www.herjavecgroup.com Open in urlscan Pro
146.88.97.177 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV...
Submission: On December 31 via manual (December 31st 2020, 5:00:39 pm UTC) from CA

Summary HTTP 80 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 19 domains to perform 80 HTTP transactions. The main IP is 146.88.97.177, located in United States and belongs to RMH-14, US. The main domain is www.herjavecgroup.com.
TLS certificate: Issued by R3 on December 10th 2020. Valid for: 3 months.

This is the only time www.herjavecgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	146.88.97.177 146.88.97.177	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
8	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	104.111.236.192 104.111.236.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	65.9.68.26 65.9.68.26	16509 (AMAZON-02) (AMAZON-02)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
4	143.204.215.22 143.204.215.22	16509 (AMAZON-02) (AMAZON-02)
2	65.9.68.52 65.9.68.52	16509 (AMAZON-02) (AMAZON-02)
1	65.9.68.3 65.9.68.3	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.115 143.204.215.115	16509 (AMAZON-02) (AMAZON-02)
80	24

36 146.88.97.177 (United States)

ASN33070 (RMH-14, US)
PTR: herj01vmw02.herjavecgroup.com

www.herjavecgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.94.80 (United States)

ASN13335 (CLOUDFLARENET, US)

app-ab33.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.236.192 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-236-192.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

215-kjb-005.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)

wsmcdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-22.fra53.r.cloudfront.net

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.68.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)

air.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-115.fra53.r.cloudfront.net

zalywzdew6.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	herjavecgroup.com www.herjavecgroup.com	622 KB
8	audioeye.com wsmcdn.audioeye.com wsv3cdn.audioeye.com analytics.audioeye.com air.audioeye.com	207 KB
8	marketo.com app-ab33.marketo.com	77 KB
4	cloudflare.com cdnjs.cloudflare.com	16 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	149 KB
3	fontawesome.com use.fontawesome.com	120 KB
2	nr-data.net bam.nr-data.net	463 B
2	licdn.com snap.licdn.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	marketo.net munchkin.marketo.net	7 KB
2	googletagmanager.com www.googletagmanager.com	72 KB
1	amazonaws.com zalywzdew6.execute-api.us-west-2.amazonaws.com	714 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	doubleclick.net stats.g.doubleclick.net	90 B
1	mktoresp.com 215-kjb-005.mktoresp.com	311 B
1	jquery.com code.jquery.com	29 KB
1	google.com www.google.com	675 B
1	googleapis.com fonts.googleapis.com	741 B
80	19

	Domain	Requested by
36	www.herjavecgroup.com	www.herjavecgroup.com wsv3cdn.audioeye.com
8	app-ab33.marketo.com	www.herjavecgroup.com app-ab33.marketo.com
4	wsv3cdn.audioeye.com	wsmcdn.audioeye.com wsv3cdn.audioeye.com
4	cdnjs.cloudflare.com	www.herjavecgroup.com
3	use.fontawesome.com	www.herjavecgroup.com use.fontawesome.com
2	analytics.audioeye.com	wsv3cdn.audioeye.com
2	bam.nr-data.net	js-agent.newrelic.com
2	px.ads.linkedin.com	1 redirects www.herjavecgroup.com
2	snap.licdn.com	www.herjavecgroup.com snap.licdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	munchkin.marketo.net	www.herjavecgroup.com munchkin.marketo.net
2	www.googletagmanager.com	www.herjavecgroup.com
1	zalywzdew6.execute-api.us-west-2.amazonaws.com	wsv3cdn.audioeye.com
1	air.audioeye.com	wsv3cdn.audioeye.com
1	wsmcdn.audioeye.com	www.herjavecgroup.com
1	js-agent.newrelic.com	www.herjavecgroup.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	215-kjb-005.mktoresp.com	munchkin.marketo.net
1	www.gstatic.com	www.google.com
1	code.jquery.com	www.herjavecgroup.com
1	www.google.com	www.herjavecgroup.com
1	fonts.googleapis.com	www.herjavecgroup.com
80	24

This site contains links to these domains. Also see Links.

Domain
www.proofpoint.com
cofense.com
mp.weixin.qq.com
exchange.xforce.ibmcloud.com
www.recordedfuture.com
threatpost.com
www.cisa.gov
www.us-cert.gov
www.consumer.ftc.gov
twitter.com
www.linkedin.com
www.brighttalk.com
herjavec.service-now.com
customer.herjavecgroup.com
www.robertherjavec.com

Subject Issuer	Validity	Valid
herjavecgroup.com R3	`2020-12-10` - `2021-03-10`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
app-ab33.marketo.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-12-28` - `2021-05-07`	4 months	crt.sh
wsmcdn.audioeye.com Amazon	`2020-10-07` - `2021-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.audioeye.com DigiCert SHA2 Secure Server CA	`2019-04-29` - `2021-05-21`	2 years	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2020-09-12` - `2021-10-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Frame ID: 3253552DB34CD390D943F881D2D0735F
Requests: 79 HTTP requests in this frame

Frame: https://app-ab33.marketo.com/index.php/form/XDFrame
Frame ID: AE9CA7CAC46DAC973FD34E429A610533
Requests: 1 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=54caa5ed1c78fa726e6264825207a8bc
Frame ID: E3BD55EAA1AB421620F8BBC21FA81F4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Advisory: Mitigating Cyber Attacks Using Coronavirus Pandemic - Herjavec Grouptransferclose carousel

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

80
Requests

100 %
HTTPS

50 %
IPv6

19
Domains

24
Subdomains

24
IPs

6
Countries

1336 kB
Transfer

3153 kB
Size

5
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.proofpoint.com/us/threat-insight/post/new-kpot-v20-stealer-brings-zero-persistence-and-memory-features-silently-steal
Title: most recent campaigns

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/corporate-blog/post/coronavirus-themed-attacks-target-global-shipping-concerns
Title: discovered a campaign

Search URL Search Domain Scan URL

URL: https://cofense.com/threat-actors-capitalize-global-concern-coronavirus-new-phishing-campaigns/
Title: spoofing the World Health Organization

Search URL Search Domain Scan URL

URL: https://mp.weixin.qq.com/s/o6KC0k43AuOY5F8FKGbmMg
Title: phishing campaign masquerading as the WHO

Search URL Search Domain Scan URL

URL: https://exchange.xforce.ibmcloud.com/collection/62ed2dd58bbc189efd753918bef1bd05
Title: Lokibot

Search URL Search Domain Scan URL

URL: https://exchange.xforce.ibmcloud.com/collection/Coronavirus-Goes-Cyber-With-Emotet-18f373debc38779065a26f1958dc260b
Title: Emotet

Search URL Search Domain Scan URL

URL: https://www.recordedfuture.com/coronavirus-panic-exploit/?utm_source=hs_email&utm_medium=email&utm_content=84666220&_hsenc=p2ANqtz-92u307LiXH48D2HRlyzpUpQCsMTkxB_e2mHvUM6qatAqbWwK3WzRly-bUazvCDJN5Hpd_hep9nmxm4eWkyj2Li_ywQHw&_hsmi=84666220
Title: targets Italian email addresses

Search URL Search Domain Scan URL

URL: https://threatpost.com/coronavirus-themed-cyberattacks-persists/153493/
Title: phishing email with a PDF

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/sites/default/files/publications/20_0306_cisa_insights_risk_management_for_novel_coronavirus_0.pdf
Title: CISA

Search URL Search Domain Scan URL

URL: https://www.us-cert.gov/ncas/tips/ST04-014
Title: Tips on Avoiding Social Engineering and Phishing Scams

Search URL Search Domain Scan URL

URL: https://www.consumer.ftc.gov/blog/2020/02/coronavirus-scammers-follow-headlines
Title: blog post

Search URL Search Domain Scan URL

URL: https://twitter.com/herjavecgroup

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/the-herjavec-group

Search URL Search Domain Scan URL

URL: https://www.brighttalk.com/channel/17842/
Title: VIEW NOW

Search URL Search Domain Scan URL

URL: https://herjavec.service-now.com/csm
Title: HG Portal Powered By SNow

Search URL Search Domain Scan URL

URL: https://customer.herjavecgroup.com/LiveTime/WebObjects/LiveTime
Title: HG Portal

Search URL Search Domain Scan URL

URL: https://www.robertherjavec.com/
Title: Robert Herjavec

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1800532%2C711401&time=1609434015930&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F%3Fmkt_tok%3DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1800532%252C711401%26time%3D1609434015930%26url%3Dhttps%253A%252F%252Fwww.herjavecgroup.com%252Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%252F%253Fmkt_tok%253DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%253D%253D%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1800532%2C711401&time=1609434015930&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F%3Fmkt_tok%3DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D&liSync=true

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/ 68 KB
19 KB 2215ms
1949ms Document
text/html 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

0da0721e212eda2c13be043e08ee9a2e9f7b88a416bb48d7d0cad66ec5783cfe

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.herjavecgroup.com
:scheme: https
:path: /threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:30 GMT
server: Apache
link: <https://www.herjavecgroup.com/wp-json/>; rel="https://api.w.org/", <https://www.herjavecgroup.com/wp-json/wp/v2/posts/18707>; rel="alternate"; type="application/json", <https://www.herjavecgroup.com/?p=18707>; rel=shortlink
x-frame-options: SAMEORIGIN
cache-control: max-age=0
expires: Thu, 31 Dec 2020 16:55:30 GMT
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 19261
content-type: text/html; charset=UTF-8

GET
H2 200 style.min.css
www.herjavecgroup.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 143ms
136ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-includes/css/dist/block-library/style.min.css?ver=d16146de0ccabcc4001fa10616e81611

Requested by

Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 20:43:06 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 7855
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 simple-sitemap.css
www.herjavecgroup.com/wp-content/plugins/simple-sitemap/lib/assets/css/ 8 KB
2 KB 141ms
134ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=d16146de0ccabcc4001fa10616e81611

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

15933d99089d970b5da34719456dd6f566c0d5177dfe6df5b3eac62a4016cc50

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 22:14:43 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1779
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 front.min.css
www.herjavecgroup.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 141ms
134ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=d16146de0ccabcc4001fa10616e81611

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2020 14:17:08 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1148
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 widget-options.css
www.herjavecgroup.com/wp-content/plugins/widget-options/assets/css/ 1010 B
330 B 261ms
254ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/widget-options/assets/css/widget-options.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 20:53:17 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 270
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
741 B 20ms
13ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400&ver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e75c265dfbe108d4ec4609aaabc6a995e5a88f17fd7c90460c9fccc73331a98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 31 Dec 2020 16:16:30 GMT
server: ESF
date: Thu, 31 Dec 2020 17:00:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Dec 2020 17:00:14 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 53ms
15ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=1
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:14 GMT
content-encoding: gzip
last-modified: Thu, 10 May 2018 15:10:14 GMT
server: NetDNA-cache/2.2
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 style.css
www.herjavecgroup.com/wp-content/themes/herjavecgroup/ 136 KB
20 KB 260ms
254ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/style.css?ver=all

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

98159b655b935ad80d712a5ad05a60dce05a97c2f4c5230adddd7e83d3a243e4

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Apr 2020 18:12:26 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 20044
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 forms.css
www.herjavecgroup.com/wp-content/themes/herjavecgroup/ 18 KB
3 KB 258ms
252ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/forms.css?ver=all

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

0b05581410b21c449f214bc2bc5de782596a0bf6a45358755ee732378ed8ec24

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Nov 2020 18:17:29 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2512
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
718 B 18ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css?ver=all

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 478962
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 394
cf-request-id: 075b573be200002bf603869000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AAf%2FDWh6EwvoO0x%2B82KW0qsigLWyszQdtW4ZHjpvYPOJ2thLiccyyiCauMf2BqT8F3xq3Hvh5b%2BEHtt6M37j%2Bk5TGH5EFg54XstMR1TNdsc4qOVRtSMsYLh9Mz3V3sFjzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60a58e3fddfc2bf6-FRA
expires: Tue, 21 Dec 2021 17:00:14 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
1 KB 17ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css?ver=all

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 478945
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 657
cf-request-id: 075b573be200002bf69a131000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lg%2BU1v22iTgT8TAcFtavQIF1i2qvau4t%2B78esyuPVSHOimGYszqILTwND4oPh7TedRstaGC6MZ74TFktd%2B%2FOJ6%2BhC1FZTOqxLWCDach0L7fo93DY6AzfutZMe1%2FXaPNWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60a58e3fddfd2bf6-FRA
expires: Tue, 21 Dec 2021 17:00:14 GMT

GET
H2 200 tablepress-combined.min.css
www.herjavecgroup.com/wp-content/ 6 KB
2 KB 140ms
135ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/tablepress-combined.min.css?ver=24

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

f896033ffa3479451bfc32fb479f74f5f9ffad3938cee03b83bc7275d1cf3797

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 19:27:56 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2442
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 ytprefs.min.css
www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/styles/ 9 KB
2 KB 141ms
136ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/styles/ytprefs.min.css?ver=13.4.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

b21127e786e95583fff0f6298c1da349929ae4a73b3e168b6124bf2e12e9d19c

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 15:36:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1957
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 lity.min.css
www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ 3 KB
1 KB 258ms
253ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.css?ver=13.4.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 15:36:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 966
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 theme.min.css
www.herjavecgroup.com/wp-content/plugins/motopress-content-editor/includes/css/ 331 KB
41 KB 348ms
344ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/motopress-content-editor/includes/css/theme.min.css?ver=3.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

b8007b45d11a7d1bed74781a9122fb1af14b495ba3e3deba513b8ca0802c2589

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 22:18:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 41521
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 bootstrap-grid.min.css
www.herjavecgroup.com/wp-content/plugins/motopress-content-editor/bootstrap/ 15 KB
3 KB 495ms
490ms Stylesheet
text/css 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/motopress-content-editor/bootstrap/bootstrap-grid.min.css?ver=3.0.6

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

de56c5f70ea565fdc866ade91c95ab84151f55e030f861b3509141b24fd54733

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 22:18:22 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3110
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 front.min.js Show response
www.herjavecgroup.com/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 495ms
491ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2020 14:17:08 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2248
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 jquery.min.js Show response
www.herjavecgroup.com/wp-includes/js/jquery/ 87 KB
30 KB 496ms
492ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 20:43:05 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 30916
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.herjavecgroup.com/wp-includes/js/jquery/ 11 KB
4 KB 495ms
492ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Dec 2020 20:43:05 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4169
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 lity.min.js Show response
www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ 5 KB
2 KB 494ms
491ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.js?ver=13.4.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 15:36:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2359
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 ytprefs.min.js Show response
www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ 14 KB
4 KB 495ms
491ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

354a9d862526130525b533839628d81af68488a25db7473c6ccbb453e4749896

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 15:36:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4342
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42321905-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bfa8c77fde7ea5b345e8f0c78d2a9a99d0c3c248eaf6a364c978a8c69139db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38974
x-xss-protection: 0
last-modified: Thu, 31 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Dec 2020 17:00:15 GMT

GET
H2 200 Logo_dark_retina.png
www.herjavecgroup.com/wp-content/uploads/2018/07/ 14 KB
14 KB 135ms
134ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/07/Logo_dark_retina.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

ab5291ef0fb48251f58a79fdb104aa609bdcb0547645fddc533712cad2601b26

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jan 2020 15:30:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 13908
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:32 GMT

GET
H2 200 Threat-Advisory-Template.jpg
www.herjavecgroup.com/wp-content/uploads/2019/01/ 137 KB
138 KB 135ms
133ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2019/01/Threat-Advisory-Template.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

4a21171b20c09761dd2bd5011180f669917c1a53ac820caf0afaccaa94e8e986

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jan 2019 21:24:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 139850
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:32 GMT

GET
H2 200 forms2.min.js Show response
app-ab33.marketo.com/js/forms2/js/ 205 KB
69 KB 67ms
32ms Script
application/x-javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
age: 3954
etag: "1be03fd-33245-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 60a58e43e8e1c82b-AMS
cf-request-id: 075b573e710000c82b07013000000001
expires: Thu, 31 Dec 2020 21:00:15 GMT

GET
H2 200 twitter1-1.jpg
www.herjavecgroup.com/wp-content/uploads/2018/09/ 9 KB
9 KB 480ms
479ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/09/twitter1-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

ffea769dcbf7534d81bf51a2f4faba6a9cfa88e9f47e9e1e5f92fdfbbcab5436

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 14:51:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 9208
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:32 GMT

GET
H2 200 linkedin1-1.jpg
www.herjavecgroup.com/wp-content/uploads/2018/09/ 9 KB
9 KB 362ms
362ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/09/linkedin1-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

0bcf6d0ce2d2f1c0de7c391ed6b1a84dd5bac8a8666dc7c0f7e453fe5698672f

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 14:51:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 9288
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:33 GMT

GET
H2 200 blog-icon-ret.png
www.herjavecgroup.com/wp-content/uploads/2018/07/ 10 KB
10 KB 360ms
359ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/07/blog-icon-ret.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

634e3b12317ed5d90a471ba205a655e562ab7b077581a2e1e6370e249b62f9b6

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jul 2018 22:21:25 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 9944
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:33 GMT

GET
H2 200 webinar-icon-ret.png
www.herjavecgroup.com/wp-content/uploads/2019/11/ 13 KB
13 KB 134ms
133ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2019/11/webinar-icon-ret.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

b5c77df2eaf5c0ed782a00e4651f0336b848d91f15517abed74da1df8cb52648

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Nov 2019 18:28:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 12944
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:33 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 919 B
675 B 17ms
16ms Script
text/javascript 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef50d68dc1ed393fcfab19a930062dd660e8ae941f66b9fe05dacd1b418af7f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2020 17:00:15 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 26ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js?ver=1.0.0
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1609434015.dop147.fr8.t,1609434015.cds235.fr8.hn,1609434015.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 main.js Show response
www.herjavecgroup.com/wp-content/themes/herjavecgroup/scripts/ 10 KB
3 KB 136ms
133ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/scripts/main.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

fb4b7b62656ffc6a3583f29d81106e285d1bb696f4dee3cc42dea618b3fa1f94

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 May 2019 15:53:59 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2733
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 12ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 478964
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 9564
cf-request-id: 075b573e4f00002bf603902000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XTY0MOnwB%2BhcbpnMdkpiCYyxQeF7FKRgDiQZmPDN3kwBCSbp8PxOFlzWRJNvmp7STAjxerNFgDwHPMTwkMPcomo%2F3CMfIq5%2FJdglr6VsGwaN65lBEce9JsblWJR7iZ%2Be0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60a58e43b9a42bf6-FRA
expires: Tue, 21 Dec 2021 17:00:15 GMT

GET
H2 200 timeline.js Show response
www.herjavecgroup.com/wp-content/themes/herjavecgroup/scripts/ 12 KB
3 KB 136ms
134ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/scripts/timeline.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

bb260fb2dadfd8a4d793f1e32e143b4e5ce6196e170fea30bd0fa87075e72b68

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Aug 2018 22:02:10 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3130
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 12ms
9ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 478962
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 3980
cf-request-id: 075b573e4f00002bf69e0ef000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nm6nQvAu%2FeJZi3wBqvyuAPy%2FZZszdmzqe4m%2BGgSy07wWhraB7uXsxRJbWnRsYmmrkh2PcMqwHjLT9Ic2E6lokEIVSAmxKOO3BC6vBZr%2BUGJ3nMQAY8iYqml8e5%2F7qXyDWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60a58e43b9a52bf6-FRA
expires: Tue, 21 Dec 2021 17:00:15 GMT

GET
H2 200 fitvids.min.js Show response
www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ 3 KB
1 KB 134ms
133ms Script
application/javascript 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/fitvids.min.js?ver=13.4.1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 15:36:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1009
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 16:55:32 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
34 KB 50ms
35ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKBVBM

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7db23fed256f828a27393e3a7655eecc87cb3586d9537091128bc5e2954b4470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34449
x-xss-protection: 0
last-modified: Thu, 31 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Dec 2020 17:00:15 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 76ms
21ms Script
application/x-javascript 104.111.236.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:00:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 bnr-blog.jpg
www.herjavecgroup.com/wp-content/uploads/2018/07/ 45 KB
46 KB 437ms
436ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/07/bnr-blog.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

3c1a34c1281e6fe37e48848499a77ae7a9128596651a08b2b9c74db423da4d98

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jul 2018 20:08:13 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 46566
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:32 GMT

GET
H2 200 bnr-red-overlay.png
www.herjavecgroup.com/wp-content/themes/herjavecgroup/images/ 25 KB
25 KB 438ms
437ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/images/bnr-red-overlay.png

Requested by

Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/style.css?ver=all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

cc6921c7b64aff3781bb2c59cfae81f46dabdf182b2e8d1a384e5f047c768ec5

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/style.css?ver=all
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 May 2019 19:28:34 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 25311
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:32 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.herjavecgroup.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400&ver=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 16:28:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 520330
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Sat, 25 Dec 2021 16:28:05 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.herjavecgroup.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400&ver=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Dec 2020 16:31:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 520150
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 25 Dec 2021 16:31:05 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 49 KB
50 KB 62ms
30ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Origin: https://www.herjavecgroup.com
Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
last-modified: Thu, 10 May 2018 15:10:31 GMT
server: NetDNA-cache/2.2
etag: "8a8c0474283e0d9ef41743e5e486bf05"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 50372

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42321905-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 608
date: Thu, 31 Dec 2020 16:50:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 31 Dec 2020 18:50:07 GMT

GET
H2 200 getForm Show response
app-ab33.marketo.com/index.php/form/ 6 KB
2 KB 368ms
368ms Script
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/index.php/form/getForm?munchkinId=215-KJB-005&form=1645&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F&callback=jQuery112409932215045515214_1609434015416&_=1609434015417

Requested by

Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f205479a8ef9fa0fe12910a3c2ceb8573706da5a04c43c10ecef53f5792e7b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cached: false
strict-transport-security: max-age=63113904
cf-ray: 60a58e4479cac82b-AMS
cf-request-id: 075b573ecc0000c82b0aa93000000001

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 60 KB
60 KB 17ms
17ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

Origin: https://www.herjavecgroup.com
Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
last-modified: Thu, 10 May 2018 15:10:25 GMT
server: NetDNA-cache/2.2
etag: "3654744dc6d6c37c9b3582b57622df5e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 61336

GET
H2 200 getForm Show response
app-ab33.marketo.com/index.php/form/ 4 KB
2 KB 55ms
54ms Script
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-ab33.marketo.com/index.php/form/getForm?munchkinId=215-KJB-005&form=1087&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F&callback=jQuery112409932215045515214_1609434015418&_=1609434015419
Requested by: Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb391801436a2d9d4af52e9119b512784307509be18da0884b8d697facba909

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 075b573ef70000c82bd18d7000000001
content-encoding: gzip
server: cloudflare
date: Thu, 31 Dec 2020 17:00:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 60a58e44ba3bc82b-AMS
cached: true

GET
H2 200 getForm Show response
app-ab33.marketo.com/index.php/form/ 3 KB
2 KB 440ms
439ms Script
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/index.php/form/getForm?munchkinId=215-KJB-005&form=1092&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F&callback=jQuery112409932215045515214_1609434015420&_=1609434015421

Requested by

Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc70988bc3fc7cc4c5fe531b2d6db9a7a14bbd164592a9c0fe2a9b9105aa5f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cached: false
strict-transport-security: max-age=63113904
cf-ray: 60a58e44ea89c82b-AMS
cf-request-id: 075b573f130000c82bfb10e000000001

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 361ms
79ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:00:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=28518
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 27ms
27ms Script
application/x-javascript 104.111.236.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.236.192 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-236-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:00:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 10 Apr 2021 17:00:15 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
393 B 50ms
16ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=100011859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F%3Fmkt_tok%3DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%253D%253D&ul=en-us&de=UTF-8&dt=Threat%20Advisory%3A%20Mitigating%20Cyber%20Attacks%20Using%20Coronavirus%20Pandemic%20-%20Herjavec%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=463271527&gjid=1067630403&cid=255785865.1609434016&tid=UA-42321905-1&_gid=598985146.1609434016&_r=1&gtm=2oubu0&z=750879210

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 17:00:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.herjavecgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 334 KB
131 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.herjavecgroup.com
Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133916
x-xss-protection: 0
last-modified: Sun, 06 Dec 2020 23:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 16:45:06 GMT

GET
H2 200 forms2.css
app-ab33.marketo.com/js/forms2/css/ 13 KB
3 KB 30ms
27ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6773
content-length: 2623
cf-request-id: 075b573f5b0000c82be10c5000000001
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
etag: "1be03f9-3437-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 60a58e455b68c82b-AMS
expires: Thu, 31 Dec 2020 21:00:15 GMT

GET
H2 200 forms2-theme-simple.css
app-ab33.marketo.com/js/forms2/css/ 826 B
371 B 30ms
28ms Stylesheet
text/css 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3399
vary: Accept-Encoding
content-length: 242
cf-request-id: 075b573f5b0000c82b1ca45000000001
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
etag: "1be03f6-33a-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 60a58e455b69c82b-AMS
expires: Thu, 31 Dec 2020 21:00:15 GMT

GET
H/1.1 200
OK visitWebPage Show response
215-kjb-005.mktoresp.com/webevents/ 2 B
311 B 429ms
132ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://215-kjb-005.mktoresp.com/webevents/visitWebPage?_mchNc=1609434015580&_mchCn=&_mchId=215-KJB-005&_mchTk=_mch-herjavecgroup.com-1609434015580-73474&mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D&_mchHo=www.herjavecgroup.com&_mchPo=&_mchRu=%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=mkt_tok%3DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:00:15 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 5cce7e58-6ee1-46ed-91dd-b556fb4e3ef3

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-42321905-1&cid=255785865.1609434016&jid=463271527&gjid=1067630403&_gid=598985146.1609434016&_u=IEBAAUAAAAAAAC~&z=2109117874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 31 Dec 2020 17:00:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.herjavecgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XDFrame
app-ab33.marketo.com/index.php/form/ Frame AE9C 0
0 131ms
126ms Document
text/html 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: app-ab33.marketo.com
:scheme: https
:path: /index.php/form/XDFrame
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=a2fe7821a8101b9d3911033f7941f39ed781652f-1609434015-1800-AXtmmsRMStQMPgISxPNg0t6ToRseCGlk860pSHZlOIeDXLTZmenxVySzsmDBsS/YV8lx1m7KHz7RNUhGXcp/IWE=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D

Response headers

date: Thu, 31 Dec 2020 17:00:15 GMT
content-type: text/html; charset=utf-8
content-length: 652
set-cookie: __cfduid=de638ef90f0890a6f4d041a6bb3ed5d271609434015; expires=Sat, 30-Jan-21 17:00:15 GMT; path=/; domain=.app-ab33.marketo.com; HttpOnly; SameSite=Lax BIGipServerab33web-nginx-app_https=!d/IUdOhybYmxXU9ybf/nLIVwOTHiDgkaz290sedUBpRsKe372XgcvKocN969gqVl/X+dlnAKwzarKjg=;Path=/;Version=1;Secure;Httponly
cache-control: max-age=3600
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-request-id: 075b573faf0000c82bf6ab1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60a58e45ec66c82b-AMS

GET
H2 200 getKnownLead Show response
app-ab33.marketo.com/index.php/form/ 48 B
297 B 353ms
351ms Script
application/javascript 104.16.94.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab33.marketo.com/index.php/form/getKnownLead?form=1645&lpId=&munchkinId=215-KJB-005&filledFields=true&_mkt_trk=id%3A215-KJB-005%26token%3A_mch-herjavecgroup.com-1609434015580-73474&mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D&callback=jQuery112409932215045515214_1609434015416&_=1609434015422

Requested by

Host: app-ab33.marketo.com
URL: https://app-ab33.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fbc24c75e2bf6c5b79052c889c8f8219bd8f79ebe30b9c24a378c161484ad79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/javascript; charset=utf-8
cf-ray: 60a58e46ce40c82b-AMS
cf-request-id: 075b5740420000c82bd7a9b000000001

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 63ms
63ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:00:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33508
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1800532%2C711401&time=1609434015930&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1800532%252C711401%26time%3D1609434015930%26url%3Dhttps%253A%252F%252Fwww.herjave...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1800532%2C711401&time=1609434015930&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F...

0
58 B

182ms
182ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1800532%2C711401&time=1609434015930&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F%3Fmkt_tok%3DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D&liSync=true
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:16 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: TFas9bXbVRYALNLN+yoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: aiDa7bXbVRaADBVePisAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 60A79CB253344029ACD16D1837BFE539 Ref B: FRAEDGE1321 Ref C: 2020-12-31T17:00:16Z
x-frame-options: sameorigin
date: Thu, 31 Dec 2020 17:00:15 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1800532%2C711401&time=1609434015930&url=https%3A%2F%2Fwww.herjavecgroup.com%2Fthreat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic%2F%3Fmkt_tok%3DeyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 21ms
21ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 17:00:16 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4022-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1609434017.596219,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5544

GET
H2 200 aem.js Show response
wsmcdn.audioeye.com/ 12 KB
5 KB 107ms
45ms Script
text/javascript 65.9.68.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsmcdn.audioeye.com/aem.js
Requested by: Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d8b7eae2d3bfcaf1c06ebe5f3414a94ad29f03f7c26f07854c293e2491dd66b4

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 23:13:59 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 23:07:41 GMT
server: Apache
age: 63977
etag: "3125-5b7a275294de7-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4750
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: a44HuQsVZ0-v4dUAlWt-xZ_XgxkzGS7GY0ViZPDyjuDmoQJNV784aQ==

GET
H/1.1 200
OK 8234dd9897 Show response
bam.nr-data.net/1/ 57 B
275 B 455ms
114ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8234dd9897?a=135717986&v=1184.ab39b52&to=Z1AEMRNZChYCBUFZDl4aJwYVUQsLTBVcXgZcUA%3D%3D&rst=4191&ck=1&ref=https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/&ap=1701&be=2230&fe=4126&dc=3073&perf=%7B%22timing%22:%7B%22of%22:1609434012462,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:14,%22ce%22:267,%22rq%22:267,%22rp%22:2216,%22rpe%22:2336,%22dl%22:2220,%22di%22:3073,%22ds%22:3073,%22de%22:3083,%22dc%22:4125,%22l%22:4126,%22le%22:4131%7D,%22navigation%22:%7B%7D%7D&fp=2920&fcp=2920&at=SxcHR1tDGRg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: e02cdaa490caecb3bb5303b6e28acdb8a08d4f866ec1eb932a2d2c81bc95ebe9

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/scripts/ 661 KB
189 KB 118ms
65ms Script
text/javascript 143.204.215.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Requested by: Host: wsmcdn.audioeye.com
URL: https://wsmcdn.audioeye.com/aem.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-22.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: 17a5f9d0c7a13699cc1501439f5dd5944a4859259d31bc7164cc002a365e6c90

Request headers

Origin: https://www.herjavecgroup.com
Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 00:01:11 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 16:52:29 GMT
server: Apache
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800, max-stale=3600, stale-while-revalidate=3600, must-revalidate, public
x-amz-cf-id: Ognm4Y-O60-CKSBvl9osqxBb1uVWRhi7JHwb108IQWHjyHGB9vTRIA==
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)

GET
H2 200 cookieStorage.html
wsv3cdn.audioeye.com/frame/ Frame E3BD 0
0 110ms
48ms Document
text/html 143.204.215.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/frame/cookieStorage.html?build=prod&pscb=54caa5ed1c78fa726e6264825207a8bc
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-22.fra53.r.cloudfront.net
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: wsv3cdn.audioeye.com
:scheme: https
:path: /frame/cookieStorage.html?build=prod&pscb=54caa5ed1c78fa726e6264825207a8bc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D

Response headers

content-type: text/html; charset=UTF-8
content-length: 615
cache-control: public, max-age=365000000, immutable
content-encoding: gzip
date: Tue, 22 Dec 2020 17:38:59 GMT
server: Apache
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: XBcDvz66Scvu5CtQbr0jAZPGYRnDk0gaOhY1mbj8RJjb1gWjpSWpww==
age: 775278

POST
H2 200 send
analytics.audioeye.com/p/v0/ 44 B
402 B 512ms
453ms Other
application/json 65.9.68.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/p/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Dec 2020 17:00:17 GMT
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 1ad2668b-d792-4989-956a-139d168b66f1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5fee03a1-776ed0d45e8044c5628b781a
x-amz-apigw-id: YbWBOGakPHcFqLA=
content-length: 44
x-amz-cf-id: SbmToJTayUbmLSYcwBwg-sBgta6QPuuyZPnO--JaKLiv2ty5rolrSA==

GET
H2 200 aggregate.css
wsv3cdn.audioeye.com/css/ 35 KB
8 KB 50ms
50ms Stylesheet
text/css 143.204.215.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/css/aggregate.css?files=default|core&cb=20201229
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-22.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: aff8293e30bf9d2cd1d6977a279f55d987a9c6ebf0ebfc208cf73f8db8c11e34

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 23:11:00 GMT
content-encoding: gzip
server: Apache
age: 150557
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=UTF-8
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 7454
x-amz-cf-id: 9IA3LT7uwZ29kFzp4KnBudVEX8e5Ri4OcEOFNFgn4MNL6iDgyBHRYg==

GET
H2 200 launcher.css
wsv3cdn.audioeye.com/css/ 16 KB
5 KB 50ms
49ms Stylesheet
text/css 143.204.215.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/css/launcher.css?cb=20201229
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-22.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: d6a1b4ae947439854d7092445e099b0b9966a2365c70cb29f5d16b421b33d951

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 23:10:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 03:18:35 GMT
server: Apache
age: 64158
etag: "3fea-5a9e59030a8db-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 4345
x-amz-cf-id: b_l-MpOml12exg07u1XCbQSCZjuSlbTWhRKRNxSi0K1TY7vFZ5Ze-w==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23a5fe66b6b25170a4aabb1b113d9e4bb0dca96d7a725aafe75592b558b0f2a1

Request headers

Origin: https://www.herjavecgroup.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 sticky-arrow.png
www.herjavecgroup.com/wp-content/themes/herjavecgroup/images/ 293 B
399 B 133ms
132ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/images/sticky-arrow.png

Requested by

Host: www.herjavecgroup.com
URL: https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/style.css?ver=all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

01e403610541b7ccd2f346dc9df3d62b81d1d0d63c88a24c89190bbad0c1aee7

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/wp-content/themes/herjavecgroup/style.css?ver=all
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jan 2020 15:17:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 293
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:34 GMT

POST
H2 200 send
analytics.audioeye.com/p/v0/ 44 B
404 B 173ms
173ms Other
application/json 65.9.68.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/p/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Dec 2020 17:00:17 GMT
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: d3da616b-0cf2-4389-81cc-9a5750c0cd0c
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5fee03a1-58c01c37379b52bd1be481a3
x-amz-apigw-id: YbWBQFTZPHcFvhg=
content-length: 44
x-amz-cf-id: 5IWxdKNJuyXwWysOd61VAPlk4n1qb4A91TIxHVMzg2RvJrU_wN1PDw==

GET
H2 200 Logo_dark_retina.png
www.herjavecgroup.com/wp-content/uploads/2018/07/ 14 KB
14 KB 134ms
134ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/07/Logo_dark_retina.png

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

ab5291ef0fb48251f58a79fdb104aa609bdcb0547645fddc533712cad2601b26

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jan 2020 15:30:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 13908
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

GET
H2 200 Threat-Advisory-Template.jpg
www.herjavecgroup.com/wp-content/uploads/2019/01/ 137 KB
138 KB 250ms
249ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2019/01/Threat-Advisory-Template.jpg

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

4a21171b20c09761dd2bd5011180f669917c1a53ac820caf0afaccaa94e8e986

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Jan 2019 21:24:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 139850
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

GET
H2 200 twitter1-1.jpg
www.herjavecgroup.com/wp-content/uploads/2018/09/ 9 KB
9 KB 963ms
962ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/09/twitter1-1.jpg

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

ffea769dcbf7534d81bf51a2f4faba6a9cfa88e9f47e9e1e5f92fdfbbcab5436

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 14:51:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 9208
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

GET
H2 200 linkedin1-1.jpg
www.herjavecgroup.com/wp-content/uploads/2018/09/ 9 KB
9 KB 1082ms
1081ms Image
image/jpeg 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/09/linkedin1-1.jpg

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

0bcf6d0ce2d2f1c0de7c391ed6b1a84dd5bac8a8666dc7c0f7e453fe5698672f

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 14:51:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 9288
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

GET
H2 200 blog-icon-ret.png
www.herjavecgroup.com/wp-content/uploads/2018/07/ 10 KB
10 KB 1082ms
1081ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/07/blog-icon-ret.png

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

634e3b12317ed5d90a471ba205a655e562ab7b077581a2e1e6370e249b62f9b6

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Jul 2018 22:21:25 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 9944
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

GET
H2 200 webinar-icon-ret.png
www.herjavecgroup.com/wp-content/uploads/2019/11/ 13 KB
13 KB 1200ms
1199ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2019/11/webinar-icon-ret.png

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

b5c77df2eaf5c0ed782a00e4651f0336b848d91f15517abed74da1df8cb52648

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Nov 2019 18:28:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 12944
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

GET
H2 200 Logo_dark_retina.png
www.herjavecgroup.com/wp-content/uploads/2018/07/ 14 KB
14 KB 930ms
930ms Image
image/png 146.88.97.177
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.herjavecgroup.com/wp-content/uploads/2018/07/Logo_dark_retina.png

Requested by

Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.88.97.177 , United States, ASN33070 (RMH-14, US),

Reverse DNS

herj01vmw02.herjavecgroup.com

Software

Apache /

Resource Hash

ab5291ef0fb48251f58a79fdb104aa609bdcb0547645fddc533712cad2601b26

Security Headers

Name	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 16:55:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Jan 2020 15:30:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges: bytes
content-length: 13908
x-xss-protection: 1; mode=block
expires: Fri, 30 Apr 2021 16:55:35 GMT

POST
H2 200 report
air.audioeye.com/ 0
0 590ms
537ms Other
application/json 65.9.68.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://air.audioeye.com/report
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

POST
H2 200 live-monitor-perf
zalywzdew6.execute-api.us-west-2.amazonaws.com/prod/v0/ 378 B
714 B 244ms
190ms Other
application/json 143.204.215.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zalywzdew6.execute-api.us-west-2.amazonaws.com/prod/v0/live-monitor-perf
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/scripts/loader.js?h=af2c102ed42f156763131d5272793a04&lang=en-US&cb=20201229&pscb=54caa5ed1c78fa726e6264825207a8bc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-115.fra53.r.cloudfront.net
Software: /
Resource Hash: e3ac7197796c5b015bc98808d4c6c38f478ae406d9c7cdb9e9a5e2b0d7148a4b

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 31 Dec 2020 17:00:19 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 1c65f110-0f84-446f-aabe-ed44e554d552
x-cache: Miss from cloudfront
content-type: application/json
x-amzn-trace-id: Root=1-5fee03a3-6d804482144a28af408d3ccc
x-amz-apigw-id: YbWBfFQbPHcF_3g=
content-length: 378
x-amz-cf-id: JIX6amqLWO9wfsHtkaiyWEZ8bo0owEx-hCN3hJhgpc6OOuiENzELWw==

POST
H/1.1 200
OK 8234dd9897 Show response
bam.nr-data.net/events/1/ 24 B
188 B 114ms
114ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/8234dd9897?a=135717986&v=1184.ab39b52&to=Z1AEMRNZChYCBUFZDl4aJwYVUQsLTBVcXgZcUA%3D%3D&rst=14191&ck=1&ref=https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.herjavecgroup.com/threat-advisory-mitigate-cyber-attacks-using-coronavirus-pandemic/?mkt_tok=eyJpIjoiTVRGak9UazNZV1F3WW1FMCIsInQiOiJydzdXK3RxWXdVeENpKzVld0J0Q3Yzb1Y5clZDblJKbjdDclg0MXczWUsrN2xrOVhFMUIxdTRoUG1NSUVRUkQrT2RPRncrUjRwN2E4dkRseEVKS3o4SjliaUdYN0dYMUpDaGYrZWVtOWwyZVNXU09mU1ZZTU83bVgxXC9TMG9zSDMifQ%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.herjavecgroup.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.herjavecgroup.com/	1970-01-20 08:35:06	Name: _mkto_trk Value: id:215-KJB-005&token:_mch-herjavecgroup.com-1609434015580-73474
.herjavecgroup.com/	1970-01-19 15:03:54	Name: _gat_gtag_UA_42321905_1 Value: 1
.app-ab33.marketo.com/	1970-01-19 15:03:55	Name: __cf_bm Value: a2fe7821a8101b9d3911033f7941f39ed781652f-1609434015-1800-AXtmmsRMStQMPgISxPNg0t6ToRseCGlk860pSHZlOIeDXLTZmenxVySzsmDBsS/YV8lx1m7KHz7RNUhGXcp/IWE=
.herjavecgroup.com/	1970-01-19 15:05:20	Name: _gid Value: GA1.2.598985146.1609434016
.herjavecgroup.com/	1970-01-20 08:35:06	Name: _ga Value: GA1.2.255785865.1609434016

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.herjavecgroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.1.2(Line 2) Message: YT API init check
console-api	log	URL: https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.1.2(Line 2) Message: YT API init check
console-api	log	URL: https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.1.2(Line 2) Message: YT API init check
console-api	log	URL: https://www.herjavecgroup.com/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=13.4.1.2(Line 2) Message: YT API init check

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

215-kjb-005.mktoresp.com
air.audioeye.com
analytics.audioeye.com
app-ab33.marketo.com
bam.nr-data.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
munchkin.marketo.net
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
use.fontawesome.com
wsmcdn.audioeye.com
wsv3cdn.audioeye.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.herjavecgroup.com
www.linkedin.com
zalywzdew6.execute-api.us-west-2.amazonaws.com
104.111.236.192
104.16.94.80
143.204.215.115
143.204.215.22
146.88.97.177
151.101.114.110
162.247.242.20
192.28.144.124
2001:4de0:ac19::1:b:1b
23.111.9.35
2606:4700::6810:125e
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:1450:400c:c06::9d
2a02:26f0:6c00:296::25ea
2a05:f500:11:101::b93f:9005
65.9.68.26
65.9.68.3
65.9.68.52
01e403610541b7ccd2f346dc9df3d62b81d1d0d63c88a24c89190bbad0c1aee7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b05581410b21c449f214bc2bc5de782596a0bf6a45358755ee732378ed8ec24
0bcf6d0ce2d2f1c0de7c391ed6b1a84dd5bac8a8666dc7c0f7e453fe5698672f
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0da0721e212eda2c13be043e08ee9a2e9f7b88a416bb48d7d0cad66ec5783cfe
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
15933d99089d970b5da34719456dd6f566c0d5177dfe6df5b3eac62a4016cc50
17a5f9d0c7a13699cc1501439f5dd5944a4859259d31bc7164cc002a365e6c90
1bfa8c77fde7ea5b345e8f0c78d2a9a99d0c3c248eaf6a364c978a8c69139db8
1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
23a5fe66b6b25170a4aabb1b113d9e4bb0dca96d7a725aafe75592b558b0f2a1
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986
354a9d862526130525b533839628d81af68488a25db7473c6ccbb453e4749896
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3c1a34c1281e6fe37e48848499a77ae7a9128596651a08b2b9c74db423da4d98
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4a21171b20c09761dd2bd5011180f669917c1a53ac820caf0afaccaa94e8e986
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
634e3b12317ed5d90a471ba205a655e562ab7b077581a2e1e6370e249b62f9b6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fbc24c75e2bf6c5b79052c889c8f8219bd8f79ebe30b9c24a378c161484ad79
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7db23fed256f828a27393e3a7655eecc87cb3586d9537091128bc5e2954b4470
8f205479a8ef9fa0fe12910a3c2ceb8573706da5a04c43c10ecef53f5792e7b4
98159b655b935ad80d712a5ad05a60dce05a97c2f4c5230adddd7e83d3a243e4
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ab5291ef0fb48251f58a79fdb104aa609bdcb0547645fddc533712cad2601b26
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10
afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2
aff8293e30bf9d2cd1d6977a279f55d987a9c6ebf0ebfc208cf73f8db8c11e34
b21127e786e95583fff0f6298c1da349929ae4a73b3e168b6124bf2e12e9d19c
b5c77df2eaf5c0ed782a00e4651f0336b848d91f15517abed74da1df8cb52648
b8007b45d11a7d1bed74781a9122fb1af14b495ba3e3deba513b8ca0802c2589
bb260fb2dadfd8a4d793f1e32e143b4e5ce6196e170fea30bd0fa87075e72b68
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cc6921c7b64aff3781bb2c59cfae81f46dabdf182b2e8d1a384e5f047c768ec5
cfc70988bc3fc7cc4c5fe531b2d6db9a7a14bbd164592a9c0fe2a9b9105aa5f5
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d6a1b4ae947439854d7092445e099b0b9966a2365c70cb29f5d16b421b33d951
d8b7eae2d3bfcaf1c06ebe5f3414a94ad29f03f7c26f07854c293e2491dd66b4
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de56c5f70ea565fdc866ade91c95ab84151f55e030f861b3509141b24fd54733
e02cdaa490caecb3bb5303b6e28acdb8a08d4f866ec1eb932a2d2c81bc95ebe9
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3ac7197796c5b015bc98808d4c6c38f478ae406d9c7cdb9e9a5e2b0d7148a4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e75c265dfbe108d4ec4609aaabc6a995e5a88f17fd7c90460c9fccc73331a98a
ef50d68dc1ed393fcfab19a930062dd660e8ae941f66b9fe05dacd1b418af7f8
efb391801436a2d9d4af52e9119b512784307509be18da0884b8d697facba909
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f896033ffa3479451bfc32fb479f74f5f9ffad3938cee03b83bc7275d1cf3797
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
fb4b7b62656ffc6a3583f29d81106e285d1bb696f4dee3cc42dea618b3fa1f94
ffea769dcbf7534d81bf51a2f4faba6a9cfa88e9f47e9e1e5f92fdfbbcab5436

www.herjavecgroup.com Open in urlscan Pro 146.88.97.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

50 %IPv6

19 Domains

24 Subdomains

24 IPs

6 Countries

1336 kBTransfer

3153 kBSize

5 Cookies

17 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.herjavecgroup.com Open in urlscan Pro
146.88.97.177 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

50 %
IPv6

19
Domains

24
Subdomains

24
IPs

6
Countries

1336 kB
Transfer

3153 kB
Size

5
Cookies

80 HTTP transactions
1 data transactions