2022-03-30T19:25:56Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1041060&time=1648668356229&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_source%3Dnewsletter%26utm_term%3D2022-03-30%26utm_medium%3Demail&liSync=true&e_ipv6=AQKff14I-hQh_gAAAX_cSrBy143x2kYWz8xKtLWNI5Ro9dz4GgpoGlanQpcVyCd_gwum_l1Q
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXbdIPBB8xk3ZtTa6gSJQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/QPOPT74FAVGP3KXV652H27/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

20ms
12ms

Script
application/javascript

2600:9000:224a:400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: HTTP/1.1
Server: 2600:9000:224a:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id: Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 56480
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 03 Mar 2022 22:40:46 GMT
Server: AmazonS3
Date: Wed, 30 Mar 2022 03:44:47 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: S8zZID7nkEy2N-XUb6qhpvhdMzhjhqdNCrbXK5XiMjZPahR2V9mI1A==

Redirect headers

Date: Wed, 30 Mar 2022 07:16:20 GMT
Via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Age: 43776
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: vRn3YPXyMH2hImOefefeEZSD7W8kb6HTW4qZS6_3QaSXgDaUA-gabA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/QPOPT74FAVGP3KXV652H27/XTLIQJM44RCAJIK42OAXWF/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

11ms
11ms

Script
application/javascript

2600:9000:224a:400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30
Protocol: HTTP/1.1
Server: 2600:9000:224a:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 65805
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Wed, 30 Mar 2022 01:09:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Uwdo0ROfCeoWox5iyg5yposXVqKqL-RRZ-IkChEHfVGGRiL9ErSrSQ==

Redirect headers

Date: Wed, 30 Mar 2022 07:16:20 GMT
Via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
Age: 43775
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: DUS51-P1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 8ICKASNhNrlAnLfIsYQCKD_XGS_5CJyQlw1D-pCGFk9pu4OofXDp9A==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/QPOPT74FAVGP3KXV652H27/XTLIQJM44RCAJIK42OAXWF/ 0
782 B 207ms
185ms Script
text/javascript 2600:9000:224a:400:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/QPOPT74FAVGP3KXV652H27/XTLIQJM44RCAJIK42OAXWF/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-Amz-Version-Id: IbVT4Bhz8egDyfmLIB0OtQXkV9TbkDra
Via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Tue, 29 Mar 2022 18:14:40 GMT
Server: AmazonS3
Date: Wed, 30 Mar 2022 19:25:57 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2EkakQzJlAHBd2n3RAZB9ny1bfWmEJmM8ISlIgj-TlbT6ky8Shd3GA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2342589122432627&ev=PageView&dl=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&rl=&if=false&ts=1648668356295&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1648668356294.31471900&it=1648668356221&coo=false&exp=p0&rqm=GET

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 30 Mar 2022 19:25:56 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 92ms
46ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1030192056&t=pageview&_s=1&dl=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&ul=en-us&de=UTF-8&dt=Get%20a%20Free%20Live%20Demo%20-%20Quorum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=33942854&gjid=1509292236&cid=1967776554.1648668356&tid=UA-97385896-1&_gid=339365455.1648668356&_r=1&gtm=2wg3n1MBH3M8V&z=1616242038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.quorum.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 19:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.quorum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/870478611/ 2 KB
2 KB 135ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870478611/?random=1648668356342&cv=9&fst=1648668356342&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&tiba=Get%20a%20Free%20Live%20Demo%20-%20Quorum&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

640fa218f5e7d5b1b8aec38096a249253f69ffa6bfecdf352b09193faeca1cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 19:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 QPOPT74FAVGP3KXV652H27 Show response
d.adroll.com/consent/check/ 449 B
542 B 109ms
31ms Script
application/javascript 54.73.212.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/QPOPT74FAVGP3KXV652H27?arrfrr=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&_s=32ca50511590333577ede34a65462e48&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.212.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-212-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 733b2e0e12228d06ab73cace84652d27749991fe71492ec9803181d25f92aa45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:56 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 59ms
23ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97385896-1&cid=1967776554.1648668356&jid=33942854&gjid=1509292236&_gid=339365455.1648668356&_u=YEBAAEAAAAAAAC~&z=1417532958

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.quorum.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Mar 2022 19:25:56 GMT
content-type: text/plain
access-control-allow-origin: https://get.quorum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/870478611/ 42 B
548 B 142ms
53ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/870478611/?random=1648668356342&cv=9&fst=1648666800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&tiba=Get%20a%20Free%20Live%20Demo%20-%20Quorum&async=1&fmt=3&is_vtc=1&random=3124105576&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 19:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/870478611/ 42 B
548 B 143ms
55ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/870478611/?random=1648668356342&cv=9&fst=1648666800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&tiba=Get%20a%20Free%20Live%20Demo%20-%20Quorum&async=1&fmt=3&is_vtc=1&random=3124105576&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 19:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 162ms
75ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97385896-1&cid=1967776554.1648668356&jid=33942854&_u=YEBAAEAAAAAAAC~&z=1986301431

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 19:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 162ms
76ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97385896-1&cid=1967776554.1648668356&jid=33942854&_u=YEBAAEAAAAAAAC~&z=1986301431

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 19:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2342589122432627&ev=Microdata&dl=https%3A%2F%2Fget.quorum.com%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dupdate_cisa_consider_every_sector_vulnerable%26utm_term%3D2022-03-30&rl=&if=false&ts=1648668356798&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Get%20a%20Free%20Live%20Demo%20-%20Quorum%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22See%20how%20Quorum%20can%20give%20you%201-click%20instant%20recovery%2C%20providing%20you%20with%20full%20immediate%20recovery%20of%20your%20critical%20systems%20after%20any%20storage%2C%20system%2C%20or%20site%20failure.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Get%20a%20Free%20Live%20Demo%20-%20Quorum%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fget.quorum.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi.imgur.com%2Fq5Uweaa.png%22%2C%22og%3Aimage%3Awidth%22%3A%22600%22%2C%22og%3Aimage%3Aheight%22%3A%22315%22%2C%22og%3Adescription%22%3A%22See%20how%20Quorum%20can%20give%20you%201-click%20instant%20recovery%2C%20providing%20you%20with%20full%20immediate%20recovery%20of%20your%20critical%20systems%20after%20any%20storage%2C%20system%2C%20or%20site%20failure.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1648668356294.31471900&it=1648668356221&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: get.quorum.com
URL: https://get.quorum.com/?utm_source=newsletter&utm_medium=email&utm_campaign=update_cisa_consider_every_sector_vulnerable&utm_term=2022-03-30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://get.quorum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 19:25:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 30 Mar 2022 19:25:56 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get.quorum.com/	1970-01-20 06:22:45	Name: ubpv Value: c%2C0c507ccf-2abf-44b5-8e1b-4fc775314bb3
get.quorum.com/	1970-01-20 06:17:00	Name: ubvs Value: 2ec5bc6a-432e-464a-90a1-47cbaf75cafb
.quorum.com/	1970-01-20 02:02:07	Name: ubvt Value: 2ec5bc6a-432e-464a-90a1-47cbaf75cafb
.quorum.com/	1970-01-20 04:07:24	Name: _gcl_au Value: 1.1.840340351.1648668356
.quorum.com/	1970-01-20 04:07:24	Name: _fbp Value: fb.1.1648668356294.31471900
.quorum.com/	1970-01-20 19:29:00	Name: _ga Value: GA1.2.1967776554.1648668356
.quorum.com/	1970-01-20 01:59:14	Name: _gid Value: GA1.2.339365455.1648668356
.quorum.com/	1970-01-20 01:57:48	Name: _gat_UA-97385896-1 Value: 1
.linkedin.com/	1970-01-20 02:41:00	Name: UserMatchHistory Value: AQJqKA_CHi_qJAAAAX_cSq75-_t5kxnAXdysi-u9WmkfEjIyQN-d-bp-jZPaB1ZVWO0OWfyGBftAxQ
.linkedin.com/	1970-01-20 02:41:00	Name: AnalyticsSyncHistory Value: AQJg6GcBorUrZAAAAX_cSq75HDnBvQKc08t-T7ES6-d5R8vJUFQDYkJQ_fh3ZyXt8XAGTgMskaArDNX_dYXZCQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:29:42	Name: bcookie Value: "v=2&801da86e-2429-4113-8f97-de845bd7cbeb"
.linkedin.com/	1970-01-20 01:59:14	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2366:u=1:x=1:i=1648668356:t=1648754756:v=2:sig=AQHoP0Bwlbv42NpCFCx-vbRapfKVdfyn"
.doubleclick.net/	1970-01-20 01:57:49	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 19:29:42	Name: bscookie Value: "v=1&2022033019255648d77146-c8cb-4782-8933-7ce395d7a8bdAQGZdMszC0FvxeNicWsqytYNnGLppSgg"
.linkedin.com/	1970-01-20 19:27:45	Name: li_gc Value: MTswOzE2NDg2NjgzNTY7MjswMjEd03CJlVaKqhEanUwxNyuew+Y0kKDxGP7VHo8ucg1R9A==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tracking.leadlander.com/lt.min.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
builder-assets.unbounce.com
click.mlsend2.com
connect.facebook.net
d.adroll.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
get.quorum.com
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
snap.licdn.com
stats.g.doubleclick.net
tracking.leadlander.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
108.157.4.99
13.107.42.14
142.250.181.226
18.66.242.146
23.20.88.204
2600:9000:2156:3800:1d:11cf:5800:93a1
2600:9000:224a:400:6:9280:1080:93a1
2606:4700:10::ac43:2e6
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:809::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2008
2a00:1450:4025:401::9b
2a02:26f0:3500:7::17d8:4dcd
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.202.50
52.21.234.110
54.73.212.173
02161a60773c171239e5aa283fc593e886693d4b6e8795ca2c16bec3a3e87c31
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0e8bb36a037cc3bf95b372e165867dae5477851dad0083e5b61f24b4978fc620
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19fa33f73fb44d77960e3d2a676f456afd865dd12a9870caa77d74916cb966fa
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
4aa491678f71dd8b428cf3c939e33cc8f49c7eaa79ab8796e0bb34b5a639d9a2
50635f09f92e649a828239e21346ea253ea41f3fd4e0880dd11b8608a46b3b2b
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
61b17c625de03a127c2579de26aea78d2c57662217a58c71c7ca23097a675d14
640fa218f5e7d5b1b8aec38096a249253f69ffa6bfecdf352b09193faeca1cd2
6df6c6512fb50662938ad2a4bcf8654b7cb8bcf26c83a4ab3dc51a5f1874abee
733b2e0e12228d06ab73cace84652d27749991fe71492ec9803181d25f92aa45
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7d1cfeafa97af940fe2039b743a1d102b1fba0f5d6a18f3f4829e08a38001cc7
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e6bbaaebf6e98b3f88ec4ef4724eab21a2c8463cd4f90efc0d5126337f7a5a
8d08ed7aef62fa1be527ce516628565144f91a7fea0d8ae83563b2f99be3be40
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa4046725c9f75b88e93a9b1f4c9431b3b137ebf07153f159b43d6b3ffd48317
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
b0dc6ec78e949b73288651196ab4d5c4f727a229085127f8e3bddfe0ee9b6f44
bd6b1d4745daf2de34801be0651b2fb8de80deee3f6de1bb8481b97aac328bf1
c619f677948a2d987c0edeec6a3c774d530b769b06ec47d7ff39725dcdb8ee50
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d879b245eac6242a0c4ac1196e066f02ab5ac9d9abaa053cfa995b1d2511a028
dbe318cf21424f82226b787e4803e10d12357df79b34686698051fa570c7f9d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec56483982a0f05c40744fe0f67f04cac9f0d80b3c24fd1e66a0e2c5b6325b49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fc635f34c74b3eb937c02f2e7e812d486b3f05f40e3351a8da5a3451ca94a4fb
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

get.quorum.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

91 %HTTPS

67 %IPv6

19 Domains

25 Subdomains

23 IPs

4 Countries

489 kBTransfer

1241 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.quorum.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

91 %
HTTPS

67 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

489 kB
Transfer

1241 kB
Size

17
Cookies

47 HTTP transactions
1 data transactions