www.bankinfosecurity.co.uk Open in urlscan Pro
50.56.167.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Submission: On February 04 via api (February 4th 2020, 6:21:10 pm UTC) from US

Summary HTTP 200 Redirects Links 69 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 33 domains to perform 200 HTTP transactions. The main IP is 50.56.167.254, located in San Antonio, United States and belongs to RMH-14, US. The main domain is www.bankinfosecurity.co.uk.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 5th 2019. Valid for: 2 years.

This is the only time www.bankinfosecurity.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	50.56.167.254 50.56.167.254	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
2	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
77	23.210.249.12 23.210.249.12	16625 (AKAMAI-AS) (AKAMAI-AS)
7	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	104.130.251.6 104.130.251.6	33070 (RMH-14) (RMH-14)
3	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
2	95.101.176.176 95.101.176.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
3 9	52.215.103.126 52.215.103.126	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:38f::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	104.20.4.43 104.20.4.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
5	2606:4700::68... 2606:4700::6810:4fa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	52.55.162.167 52.55.162.167	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
22	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO)
1 1	23.5.109.152 23.5.109.152	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE)
2 2	52.209.133.47 52.209.133.47	16509 (AMAZON-02) (AMAZON-02)
2 2	34.241.76.206 34.241.76.206	16509 (AMAZON-02) (AMAZON-02)
2 3	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	104.20.5.43 104.20.5.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
200	32

29 50.56.167.254 (San Antonio, United States)

ASN33070 (RMH-14, US)

www.bankinfosecurity.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 23.210.249.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-12.deploy.static.akamaitechnologies.com

130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.130.251.6 (San Antonio, United States)

ASN33070 (RMH-14, US)

worker.ismgcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bankinfosecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.215.103.126 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:38f::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.20.4.43 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chatserver.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vue.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4fa6 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.162.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-162-167.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.147.68 (United States)

ASN53580 (MARKETO, US)

051-zxi-237.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.109.152 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-109-152.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.72.21 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.133.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-133-47.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.76.206 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-76-206.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.150.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.5.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	rackcdn.com 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	9 MB
29	bankinfosecurity.co.uk www.bankinfosecurity.co.uk	455 KB
16	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	1 MB
11	ampproject.org cdn.ampproject.org	417 KB
10	ml314.com 3 redirects ml314.com in.ml314.com	16 KB
9	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	97 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	105 KB
6	comm100.com 1 redirects chatserver.comm100.com vue.comm100.com chatserver3.comm100.com	248 KB
5	disquscdn.com c.disquscdn.com	219 KB
5	gstatic.com fonts.gstatic.com	45 KB
4	twimg.com pbs.twimg.com cdn.syndication.twimg.com	6 KB
4	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	eyeota.net 2 redirects ps.eyeota.net	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	disqus.com bankinfosecurity.disqus.com disqus.com	28 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	930 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	724 B
2	mktoresp.com 051-zxi-237.mktoresp.com	606 B
2	marketo.net munchkin.marketo.net	6 KB
1	sitescout.com pixel.sitescout.com	248 B
1	basis.net 1 redirects pixel-a.basis.net	113 B
1	bluekai.com 1 redirects tags.bluekai.com	860 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	addthisedge.com v1.addthisedge.com	207 B
1	bizographics.com sjs.bizographics.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	20 KB
1	googletagservices.com www.googletagservices.com	16 KB
1	ismgcorp.com worker.ismgcorp.com	407 B
1	addthis.com s7.addthis.com	113 KB
1	googleapis.com fonts.googleapis.com	1 KB
200	33

	Domain	Requested by
29	www.bankinfosecurity.co.uk	www.bankinfosecurity.co.uk
26	130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
13	0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
11	cdn.ampproject.org	securepubads.g.doubleclick.net
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.bankinfosecurity.co.uk cdn.ampproject.org
9	ml314.com	3 redirects www.bankinfosecurity.co.uk ml314.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bankinfosecurity.co.uk
7	platform.twitter.com	www.bankinfosecurity.co.uk platform.twitter.com
7	75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
6	752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
6	6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
5	pagead2.googlesyndication.com	www.bankinfosecurity.co.uk
5	c.disquscdn.com	bankinfosecurity.disqus.com
5	fonts.gstatic.com	www.bankinfosecurity.co.uk
5	dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
4	www.google-analytics.com	1 redirects www.bankinfosecurity.co.uk
4	21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
4	fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
4	4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
3	chatserver3.comm100.com	vue.comm100.com
3	ps.eyeota.net	2 redirects www.bankinfosecurity.co.uk
3	pbs.twimg.com	www.bankinfosecurity.co.uk
2	syndication.twitter.com	1 redirects www.bankinfosecurity.co.uk
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	051-zxi-237.mktoresp.com	munchkin.marketo.net
2	disqus.com	bankinfosecurity.disqus.com
2	px.ads.linkedin.com	1 redirects www.bankinfosecurity.co.uk
2	vue.comm100.com	www.bankinfosecurity.co.uk vue.comm100.com
2	munchkin.marketo.net	www.bankinfosecurity.co.uk munchkin.marketo.net
2	f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	www.bankinfosecurity.co.uk
1	pixel.sitescout.com
1	pixel-a.basis.net	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	tags.bluekai.com	1 redirects
1	in.ml314.com	ml314.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.bankinfosecurity.co.uk
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	v1.addthisedge.com	s7.addthis.com
1	chatserver.comm100.com	1 redirects
1	sjs.bizographics.com	www.bankinfosecurity.co.uk
1	bankinfosecurity.disqus.com	www.bankinfosecurity.co.uk
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	www.bankinfosecurity.co.uk
1	www.googletagservices.com	www.bankinfosecurity.co.uk
1	worker.ismgcorp.com	www.bankinfosecurity.co.uk
1	s7.addthis.com	www.bankinfosecurity.co.uk
1	fonts.googleapis.com	www.bankinfosecurity.co.uk
200	51

This site contains links to these domains. Also see Links.

Domain
www.cuinfosecurity.com
www.govinfosecurity.com
www.healthcareinfosecurity.com
www.inforisktoday.co.uk
www.careersinfosecurity.co.uk
www.databreachtoday.co.uk
www.bankinfosecurity.com
www.bankinfosecurity.eu
www.bankinfosecurity.in
www.bankinfosecurity.asia
ffiec.bankinfosecurity.com
omnibus.healthcareinfosecurity.com
ddos.inforisktoday.com
ransomware.databreachtoday.com
gdpr.inforisktoday.com
events.ismg.io
www.databreachtoday.com
www.facebook.com
twitter.com
www.linkedin.com
www.databreachtoday.eu
www.twitter.com
home.treasury.gov
www.proofpoint.com
www.prevailion.com
t.co
www.careersinfosecurity.com
securityintelligence.inforisktoday.com
ismg.io

Subject Issuer	Validity	Valid
ismg.io Go Daddy Secure Certificate Authority - G2	`2019-08-05` - `2021-07-26`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2019-03-20` - `2020-06-18`	a year	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
worker.ismgcorp.com Go Daddy Secure Certificate Authority - G2	`2019-10-21` - `2020-04-13`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.comm100.com DigiCert SHA2 Secure Server CA	`2019-05-07` - `2020-03-12`	10 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-02` - `2020-08-10`	6 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Frame ID: 6717F91B88E50612AB9074E088932B17
Requests: 169 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=https%3A%2F%2Fwww.bankinfosecurity.co.uk
Frame ID: 3D0542590FAC0C6798BADE478BF3232B
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fta505-apt-group-returns-new-techniques-report-a-13678&t_d=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&t_t=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&s_o=default
Frame ID: E1C15BE59513E3DF22A7DEDBBE095929
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 1039575CA17F70DD58DC40A92656411B
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 3C2BED9C58CCF3F6F9ED8CA0921AB03A
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: B78B5DED408FBACF301C90682CD82C22
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 10F71A93F6B14DFE35EDCD7AD32F4E6E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 8CE404C9E3FCE6EE21C9FA3B6BF20CF9
Requests: 6 HTTP requests in this frame

Frame: https://vue.comm100.com/js/bundle.099e61e16efedea507ca37360f78f15f.js
Frame ID: 5C2A77BF0510AA94C0544DE3CDFD2EE7
Requests: 4 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 50EC35051111E444FE83DC76720CB2EC
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: F8E10267D4E577FA90CCF04221C35152
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: E24CC4BDB6856BAEDAE747E4F49705A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

script /\/tiny_?mce(?:\.min)?\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

Page Statistics

200
Requests

100 %
HTTPS

39 %
IPv6

33
Domains

51
Subdomains

32
IPs

7
Countries

12287 kB
Transfer

19269 kB
Size

12
Cookies

69 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cuinfosecurity.com/
Title: CUInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.govinfosecurity.com/
Title: GovInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/
Title: HealthcareInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.inforisktoday.co.uk/
Title: InfoRiskToday

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.co.uk/
Title: CareersInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.co.uk/
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/
Title: USA

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/
Title: Asia

Search URL Search Domain Scan URL

URL: https://ffiec.bankinfosecurity.com/
Title: FFIEC

Search URL Search Domain Scan URL

URL: https://omnibus.healthcareinfosecurity.com/
Title: HIPAA Omnibus

Search URL Search Domain Scan URL

URL: https://ddos.inforisktoday.com/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://ransomware.databreachtoday.com/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gdpr.inforisktoday.com/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/fraud-summit-new-york-city-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/legal-compliance-summit-new-york-city-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-chicago-il-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-seattle-wa-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-summit-bangalore-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/healthcare-security-summit-new-york-city-2020/

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/webinars/best-practices-for-implementing-comprehensive-identity-governance-w-2126

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/webinars/zero-trust-approach-for-healthcare-w-2071

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/webinars/reducing-risk-now-w-2052

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.co.uk/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.co.uk/jobs/employer-center
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/bankinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/BnkInfoSecurity

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?home=&gid=2220487

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.eu/webinars/live-webinar-changing-conversation-around-digital-risk-management-w-2272
Title: Live Webinar | Changing the Conversation Around Digital Risk Management: Third-Party Risk

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/webinars/live-webinar-cisos-guide-to-application-security-accelerate-your-w-2298
Title: Live Webinar| CISO's Guide to Application Security: Accelerate Your Software Velocity

Search URL Search Domain Scan URL

URL: https://www.twitter.com/@Ishita_CP
Title: @Ishita_CP

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/ta505-apt-group-returns-new-techniques-report-a-13678#disqus_thread

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/news/press-releases/sm845
Title: U.S. Treasury Department

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/two-russians-indicted-over-100m-dridex-malware-thefts-a-13473
Title: Two Russians Indicted Over $100M Dridex Malware Thefts

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1222995250911703041
Title: Microsoft Security Intelligence team

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter
Title: Proofpoint

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/ta505-group-hides-malware-in-legitimate-certificates-a-12417
Title: TA505 Group Hides Malware in Legitimate Certificates

Search URL Search Domain Scan URL

URL: https://www.prevailion.com/insights/prevailion-charts-ta505-plunder-ransomware-criminals/
Title: Prevailion

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/silence-gang-ramps-up-bank-assaults-a-12944
Title: 'Silence' Gang Ramps Up Bank Assaults

Search URL Search Domain Scan URL

URL: https://twitter.com/@Ishita_CP

Search URL Search Domain Scan URL

URL: http://twitter.com/f1tym1
Title: f1tym1

Search URL Search Domain Scan URL

URL: https://t.co/GRgwkoF6AQ
Title: https://t.co/GRgwkoF6AQ

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1224756346962239488
Title: Retweet

Search URL Search Domain Scan URL

URL: https://t.co/w52CL9fitH
Title: https://t.co/w52CL9fitH

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1224756345896869891
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/lopezunwired
Title: lopezunwired

Search URL Search Domain Scan URL

URL: https://t.co/EuEKgUxF0u
Title: https://t.co/EuEKgUxF0u

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1224756138526162944
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/search/realtime?q=bankinfosecurity%20OR%20inforisktoday%20OR%20healthcareinfosecurity%20OR%20govinfosecurity%20OR%20careersinfosecurity%20OR%20databreachtoday%20OR%20cuinfosecurity%20OR%20from:euroinfosec%20OR%20from:ISMG_asia%20OR%20from:bnkinfosecurity%20OR%20from:cuinfosecurity%20OR%20from:fraudblogger%20OR%20from:govinfosecurity%20OR%20from:mariannemcgee%20OR%20from:gen_sec%20OR%20from:securityeditor%20OR%20from:healthinfosec%20OR%20from:careersinfosec%20OR%20from:databreachtoday%20OR%20from:inforisktoday%20OR%20from:ISMG_news%20OR%20from:ismg_press&src=hash
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/chief-information-security-officer-university-chicago-chicago-il-chicago-i-1705711
Title: Chief Information Security Officer - The University of Chicago - Chicago, IL

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/vp-chief-information-security-officer-national-rural-electric-cooperative-i-1701830
Title: VP, Chief Information Security Officer - National Rural Electric Cooperative Association (NRECA) - Arlington, VA

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/lead-security-analyst-visa-digital-developer-platform-vddp-visa-foster-i-1713104
Title: Lead Security Analyst - Visa Digital Developer Platform (VDDP) - Visa - Foster City, CA

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/analyst-security-risk-assessment-lincoln-financial-omaha-ne-omaha-i-1712984
Title: Analyst, IT Security Risk Assessment - Lincoln Financial - Omaha, NE

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/cnb-bank-ft-information-security-analyst-cnb-bank-clearfield-pa-clearfield-i-1713040
Title: CNB Bank, FT Information Security Analyst - CNB Bank - Clearfield, PA

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/achieving-forensics-readiness-i-4582
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/privacy-advocate-tackles-issue-patient-consent-rights-i-4589
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.eu/interviews/critical-infrastructure-security-time-for-new-mindset-german-language-i-4586
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/improving-detection-nation-state-attacks-i-4587
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/sizing-up-todays-deception-technology-i-4581
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-new-details-on-hacking-jeff-bezos-iphone-i-4585
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/dave-dewalt-on-securing-business-critical-applications-i-4584
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-government-policies-on-huaweis-5g-role-i-4588
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/tips-on-protecting-hospitals-from-nation-state-attacks-i-4583
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/role-satellites-in-quantum-key-distribution-i-4580
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://securityintelligence.inforisktoday.com/
Title: Security Intelligence

Search URL Search Domain Scan URL

URL: https://ismg.io/
Title: Information Security Media Group, Corp.

Search URL Search Domain Scan URL

URL: https://ismg.io/about-us
Title: About ISMG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119

https://chatserver.comm100.com/livechat.ashx?siteId=92035 HTTP 301
https://vue.comm100.com/livechat.ashx?siteId=92035

Request Chain 128

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1996624169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&ul=en-us&de=UTF-8&dt=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAEAB~&jid=1296520738&gjid=60782760&cid=757602922.1580840452&tid=UA-212197-36&_gid=1327804946.1580840452&_r=1&z=1338290715 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-212197-36&cid=757602922.1580840452&jid=1296520738&_gid=1327804946.1580840452&gjid=60782760&_v=j80&z=1338290715

Request Chain 131

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&time=1580840451904 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.co.uk%252Fta505-apt-group-returns-new-techniques-report-a-13678%26time%3D1580840451904%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&time=1580840451904&liSync=true

Request Chain 148

https://tags.bluekai.com/site/20486?limit=0&id=3607953467828600918&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3607953467828600918%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=joUkJx99999Y8MkK&person_id=3607953467828600918&eid=50056

Request Chain 149

https://idsync.rlcdn.com/395886.gif?partner_uid=3607953467828600918 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwNzk1MzQ2NzgyODYwMDkxOBAAGg0IhOzm8QUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=e5941459e8d61bb13f21c127cbb714f9f84f938eacfc01800c3e35d59ff683bcf4cb09cee1a4f8eb&person_id=3607953467828600918&eid=50082

Request Chain 150

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b5dcf3b1-f845-40b2-8e3b-462cb4bcbc7d HTTP 302
https://ml314.com/csync.ashx?fp=b5dcf3b1-f845-40b2-8e3b-462cb4bcbc7d&person_id=3607953467828600918&eid=53819

Request Chain 151

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3607953467828600918 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3607953467828600918 HTTP 302
https://ml314.com/csync.ashx?fp=a62498fdb01876133a27810bd064c15&eid=50146&person_id=3607953467828600918

Request Chain 152

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2AE3T6JKS2r67R5-kxCdUorHKATpS1tTnej64Q42BSsk&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=2AE3T6JKS2r67R5-kxCdUorHKATpS1tTnej64Q42BSsk&person_id=3607953467828600918&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

Request Chain 203

https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
https://pixel.sitescout.com/iap/64ead273d1f41aa7

Request Chain 204

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

200 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ta505-apt-group-returns-new-techniques-report-a-13678 Show response
www.bankinfosecurity.co.uk/ 366 KB
52 KB 575ms
304ms Document
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 3a002d583a586abbfd8ba3be294c42da110dd6eac872a0efc8afbd9793d88658

Request headers

Host: www.bankinfosecurity.co.uk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=0ej0tcjg76b9bisi1dtoggqdg7; expires=Tue, 04-Feb-2020 22:20:50 GMT; Max-Age=14400; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery-ui.min.css
www.bankinfosecurity.co.uk/css-responsive/vendor/ 25 KB
5 KB 335ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/vendor/jquery-ui.min.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4896

GET
H/1.1 200
OK mediaelementplayer-updated.css
www.bankinfosecurity.co.uk/css-responsive/vendor/ 11 KB
3 KB 380ms
128ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/vendor/mediaelementplayer-updated.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2622

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b157bcfc96788f58efc965a882fdcd17ea1ff51b87e1175d6638e08a79aa60ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 04 Feb 2020 18:20:50 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 04 Feb 2020 18:20:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:50 GMT

GET
H/1.1 200
OK main.css
www.bankinfosecurity.co.uk/css-responsive/ 231 KB
42 KB 387ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/main.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 3d6601f455d1861307f2e2266ac347f8dffe2e109e153f228024becd258b2784

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42778

GET
H/1.1 200
OK prettyPhoto.css
www.bankinfosecurity.co.uk/css-responsive/ 21 KB
3 KB 394ms
133ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/prettyPhoto.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2840

GET
H/1.1 200
OK bis-hdr.desktop.r2.css
www.bankinfosecurity.co.uk/css-responsive/vendor/ 8 KB
2 KB 402ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/vendor/bis-hdr.desktop.r2.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1956

GET
H/1.1 200
OK bis-hdr.mobile.r2.css
www.bankinfosecurity.co.uk/css-responsive/vendor/ 9 KB
2 KB 402ms
136ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/vendor/bis-hdr.mobile.r2.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2133

GET
H/1.1 200
OK font-awesome.min.css
www.bankinfosecurity.co.uk/css-responsive/vendor/ 22 KB
5 KB 471ms
136ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/vendor/font-awesome.min.css
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5049

GET
H/1.1 200
OK jquery.min.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 91 KB
33 KB 518ms
138ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33094

GET
H/1.1 200
OK modernizr.j Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 11 KB
11 KB 525ms
132ms Script
text/plain 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/modernizr.j
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 7e1e8c883fd8fb0cafdc1636bb195f28a7d8cfb3bf865ab40af470634d2f62ba

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 30 Jan 2020 20:44:22 GMT
Server: Apache
ETag: "2b4c-59d6185a11e57"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11084

GET
H/1.1 200
OK bootstrap.min.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 35 KB
9 KB 538ms
136ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/bootstrap.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9328

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 21 KB
7 KB 563ms
161ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.validate.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6689

GET
H/1.1 200
OK mediaelement-and-player-updated.min.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 154 KB
38 KB 612ms
141ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 38476

GET
H/1.1 200
OK tinymce.min.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 295 KB
101 KB 670ms
142ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/tinymce.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK jquery.validate.bootstrap.popover.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 2 KB
1 KB 676ms
136ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 926

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 2 KB
1 KB 702ms
138ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.placeholder.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 922

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 222 KB
60 KB 736ms
139ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery-ui.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 61345

GET
H/1.1 200
OK crypt_des.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/vendor/ 9 KB
3 KB 755ms
135ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/crypt_des.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2857

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 349 KB
113 KB 36ms
36ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Tue, 04 Feb 2020 18:20:50 GMT
x-host: s7.addthis.com
content-length: 115106

GET
H/1.1 200
OK headerlogo-bis.png
www.bankinfosecurity.co.uk/images-responsive/logos/ 2 KB
2 KB 127ms
127ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankinfosecurity.co.uk/images-responsive/logos/headerlogo-bis.png
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1682

GET
H/1.1 200
OK doppelpaymer-ransomware-threatens-to-dump-victims-data-showcase_image-8-a-13683.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 128 KB
128 KB 26ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/doppelpaymer-ransomware-threatens-to-dump-victims-data-showcase_image-8-a-13683.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c6a03f1c9b8eaf5d0e289552599039f6084dc5428c66c85aa6ff23910d7738b4

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Tue, 04 Feb 2020 11:19:21 GMT
ETag: 0505732a846621d90e0ca6d67382511e
Content-Type: image/jpeg
X-Timestamp: 1580815160.56608
Cache-Control: public, max-age=80221
Content-Length: 131064
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txbfba7b0e2b4b45ada4728-005e399da3dfw1
Expires: Wed, 05 Feb 2020 16:37:51 GMT

GET
H/1.1 200
OK eu-drops-plans-to-ban-facial-recognition-showcase_image-5-a-13682.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 135 KB
136 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/eu-drops-plans-to-ban-facial-recognition-showcase_image-5-a-13682.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5a32a6c1ad073d4dfdc344357066bc11851ff1a0d1c5857f6dff150f5cd5f8c6

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Tue, 04 Feb 2020 09:30:25 GMT
ETag: 9df7467455dbf78c1efc6370be8c1b63
Content-Type: image/jpeg
X-Timestamp: 1580808624.28257
Cache-Control: public, max-age=78642
Content-Length: 138507
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx24eeba4d4f02421a8d0ff-005e3997cedfw1
Expires: Wed, 05 Feb 2020 16:11:32 GMT

GET
H/1.1 200
OK twitter-api-could-be-used-to-map-phone-numbers-to-accounts-showcase_image-3-a-13680.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 121 KB
121 KB 25ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/twitter-api-could-be-used-to-map-phone-numbers-to-accounts-showcase_image-3-a-13680.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8c016e1c610132ef76180ac79189a9ed1b14be28121610554bfac407f350a76b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Tue, 04 Feb 2020 01:23:16 GMT
ETag: c2f8abba4e92ff649ebe8f058e4fc892
Content-Type: image/jpeg
X-Timestamp: 1580779395.13973
Cache-Control: public, max-age=53586
Content-Length: 123998
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txcf531021a43c430f86dc0-005e3935e8dfw1
Expires: Wed, 05 Feb 2020 09:13:56 GMT

GET
H/1.1 200
OK nist-drafts-guidelines-for-coping-ransomware-showcase_image-1-a-13679.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 175 KB
175 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/nist-drafts-guidelines-for-coping-ransomware-showcase_image-1-a-13679.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c798e875b156964bf519cf80e2bc26d7bca4487e430ddd4e91a79f246d0f0e2b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Mon, 03 Feb 2020 20:09:10 GMT
ETag: 8db6f921caa2ecd4fc41ec7ebaa7e7aa
Content-Type: image/jpeg
X-Timestamp: 1580760549.41655
Cache-Control: public, max-age=9774
Content-Length: 179228
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txe79defd18b364b75b6ed0-005e388aafdfw1
Expires: Tue, 04 Feb 2020 21:03:44 GMT

GET
H/1.1 200
OK analysis-government-policies-on-huaweis-5g-role-showcase_image-9-i-4588.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 128 KB
129 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-government-policies-on-huaweis-5g-role-showcase_image-9-i-4588.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5dd956b30ba04636a414909107064ee5215c4e0b2e6e7a9e09ab2e9e8bf010d

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Thu, 30 Jan 2020 21:07:13 GMT
ETag: 04bc08fbb249b5255dd3865068bbb851
Content-Type: image/jpeg
X-Timestamp: 1580418432.25478
Cache-Control: public, max-age=20056
Content-Length: 131283
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txff583074641c4c1e96d07-005e33e1e1dfw1
Expires: Tue, 04 Feb 2020 23:55:06 GMT

GET
H/1.1 200
OK dave-dewalt-on-securing-business-critical-applications-showcase_image-3-i-4584.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 56 KB
56 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/dave-dewalt-on-securing-business-critical-applications-showcase_image-3-i-4584.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1cefde1e3abcbf75b91b27f496264e12428b7a803da6d7ec93297442261af30b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Thu, 23 Jan 2020 18:11:44 GMT
ETag: 0e5527d25fce4dd85897b26b43b976fd
Content-Type: image/jpeg
X-Timestamp: 1579803103.64443
Cache-Control: public, max-age=26815
Content-Length: 56900
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx440dec02ff864756a1294-005e2f0234dfw1
Expires: Wed, 05 Feb 2020 01:47:45 GMT

GET
H/1.1 200
OK analysis-new-details-on-hacking-jeff-bezos-iphone-showcase_image-5-i-4585.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 140 KB
140 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-new-details-on-hacking-jeff-bezos-iphone-showcase_image-5-i-4585.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28c3ab3803655a44193df1fb4bb6df9ec0eb6f226de737a75640d36b7c6a6eaf

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Thu, 23 Jan 2020 21:12:34 GMT
ETag: 66cbb66bce941291500e11c0c4ef7558
Content-Type: image/jpeg
X-Timestamp: 1579813953.54590
Cache-Control: public, max-age=86274
Content-Length: 143217
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx0831deb84978445fafa64-005e2ab8d3dfw1
Expires: Wed, 05 Feb 2020 18:18:44 GMT

GET
H/1.1 200
OK role-satellites-in-quantum-key-distribution-showcase_image-6-i-4580.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 55 KB
55 KB 55ms
55ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/role-satellites-in-quantum-key-distribution-showcase_image-6-i-4580.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c28e9e54ff0a7249e384c247190d4ed3195d43c6013efe706c907d90634f9c84

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Mon, 20 Jan 2020 04:28:10 GMT
ETag: 1e35aa63984acaad7787613b6bd39785
Content-Type: image/jpeg
X-Timestamp: 1579494489.26837
Cache-Control: public, max-age=37425
Content-Length: 56413
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx057fae644afa4202b3f85-005e2562abdfw1
Expires: Wed, 05 Feb 2020 04:44:35 GMT

GET
H/1.1 200
OK ashley-madison-impact-some-data-breaches-forever-showcase_image-5-p-2859.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 101 KB
102 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ashley-madison-impact-some-data-breaches-forever-showcase_image-5-p-2859.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f889205fc61765be66116d1570107b8a4a523707f592d3ad8d087e54f68e844e

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Mon, 03 Feb 2020 16:12:11 GMT
ETag: b86f6de210c272a1bc20aae2dc7d4b51
Content-Type: image/jpeg
X-Timestamp: 1580746330.99560
Cache-Control: public, max-age=70367
Content-Length: 103695
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa4fc5f0e658745478c1e2-005e38467adfw1
Expires: Wed, 05 Feb 2020 13:53:37 GMT

GET
H/1.1 200
OK how-deception-technologies-enable-proactive-cyberdefense-showcase_image-1-p-2855.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 89 KB
90 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/how-deception-technologies-enable-proactive-cyberdefense-showcase_image-1-p-2855.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b514061653bf62d9141b1f9ffb2c24d899e829f1788df4df2057776013539e6b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:50 GMT
Last-Modified: Wed, 29 Jan 2020 14:16:23 GMT
ETag: ac18fb85dd23400cf27282aa69a1febc
Content-Type: image/jpeg
X-Timestamp: 1580307382.48653
Cache-Control: public, max-age=54488
Content-Length: 91413
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx2e1b3659e12c4702ae5f0-005e319890dfw1
Expires: Wed, 05 Feb 2020 09:28:58 GMT

GET
H/1.1 200
OK growing-medical-device-sophistication-opens-security-issues-showcase_image-2-p-2856.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 123 KB
124 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/growing-medical-device-sophistication-opens-security-issues-showcase_image-2-p-2856.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 874e26994087937399d0614d4a5cec19a54da07cff2884b6a5fbf32defdbd7e1

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 29 Jan 2020 15:18:11 GMT
ETag: c5ea0905e6d27967cd00d46139e4782a
Content-Type: image/jpeg
X-Timestamp: 1580311090.55140
Cache-Control: public, max-age=73199
Content-Length: 126437
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx2ce66463a98d4c70b1f49-005e385087dfw1
Expires: Wed, 05 Feb 2020 14:40:50 GMT

GET
H/1.1 200
OK bezos-phone-hack-narrative-framed-by-loose-facts-showcase_image-2-p-2854.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 105 KB
105 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/bezos-phone-hack-narrative-framed-by-loose-facts-showcase_image-2-p-2854.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 725590ab46352a18efa6ddbc0322457f8ab6b18634c858c53dfcbfa322362cc6

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 24 Jan 2020 02:57:59 GMT
ETag: 1683f0f0037085c9794763bf7314d809
Content-Type: image/jpeg
X-Timestamp: 1579834678.61883
Cache-Control: public, max-age=72219
Content-Length: 107435
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx24393f83774c4849bde1e-005e2aff40dfw1
Expires: Wed, 05 Feb 2020 14:24:30 GMT

GET
H/1.1 200
OK ingredients-incident-response-playbook-showcase_image-6-a-13552.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 235 KB
235 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ingredients-incident-response-playbook-showcase_image-6-a-13552.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6de854b6aa18423832207ade53631260e0a758a3331907ebae09c3b410462526

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 26 Dec 2019 05:43:11 GMT
ETag: b6e344d99e6803204ba9ae468e173e03
Content-Type: image/jpeg
X-Timestamp: 1577338990.22618
Cache-Control: public, max-age=12985
Content-Length: 240483
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx8e3949bddf3a43bbbe447-005e04e694dfw1
Expires: Tue, 04 Feb 2020 21:57:16 GMT

GET
H/1.1 200
OK making-developers-responsible-for-vulnerabilities-showcase_image-6-a-13553.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 184 KB
185 KB 24ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/making-developers-responsible-for-vulnerabilities-showcase_image-6-a-13553.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5fb18a20cdc9e6bf1d73b4157687373715b0b9bea35cb807f928fde9b4361233

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 26 Dec 2019 05:50:30 GMT
ETag: 572527e2a7683b275668da0ad3243c70
Content-Type: image/jpeg
X-Timestamp: 1577339429.33642
Cache-Control: public, max-age=12961
Content-Length: 188575
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa696a9cb815e41edbd920-005e04fd5fdfw1
Expires: Tue, 04 Feb 2020 21:56:52 GMT

GET
H/1.1 200
OK managing-third-party-risks-showcase_image-7-a-13555.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 218 KB
218 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/managing-third-party-risks-showcase_image-7-a-13555.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3a56a926967f9778c7395c44c2bd718498b0844203b9bfb69e81ad9ca8e5003

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 26 Dec 2019 06:06:47 GMT
ETag: c317b1dc3e4ce9d906640dd0bc320593
Content-Type: image/jpeg
X-Timestamp: 1577340406.11777
Cache-Control: public, max-age=33304
Content-Length: 222953
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txbc80f8fa81e043d998f38-005e04ff32dfw1
Expires: Wed, 05 Feb 2020 03:35:55 GMT

GET
H/1.1 200
OK cybercrime-support-victory-for-midmarket-showcase_image-7-a-13543.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 87 KB
88 KB 25ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cybercrime-support-victory-for-midmarket-showcase_image-7-a-13543.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6623fd99a5b7eab92b6b4f8d7f5c54daa9fa3367caf64cb075194bda30b914f

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 23 Dec 2019 18:23:03 GMT
ETag: 806df442a3bf7ce64f74e73e4eeead5e
Content-Type: image/jpeg
X-Timestamp: 1577125382.33447
Cache-Control: public, max-age=84658
Content-Length: 89457
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txdf949db5c7a046e1a1b0d-005e022b0ddfw1
Expires: Wed, 05 Feb 2020 17:51:49 GMT

GET
H/1.1 200
OK guide-to-application-security-securely-accelerating-your-software-velocity-showcase_image-2-w-2297.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 115 KB
115 KB 27ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/guide-to-application-security-securely-accelerating-your-software-velocity-showcase_image-2-w-2297.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: be6be76ca745414b27ef45501225245c2565227dcbe5570732bbffb1ac1937b2

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 21 Jan 2020 17:16:17 GMT
ETag: 3489b7ebc885b1c3c02b3125f2b22f8a
Content-Type: image/jpeg
X-Timestamp: 1579626976.62641
Cache-Control: public, max-age=60477
Content-Length: 117308
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txee182f73e61d4143bda26-005e29e0fddfw1
Expires: Wed, 05 Feb 2020 11:08:48 GMT

GET
H/1.1 200
OK live-webinar-targeted-attacks-how-sophisticated-criminals-bypass-enterprise-security-measures-showcase_image-2-w-2294.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 108 KB
109 KB 37ms
36ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-targeted-attacks-how-sophisticated-criminals-bypass-enterprise-security-measures-showcase_image-2-w-2294.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5a7f4479247cd69f6466b02c172186854e3fb39b3cec4ee1cd5041186e25e464

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 17 Jan 2020 21:12:01 GMT
ETag: 67867ee0deb772feac11b4b7642fd2d8
Content-Type: image/jpeg
X-Timestamp: 1579295520.93364
Cache-Control: public, max-age=45817
Content-Length: 111032
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx45596dcc1bd8441b85187-005e25c0e7dfw1
Expires: Wed, 05 Feb 2020 07:04:28 GMT

GET
H/1.1 200
OK live-webinar-your-ultimate-guide-to-phishing-mitigation-showcase_image-9-w-2277.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 63 KB
64 KB 31ms
31ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-your-ultimate-guide-to-phishing-mitigation-showcase_image-9-w-2277.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c30980da6c6f2ec76fdbd29d27519f28daa566818bb50f5df4172e3e84740a64

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Sun, 29 Dec 2019 17:16:39 GMT
ETag: 9afaf67a7fa74145beaa3bb9ad8a43b0
Content-Type: image/jpeg
X-Timestamp: 1577639798.03195
Cache-Control: public, max-age=64683
Content-Length: 64787
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txaa0ad764c3ce45e6bd6d7-005e0a27eddfw1
Expires: Wed, 05 Feb 2020 12:18:54 GMT

GET
H/1.1 200
OK live-webinar-changing-conversation-around-digital-risk-management-third-party-risk-showcase_image-4-w-2272.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 107 KB
107 KB 29ms
29ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-changing-conversation-around-digital-risk-management-third-party-risk-showcase_image-4-w-2272.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 267d1b74c1a492ae9daab8f4a4f253f4c0c017f98a71e2e711c7f93c7ced1d36

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 12 Dec 2019 21:38:53 GMT
ETag: d5c465ae3deeb2449c6d25d879d870db
Content-Type: image/jpeg
X-Timestamp: 1576186732.26735
Cache-Control: public, max-age=37107
Content-Length: 109183
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txff9472ff2aa94c3388ab9-005dfbc34fdfw1
Expires: Wed, 05 Feb 2020 04:39:18 GMT

GET
H/1.1 200
OK michael-bruemmer-largeImage-a-617.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 91 KB
91 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/michael-bruemmer-largeImage-a-617.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4d1946811583260a847ab9793a3b1ac056f0a6f14f135e6816ea7db995986d7d

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 29 Oct 2013 16:27:26 GMT
ETag: 8499c4873d44f40793bbcee1a67e3fdf
Content-Type: image/jpeg
X-Timestamp: 1383064045.52857
Cache-Control: public, max-age=44429
Content-Length: 93297
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx3375ce25997a47adb33cb-005dab14abdfw1
Expires: Wed, 05 Feb 2020 06:41:20 GMT

GET
H/1.1 200
OK avivah-litan-largeImage-7-a-531.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 103 KB
103 KB 28ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/avivah-litan-largeImage-7-a-531.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f92d2ae45734ea5702a735694d4c25ba2a7d96f8de7d2b65c404f7695c2f9aca

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 16 Jan 2018 17:52:31 GMT
ETag: d1a9360a4c04f63b66f57b6c7a18f020
Content-Type: image/jpeg
X-Timestamp: 1516125150.59148
Cache-Control: public, max-age=72866
Content-Length: 105118
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txd894a504a5a44e0b8b5bd-005e2c08a9dfw1
Expires: Wed, 05 Feb 2020 14:35:17 GMT

GET
H/1.1 200
OK kim-peretti-largeImage-a-342.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 96 KB
96 KB 28ms
28ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/kim-peretti-largeImage-a-342.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c27f517a52328878d8f7052ed2adf6f7901e2dabdc18bcb8cada275ab2decfea

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 29 Oct 2013 16:21:54 GMT
ETag: 756b17619c964600716b6c5f298668f2
Content-Type: image/jpeg
X-Timestamp: 1383063713.14328
Cache-Control: public, max-age=85863
Content-Length: 98341
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5bc60f6dfb21475aaf008-005e35b77bdfw1
Expires: Wed, 05 Feb 2020 18:11:54 GMT

GET
H/1.1 200
OK elayne-starkey-largeImage-a-697.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 153 KB
153 KB 29ms
29ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/elayne-starkey-largeImage-a-697.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1778aa41c49b2fc664a99eaa4cdcec43732e55aaa3278e0cffd0658e724acb5a

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 29 Oct 2013 16:29:46 GMT
ETag: 64f11b0e028c21d945400a650f66bfd9
Content-Type: image/jpeg
X-Timestamp: 1383064185.67645
Cache-Control: public, max-age=30085
Content-Length: 156260
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txd6c02d02fad1497ba19db-005e2cb9b3dfw1
Expires: Wed, 05 Feb 2020 02:42:16 GMT

GET
H/1.1 200
OK new-study-cloud-confidence-maturity-on-rise-logo-7-w-5804.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 94 KB
94 KB 27ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-study-cloud-confidence-maturity-on-rise-logo-7-w-5804.JPG
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a7b42f8335acd7d8d936e19b10a631fcaa817b2f51ac981d8475b263309e377

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 28 Jan 2020 19:28:19 GMT
ETag: bd463c23cc7d61841ba5088f1cc2f0b8
Content-Type: image/jpeg
X-Timestamp: 1580239698.97677
Cache-Control: public, max-age=35899
Content-Length: 95943
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txdbaa42942e4a4ceaaccf3-005e308ea0dfw1
Expires: Wed, 05 Feb 2020 04:19:10 GMT

GET
H/1.1 200
OK financial-services-fraud-consumer-trust-report-logo-5-w-5787.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 72 KB
72 KB 30ms
30ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/financial-services-fraud-consumer-trust-report-logo-5-w-5787.JPG
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3bf1f576e7f76614784c0cf9681c8784d4130c5711339474ec408579bcced8d

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 21 Jan 2020 18:34:06 GMT
ETag: 34a94fac3c86e81e1da4a9027f974b2d
Content-Type: image/jpeg
X-Timestamp: 1579631645.10689
Cache-Control: public, max-age=72722
Content-Length: 73536
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5ec6a7dc832b46c4a8aba-005e274ae2dfw1
Expires: Wed, 05 Feb 2020 14:32:53 GMT

GET
H/1.1 200
OK case-study-view-deception-technology-in-security-testing-logo-4-w-5785.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 101 KB
102 KB 28ms
28ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/case-study-view-deception-technology-in-security-testing-logo-4-w-5785.JPG
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed9cb4ada4736365be873828d6f0746414ab378b5893503029a559ddd149f79e

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 14 Jan 2020 22:44:32 GMT
ETag: 291ee67c9c8d5e6eb54d1816e340f139
Content-Type: image/jpeg
X-Timestamp: 1579041871.29239
Cache-Control: public, max-age=41460
Content-Length: 103619
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx1b46dfecbd7c47cebd9c1-005e1e5eccdfw1
Expires: Wed, 05 Feb 2020 05:51:51 GMT

GET
H/1.1 200
OK spotlight-on-zero-trust-network-access-logo-1-w-5495.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 117 KB
117 KB 28ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/spotlight-on-zero-trust-network-access-logo-1-w-5495.JPG
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 962a577330f78a06c7eca1e1806d6d93cd2d5b0e91d0e0ae775bf338eae85757

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 21 Aug 2019 20:10:15 GMT
ETag: 931acdd2b2afdd73ce4514b61237ecdc
Content-Type: image/jpeg
X-Timestamp: 1566418214.35933
Cache-Control: public, max-age=40692
Content-Length: 119909
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx7a271480ae8a4e61b3924-005e125620dfw1
Expires: Wed, 05 Feb 2020 05:39:03 GMT

GET
H/1.1 200
OK combatting-cybercrime-pdf-9-h-103.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 358 KB
358 KB 27ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 26 Nov 2019 19:37:47 GMT
ETag: 11a3adb400c0ff282a505428b1d7be73
Content-Type: image/jpeg
X-Timestamp: 1574797066.57975
Cache-Control: public, max-age=27708
Content-Length: 366322
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx091764f894ab4dd9b45d7-005ddd7f92dfw1
Expires: Wed, 05 Feb 2020 02:02:39 GMT

GET
H/1.1 200
OK top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 76 KB
77 KB 31ms
28ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 28 Oct 2019 13:57:45 GMT
ETag: 69913c61181f1fc9d730d6c8298e55c4
Content-Type: image/jpeg
X-Timestamp: 1572271064.63410
Cache-Control: public, max-age=28458
Content-Length: 78320
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txf13a36244bb14850840ed-005db6f49bdfw1
Expires: Wed, 05 Feb 2020 02:15:09 GMT

GET
H/1.1 200
OK leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 197 KB
198 KB 43ms
41ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 15 Oct 2019 14:06:53 GMT
ETag: e3e068e355cdbfaa15e88b627d7ebc55
Content-Type: image/jpeg
X-Timestamp: 1571148412.42493
Cache-Control: public, max-age=36018
Content-Length: 202154
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5c084b83eec44371abb2c-005da5d8dadfw1
Expires: Wed, 05 Feb 2020 04:21:09 GMT

GET
H/1.1 200
OK collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 87 KB
88 KB 33ms
31ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 02 Oct 2019 13:41:41 GMT
ETag: 36c70127fa172aa8ce8cd235fddf4c97
Content-Type: image/jpeg
X-Timestamp: 1570023700.81183
Cache-Control: public, max-age=76288
Content-Length: 89481
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txbe1cc1828822497ebb759-005d94a9f7dfw1
Expires: Wed, 05 Feb 2020 15:32:19 GMT

GET
H/1.1 200
OK 2020-faces-fraud-survey-showcase_image-4-s-75.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 82 KB
83 KB 33ms
31ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/2020-faces-fraud-survey-showcase_image-4-s-75.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3d7510063e1b2e52048eb4de8e364e2d5516dcb3dfa3b30feab3e4c10d785726

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 21 Nov 2019 17:08:18 GMT
ETag: 6435f83ec3a957ed676e16f2c26353cf
Content-Type: image/jpeg
X-Timestamp: 1574356097.60397
Cache-Control: public, max-age=35861
Content-Length: 84215
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txea1db6093401455abaac7-005dd6c91edfw1
Expires: Wed, 05 Feb 2020 04:18:32 GMT

GET
H/1.1 200
OK state-todays-app-security-showcase_image-6-s-76.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 94 KB
94 KB 31ms
29ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/state-todays-app-security-showcase_image-6-s-76.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 07f1864f676b80cef760836490eed2ed047b77a99fcc64e81f9d02986e6457bc

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 30 Oct 2019 21:07:05 GMT
ETag: 1b69aac5850bf9a34703d01221b13651
Content-Type: image/jpeg
X-Timestamp: 1572469624.30720
Cache-Control: public, max-age=80163
Content-Length: 96031
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx4bd865c5b39048ab8a52a-005dc9a250dfw1
Expires: Wed, 05 Feb 2020 16:36:54 GMT

GET
H/1.1 200
OK psd2-readiness-authentication-protocols-emv-3ds-for-payments-showcase_image-4-s-71.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 73 KB
73 KB 67ms
29ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/psd2-readiness-authentication-protocols-emv-3ds-for-payments-showcase_image-4-s-71.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5393f531f350571a76f62c64b72e7c45154b57498a0e1c806b23aa99c053287

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 28 Dec 2018 15:54:22 GMT
ETag: 49db5d8958cca460a9526da20cf00330
Content-Type: image/jpeg
X-Timestamp: 1546012461.51124
Cache-Control: public, max-age=66188
Content-Length: 74436
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx109258c7e42449eeb8512-005c264a37dfw1
Expires: Wed, 05 Feb 2020 12:43:59 GMT

GET
H/1.1 200
OK psd2-readiness-authentication-protocols-for-payments-showcase_image-4-s-70.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 73 KB
73 KB 56ms
41ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/psd2-readiness-authentication-protocols-for-payments-showcase_image-4-s-70.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5393f531f350571a76f62c64b72e7c45154b57498a0e1c806b23aa99c053287

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 28 Nov 2018 21:15:23 GMT
ETag: 49db5d8958cca460a9526da20cf00330
Content-Type: image/jpeg
X-Timestamp: 1543439722.67927
Cache-Control: public, max-age=66545
Content-Length: 74436
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txd05ccf2548c543ca90247-005c004b87dfw1
Expires: Wed, 05 Feb 2020 12:49:56 GMT

GET
H/1.1 200
OK top-10-data-breach-influencers-showcase_image-2-a-8798.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 52 KB
53 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/top-10-data-breach-influencers-showcase_image-2-a-8798.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cdedc2c99e5c35e35baa5bba15349f699ad8a849a71d0fe48bbfa4982f68ece5

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 15 Jan 2016 20:00:06 GMT
ETag: 4a0fedb93b2aaad07c4fac27182588c0
Content-Type: image/jpeg
X-Timestamp: 1452888005.28308
Cache-Control: public, max-age=40654
Content-Length: 53534
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa26a93c4afa24f4faaa02-0059da743ddfw1
Expires: Wed, 05 Feb 2020 05:38:25 GMT

GET
H/1.1 200
OK update-top-5-health-data-breaches-imageFile-8-a-7877.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 10 KB
10 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/update-top-5-health-data-breaches-imageFile-8-a-7877.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 441b44d1c8b0181d6502d5a94c3c27e8fa28c79dcaeefd1264bd3a8fe0616c60

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 05 Feb 2015 20:00:34 GMT
ETag: 4fae4989cc5bb5ce45458e826b5134bb
Content-Type: image/jpeg
X-Timestamp: 1423166433.76800
Cache-Control: public, max-age=85832
Content-Length: 10211
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5a0939b4514d44ac96f6d-005a9a0d54dfw1
Expires: Wed, 05 Feb 2020 18:11:23 GMT

GET
H/1.1 200
OK top-10-influencers-in-banking-infosec-imageFileLarge-7-a-7844.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 21 KB
21 KB 28ms
28ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/top-10-influencers-in-banking-infosec-imageFileLarge-7-a-7844.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d5aa688b5d5ff4c506432198a24844c59be01eaf57d384fed2d4e09ee85d497

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 29 Jan 2015 19:42:30 GMT
ETag: 8d5aa609c9f9445ad078861abce65a8b
Content-Type: image/jpeg
X-Timestamp: 1422560549.63241
Cache-Control: public, max-age=44450
Content-Length: 21135
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx99377849e756452d83bd4-005e345abadfw1
Expires: Wed, 05 Feb 2020 06:41:41 GMT

GET
H/1.1 200
OK infographic-payment-card-breach-lifecycle-imageFile-6-a-7812.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 13 KB
13 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infographic-payment-card-breach-lifecycle-imageFile-6-a-7812.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f076961a147d13e72263c5e22c312b276d23f7970465f87801cf8b0fb7d5de9

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 19 Jan 2015 21:19:02 GMT
ETag: 997d7dd8d8abb923aea4d81ae500bb7c
Content-Type: image/jpeg
X-Timestamp: 1421702341.62158
Cache-Control: public, max-age=54057
Content-Length: 12854
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx430ffb3cb27f4e8bbddd6-005a990074dfw1
Expires: Wed, 05 Feb 2020 09:21:48 GMT

GET
H/1.1 200
OK 2020-fraud-summit-new-york-showcase_image-2-e-297.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 81 KB
81 KB 28ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-fraud-summit-new-york-showcase_image-2-e-297.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 471d1b98d4dcda9bc6bafb244adf0e6a3f85c62dd219e0bc3d47256dd3c852d7

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 27 Sep 2019 20:18:25 GMT
ETag: e867c4b9925ec56a280f44919afe0d19
Content-Type: image/jpeg
X-Timestamp: 1569615504.17856
Cache-Control: public, max-age=37668
Content-Length: 82476
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx53a563c562b040be8d048-005dae800edfw1
Expires: Wed, 05 Feb 2020 04:48:39 GMT

GET
H/1.1 200
OK 2020-legal-compliance-summit-new-york-showcase_image-8-e-307.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 81 KB
81 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-legal-compliance-summit-new-york-showcase_image-8-e-307.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 471d1b98d4dcda9bc6bafb244adf0e6a3f85c62dd219e0bc3d47256dd3c852d7

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 22 Nov 2019 15:14:18 GMT
ETag: e867c4b9925ec56a280f44919afe0d19
Content-Type: image/jpeg
X-Timestamp: 1574435657.34206
Cache-Control: public, max-age=51457
Content-Length: 82476
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx6bcd158ead2240489f70a-005deab82fdfw1
Expires: Wed, 05 Feb 2020 08:38:28 GMT

GET
H/1.1 200
OK cybersecurity-fraud-summit-chicago-showcase_image-5-e-298.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 71 KB
71 KB 32ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/cybersecurity-fraud-summit-chicago-showcase_image-5-e-298.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f2e985539ac8a7c0fd8aec7d15494e8e56e5d16bbb58f4170eb773c5a5f32d58

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 27 Sep 2019 20:30:17 GMT
ETag: b4fd29a2fb7c17308d1ffaca8157f320
Content-Type: image/jpeg
X-Timestamp: 1569616216.50427
Cache-Control: public, max-age=34223
Content-Length: 72247
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txefef417bc1a44cc695dc9-005dc30201dfw1
Expires: Wed, 05 Feb 2020 03:51:14 GMT

GET
H/1.1 200
OK 2020-cybersecurity-fraud-summit-seattle-showcase_image-3-e-300.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 111 KB
111 KB 60ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-cybersecurity-fraud-summit-seattle-showcase_image-3-e-300.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e631af6a9f1f8dfdd15b7441060b55d97bf2ee943cbdeaf455bac9ccd2a8b79c

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 27 Sep 2019 20:36:56 GMT
ETag: e71d3217af393f4d62cf9d0352bfbb4f
Content-Type: image/jpeg
X-Timestamp: 1569616615.67236
Cache-Control: public, max-age=26995
Content-Length: 113752
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txddd9a07e5840460dbcc67-005de5f560dfw1
Expires: Wed, 05 Feb 2020 01:50:46 GMT

GET
H/1.1 200
OK 2020-cybersecurity-summit-bengaluru-showcase_image-10-e-299.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 56 KB
56 KB 65ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-cybersecurity-summit-bengaluru-showcase_image-10-e-299.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b5e9d7b83ee59fd4831ec4b6b4bb387abeaa6be304bb4071a7c09869c30569ff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 27 Sep 2019 20:33:43 GMT
ETag: d7f1bf15d961ffe53e9c3a17b193b9d1
Content-Type: image/jpeg
X-Timestamp: 1569616422.26815
Cache-Control: public, max-age=35545
Content-Length: 57204
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5a15ff519e3d40c1970bf-005dd627dbdfw1
Expires: Wed, 05 Feb 2020 04:13:16 GMT

GET
H/1.1 200
OK 2020-healthcare-security-summit-new-york-showcase_image-7-e-301.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 81 KB
81 KB 54ms
39ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/2020-healthcare-security-summit-new-york-showcase_image-7-e-301.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 471d1b98d4dcda9bc6bafb244adf0e6a3f85c62dd219e0bc3d47256dd3c852d7

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 27 Sep 2019 20:39:21 GMT
ETag: e867c4b9925ec56a280f44919afe0d19
Content-Type: image/jpeg
X-Timestamp: 1569616760.64682
Cache-Control: public, max-age=62039
Content-Length: 82476
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx7e8528d183b24132927e2-005dd8041edfw1
Expires: Wed, 05 Feb 2020 11:34:50 GMT

GET
H/1.1 200
OK best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 158 KB
158 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 21 Aug 2019 16:07:31 GMT
ETag: ac5ec7485b98a4e425694526cac66c60
Content-Type: image/jpeg
X-Timestamp: 1566403650.23177
Cache-Control: public, max-age=34431
Content-Length: 161648
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx14bc1baa79fc46d3892d5-005dd85410dfw1
Expires: Wed, 05 Feb 2020 03:54:42 GMT

GET
H/1.1 200
OK zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 135 KB
136 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 28 Jun 2019 20:21:33 GMT
ETag: dd5032aff4d05ed19b21dbe830b01316
Content-Type: image/jpeg
X-Timestamp: 1561753292.90767
Cache-Control: public, max-age=34587
Content-Length: 138422
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx8d12335559c949e286f17-005dd85774dfw1
Expires: Wed, 05 Feb 2020 03:57:18 GMT

GET
H/1.1 200
OK reducing-risk-now-showcase_image-7-w-2052.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 134 KB
134 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/reducing-risk-now-showcase_image-7-w-2052.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 971f0c03a1e63271a19b7de81d084c6acf81e7506dae8b31a0c6587c6ddf6a34

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 28 Jun 2019 20:15:01 GMT
ETag: 79f8120d6bfab756d31e5f38dbdd523c
Content-Type: image/jpeg
X-Timestamp: 1561752900.06505
Cache-Control: public, max-age=28176
Content-Length: 136753
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txd5ef3a7e94304cc688be4-005dd85773dfw1
Expires: Wed, 05 Feb 2020 02:10:27 GMT

GET
H/1.1 200
OK using-ai-to-proactively-address-third-party-risk-showcase_image-4-a-12929.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 350 KB
350 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/using-ai-to-proactively-address-third-party-risk-showcase_image-4-a-12929.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0dacb3c9eab137eff23c77ccca27a38fa7f29e27d846c48444108221a212f14e

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 19 Aug 2019 19:35:58 GMT
ETag: 27c5bdd3f1e67def01ab4c7c07241331
Content-Type: image/jpeg
X-Timestamp: 1566243357.66580
Cache-Control: public, max-age=31704
Content-Length: 357996
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txe99989b6eac14c6e8e7e2-005d5afc80dfw1
Expires: Wed, 05 Feb 2020 03:09:15 GMT

GET
H/1.1 200
OK state-api-security-showcase_image-7-a-12928.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 274 KB
274 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/state-api-security-showcase_image-7-a-12928.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5b17fc1b92901f349708614e1cc20b92394f086c9fa4e3b34e4543de18de0f01

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 19 Aug 2019 19:20:34 GMT
ETag: 76230ce1d20e5421754f59689ebc177d
Content-Type: image/jpeg
X-Timestamp: 1566242433.44729
Cache-Control: public, max-age=44869
Content-Length: 280378
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx10bdeb2376e44d73a6cf3-005d5af8cfdfw1
Expires: Wed, 05 Feb 2020 06:48:40 GMT

GET
H/1.1 200
OK effectively-addressing-policy-change-management-showcase_image-2-a-12930.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 271 KB
271 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/effectively-addressing-policy-change-management-showcase_image-2-a-12930.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d6d0fe0c8915e79cf7d4ca670662c9954cb9568da8f2cda3492ccf0a45cb926e

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 19 Aug 2019 19:48:57 GMT
ETag: e20945cc87c0de32d341f9e3038c1462
Content-Type: image/jpeg
X-Timestamp: 1566244136.61807
Cache-Control: public, max-age=61743
Content-Length: 277160
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx09be64ad1ac0470aa264f-005d5affe2dfw1
Expires: Wed, 05 Feb 2020 11:29:54 GMT

GET
H/1.1 200
OK understanding-mindset-attackers-showcase_image-5-a-12907.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 304 KB
304 KB 24ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/understanding-mindset-attackers-showcase_image-5-a-12907.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed83db1f3abc53d2ea744b36e0b41f009de707c0ae4178568611bfea56c1f41a

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 12 Aug 2019 14:41:57 GMT
ETag: a8beedc496d6bdccf54f78938e99da1f
Content-Type: image/jpeg
X-Timestamp: 1565620916.06781
Cache-Control: public, max-age=36019
Content-Length: 310896
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txbbbfc1e8ff8a4a00a33fb-005d517d0fdfw1
Expires: Wed, 05 Feb 2020 04:21:10 GMT

GET
H/1.1 200
OK infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 89 KB
89 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 05 Jul 2019 20:13:34 GMT
ETag: f9dab7917669551bb50361c2dcd43aa7
Content-Type: image/jpeg
X-Timestamp: 1562357613.59432
Cache-Control: public, max-age=27798
Content-Length: 91187
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx9a65f7a711cd41d185e31-005d1fb074dfw1
Expires: Wed, 05 Feb 2020 02:04:09 GMT

GET
H/1.1 200
OK improving-iot-risk-management-showcase_image-10-a-12689.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
61 KB 38ms
38ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 28 Jun 2019 14:04:32 GMT
ETag: 7f5fdd9cf37f980ea13c12c231815e13
Content-Type: image/jpeg
X-Timestamp: 1561730671.53151
Cache-Control: public, max-age=29997
Content-Length: 61807
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx9cb7ab9427404656ad526-005d16294edfw1
Expires: Wed, 05 Feb 2020 02:40:48 GMT

GET
H/1.1 200
OK gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
62 KB 38ms
38ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 25 Jun 2019 19:30:48 GMT
ETag: bba47bed092092a1c82b09a86a3a0e40
Content-Type: image/jpeg
X-Timestamp: 1561491047.60933
Cache-Control: public, max-age=67411
Content-Length: 63007
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txcda89b20c2cf487a8c903-005d1279e2dfw1
Expires: Wed, 05 Feb 2020 13:04:22 GMT

GET
H/1.1 200
OK reinventing-application-security-showcase_image-10-a-12671.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 53 KB
53 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 25 Jun 2019 19:54:35 GMT
ETag: 89521d60b07d7e85acabbf0301821f45
Content-Type: image/jpeg
X-Timestamp: 1561492474.52472
Cache-Control: public, max-age=77484
Content-Length: 54026
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx2cea77591d1f484b913f2-005d127e7fdfw1
Expires: Wed, 05 Feb 2020 15:52:15 GMT

GET
H/1.1 200
OK ta505-apt-group-returns-new-techniques-report-showcase_image-3-a-13678.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 63 KB
63 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ta505-apt-group-returns-new-techniques-report-showcase_image-3-a-13678.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1f5847323d3b11619042259842e9c20bf3362b0e77387b1f046c68dc946487a

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 03 Feb 2020 17:12:23 GMT
ETag: bd9994024aecf58c9b2bcc0b5471c912
Content-Type: image/jpeg
X-Timestamp: 1580749942.56793
Cache-Control: public, max-age=78384
Content-Length: 64559
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txc84e11603d7c428391cf5-005e3866a9dfw1
Expires: Wed, 05 Feb 2020 16:07:15 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 95 KB
28 KB 44ms
44ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4dced00354b099d831f860145bbd0149f99889d4c45632e4d9e849f008123866

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 28838
x-served-by: cache-iad2150-IAD, cache-fra19153-FRA
last-modified: Thu, 09 Jan 2020 22:50:12 GMT
etag: "09356930f7674f04e767f5b1203faeb7+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK ishita-palli-largeImage-10-a-3127.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 62 KB
62 KB 39ms
39ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ishita-palli-largeImage-10-a-3127.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 28f738877414b87571a8eefecdc711156eed8c62fd0c1cf3911c5fbd6fc1d655

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 15 Jan 2020 14:11:09 GMT
ETag: 89adea3fa11c21c39517483de313134a
Content-Type: image/jpeg
X-Timestamp: 1579097468.95440
Cache-Control: public, max-age=43469
Content-Length: 63030
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx3059c17903ab471d8f76c-005e353d06dfw1
Expires: Wed, 05 Feb 2020 06:25:20 GMT

GET
H/1.1 200
OK india-tests-instant-messaging-service-for-government-workers-showcase_image-7-a-13681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 281 KB
281 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/india-tests-instant-messaging-service-for-government-workers-showcase_image-7-a-13681.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 51631cd677e010d6680bd66e595ffa22a11f60cb99310d0efff4b4e298612c4c

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 04 Feb 2020 06:35:41 GMT
ETag: 5e5551bb22a1794bc2e1388d86eaacf0
Content-Type: image/jpeg
X-Timestamp: 1580798140.34567
Cache-Control: public, max-age=45711
Content-Length: 287346
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx3e02c5220f09475c87ff5-005e39170edfw1
Expires: Wed, 05 Feb 2020 07:02:42 GMT

GET
H/1.1 200
OK california-man-pleads-guilty-to-hacking-nintendo-showcase_image-8-a-13684.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 247 KB
247 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/california-man-pleads-guilty-to-hacking-nintendo-showcase_image-8-a-13684.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9d52823d0b996bfd44198743c5403d7d4fecd90ce43b69deff494a412eb271d3

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 04 Feb 2020 16:58:46 GMT
ETag: 728f43868d952f3f070c415816f90e38
Content-Type: image/jpeg
X-Timestamp: 1580835525.05554
Cache-Control: public, max-age=85138
Content-Length: 252823
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txd4d6c7bcc491456aa35c7-005e39b110dfw1
Expires: Wed, 05 Feb 2020 17:59:49 GMT

GET
H/1.1 200
OK trespassing-charges-dropped-against-penetration-testers-showcase_image-10-a-13676.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 155 KB
156 KB 24ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/trespassing-charges-dropped-against-penetration-testers-showcase_image-10-a-13676.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1564e8da4487c6a723525fdecfd79b39c10e5a9284304f6653d9ae5ac30047a0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 03 Feb 2020 01:50:26 GMT
ETag: 6058683eb936e1849e0b2a9d5f767a40
Content-Type: image/jpeg
X-Timestamp: 1580694625.45915
Cache-Control: public, max-age=50220
Content-Length: 159143
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txf707a72b0e1947f0bed54-005e37f7a3dfw1
Expires: Wed, 05 Feb 2020 08:17:51 GMT

GET
H/1.1 200
OK fake-coronavirus-messages-spreading-emotet-infections-showcase_image-2-a-13675.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 152 KB
152 KB 25ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/fake-coronavirus-messages-spreading-emotet-infections-showcase_image-2-a-13675.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e1c494c81d7c1d829f25d286233c813b0edcb8ffff5570cc6065f7569ab84965

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 31 Jan 2020 15:58:49 GMT
ETag: eea4ae2d82473a5ed98d5edcff227cd3
Content-Type: image/jpeg
X-Timestamp: 1580486328.28459
Cache-Control: public, max-age=46448
Content-Length: 155251
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txd1e96984551a4edc9f9f7-005e34535cdfw1
Expires: Wed, 05 Feb 2020 07:14:59 GMT

GET
H/1.1 200
OK cops-bust-3-suspects-in-maltese-bank-hacking-heist-showcase_image-4-a-13674.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 109 KB
109 KB 26ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cops-bust-3-suspects-in-maltese-bank-hacking-heist-showcase_image-4-a-13674.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 32fda3736a10f484f76303c23c73292c469feb06f2fc41f729c49dcc1691e785

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 31 Jan 2020 15:12:19 GMT
ETag: 6b5c1cf6caa60943218770b20b1f5498
Content-Type: image/jpeg
X-Timestamp: 1580483538.02671
Cache-Control: public, max-age=46702
Content-Length: 111114
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txeb14c2c3fe134e1c9dbcd-005e344fe1dfw1
Expires: Wed, 05 Feb 2020 07:19:13 GMT

GET
H/1.1 200
OK security-impact-digital-transformation-showcase_image-5-i-4512.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 70 KB
70 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/security-impact-digital-transformation-showcase_image-5-i-4512.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3c758db64450d9cf3b862e40cce4d5ad74af2ddd62839509ec8c764b588bd39

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 14 Nov 2019 19:34:02 GMT
ETag: 3d658be4ad0af3faaaaced299b29d7b6
Content-Type: image/jpeg
X-Timestamp: 1573760041.02338
Cache-Control: public, max-age=46396
Content-Length: 71226
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx45f688eb6b974ac1b9cfd-005dd402a2dfw1
Expires: Wed, 05 Feb 2020 07:14:07 GMT

GET
H/1.1 200
OK inside-sophos-2020-threat-report-showcase_image-8-i-4499.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 40 KB
40 KB 27ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/inside-sophos-2020-threat-report-showcase_image-8-i-4499.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 619e872fdcf9abb7f34bcf3be667a52df16a4824b13150e5f9aaf0d64a292709

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Tue, 05 Nov 2019 17:14:11 GMT
ETag: b54357984537a2bd0dbd41e3fab729d9
Content-Type: image/jpeg
X-Timestamp: 1572974050.17150
Cache-Control: public, max-age=86295
Content-Length: 40627
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx7b07041915754887852eb-005e39b59adfw1
Expires: Wed, 05 Feb 2020 18:19:06 GMT

GET
H/1.1 200
OK managing-tool-sprawl-showcase_image-8-i-4482.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 106 KB
106 KB 26ms
25ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/managing-tool-sprawl-showcase_image-8-i-4482.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: de1db6996e069ae509b0d73cf144c0d417b651dc4671cfe12339bccdd885b970

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 21 Oct 2019 10:12:42 GMT
ETag: 5cb4c9794f65c324d4cda94dad046efd
Content-Type: image/jpeg
X-Timestamp: 1571652761.44158
Cache-Control: public, max-age=79236
Content-Length: 108301
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx7cdad24894c249c397c51-005e3496bedfw1
Expires: Wed, 05 Feb 2020 16:21:27 GMT

GET
H/1.1 200
OK 2018-threat-predictions-pdf-2-w-4005.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 145 KB
146 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/2018-threat-predictions-pdf-2-w-4005.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b395d4e64733686ffd05cc78428c728e0444bc30a7071a8d4c61fac4200ebbe4

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 26 Jan 2018 17:38:13 GMT
ETag: 4b70cf21c4b2cc37ecae66a863a8a849
Content-Type: image/jpeg
X-Timestamp: 1516988292.68408
Cache-Control: public, max-age=9400
Content-Length: 148752
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txeedf736c78ae42ed8042c-005cd203b5dfw1
Expires: Tue, 04 Feb 2020 20:57:31 GMT

GET
H/1.1 200
OK achieving-forensics-readiness-showcase_image-9-i-4582.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 371 KB
371 KB 28ms
28ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/achieving-forensics-readiness-showcase_image-9-i-4582.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d6f9943835724fba6f2214952f7c47f37c97997e6abc86969d0ca7db5c6779ef

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 22 Jan 2020 07:26:55 GMT
ETag: e7ea5192c342ecce522ac7ff482664f1
Content-Type: image/jpeg
X-Timestamp: 1579678014.41637
Cache-Control: public, max-age=25738
Content-Length: 379937
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txf448856d061d47f3a49f3-005e27faf6dfw1
Expires: Wed, 05 Feb 2020 01:29:49 GMT

GET
H/1.1 200
OK privacy-advocate-tackles-issue-patient-consent-rights-showcase_image-9-i-4589.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 54 KB
55 KB 27ms
27ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/privacy-advocate-tackles-issue-patient-consent-rights-showcase_image-9-i-4589.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a321050e745c1ccbd8c532fd02a1b8e0da1377e0e81fb0d7243350330fac4b80

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 31 Jan 2020 20:01:03 GMT
ETag: 444a6fce3c49570b3d326a1ebfce5b19
Content-Type: image/jpeg
X-Timestamp: 1580500862.54394
Cache-Control: public, max-age=61263
Content-Length: 55731
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txdfd148fa5d1b4ef1954ab-005e348b9cdfw1
Expires: Wed, 05 Feb 2020 11:21:54 GMT

GET
H/1.1 200
OK critical-infrastructure-security-time-for-new-mindset-german-language-showcase_image-9-i-4586.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 62 KB
62 KB 26ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/critical-infrastructure-security-time-for-new-mindset-german-language-showcase_image-9-i-4586.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f11135bf51e08c8cdc68cc528d22eb3bb2d6a2e83e2b6e1866f80f3d0900bc73

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 27 Jan 2020 17:51:05 GMT
ETag: 9a294eb75ed5d1af17a0070afa7a6358
Content-Type: image/jpeg
X-Timestamp: 1580147464.21508
Cache-Control: public, max-age=32213
Content-Length: 63260
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txbcd37e4983e640f6a5c41-005e30784edfw1
Expires: Wed, 05 Feb 2020 03:17:44 GMT

GET
H/1.1 200
OK improving-detection-nation-state-attacks-showcase_image-9-i-4587.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 384 KB
385 KB 27ms
26ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/improving-detection-nation-state-attacks-showcase_image-9-i-4587.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bee93b52bef557cd0c4cc6c202d62baf8b00782bd6375a4ea37141cdee5762ae

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 29 Jan 2020 07:34:55 GMT
ETag: bd3e9a0a771357e671b02c6558e9e5c0
Content-Type: image/jpeg
X-Timestamp: 1580283294.08477
Cache-Control: public, max-age=11892
Content-Length: 393499
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txe27b77a30d0045278f62f-005e315472dfw1
Expires: Tue, 04 Feb 2020 21:39:03 GMT

GET
H/1.1 200
OK sizing-up-todays-deception-technology-showcase_image-2-i-4581.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 63 KB
64 KB 24ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/sizing-up-todays-deception-technology-showcase_image-2-i-4581.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74a523f8705490bec37a51330ea8ce358250aa444f53e7d668855cdf425d0c7b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Mon, 20 Jan 2020 19:51:55 GMT
ETag: a269bc9104b22a6ce7cb575e30be98b6
Content-Type: image/jpeg
X-Timestamp: 1579549914.30659
Cache-Control: public, max-age=65265
Content-Length: 64911
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txae1719842114496caf649-005e260829dfw1
Expires: Wed, 05 Feb 2020 12:28:36 GMT

GET
H/1.1 200
OK tips-on-protecting-hospitals-from-nation-state-attacks-showcase_image-2-i-4583.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 83 KB
83 KB 43ms
24ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/tips-on-protecting-hospitals-from-nation-state-attacks-showcase_image-2-i-4583.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 296611546254974a4079d89a7deee7d292c225f8c5b5917c193f0bea603806ee

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Wed, 22 Jan 2020 19:58:21 GMT
ETag: a18657e219356a580e0e36bfa860bb82
Content-Type: image/jpeg
X-Timestamp: 1579723100.47660
Cache-Control: public, max-age=74683
Content-Length: 84761
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txb9ec6bb65aec4d63a6411-005e28acaedfw1
Expires: Wed, 05 Feb 2020 15:05:34 GMT

GET
H/1.1 200
OK logo-ismg-with-text.png
www.bankinfosecurity.co.uk/images-responsive/ 4 KB
4 KB 135ms
135ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankinfosecurity.co.uk/images-responsive/logo-ismg-with-text.png
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4175

GET
H/1.1 200
OK logo-ismg-print.png
www.bankinfosecurity.co.uk/images-responsive/ 5 KB
6 KB 134ms
134ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bankinfosecurity.co.uk/images-responsive/logo-ismg-print.png
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5598

GET
H/1.1 200
OK ondemand-preview-w-255.jpg
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 56 KB
57 KB 89ms
39ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 05 Jul 2013 12:55:26 GMT
ETag: 7aece0902995efedc289b7c24037434b
Content-Type: image/jpeg
X-Timestamp: 1373028925.94439
Cache-Control: public, max-age=813
Content-Length: 57633
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx7b9b5412d7184498bd035-005e396be6dfw1
Expires: Tue, 04 Feb 2020 18:34:24 GMT

GET
H/1.1 200
OK ron-ross-smallImage-a-558.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 10 KB
11 KB 29ms
29ms Image
image/jpeg 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ron-ross-smallImage-a-558.jpg
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 01 Nov 2013 13:09:25 GMT
X-Serial: 4845
X-Akamai-Pragma-Client-IP: 10.247.179.207, 213.215.134.141
ETag: fac8c56390d084c4f1dfaa9b24a58c33
Content-Type: image/jpeg
X-Check-Cacheable: YES
X-Timestamp: 1383311364.81114
Cache-Control: public, max-age=27768
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10640
X-Trans-Id: tx0a5e72d258ab47b79d537-005d0322d5dfw1
Expires: Wed, 05 Feb 2020 02:03:39 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/modernizr.j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Sat, 01 Feb 2020 00:22:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 323904
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:22:27 GMT

POST
H/1.1 200
OK ismg-user-ip Show response
worker.ismgcorp.com/ 15 B
407 B 555ms
147ms XHR
text/html 104.130.251.6
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.ismgcorp.com/ismg-user-ip
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.130.251.6 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 6014df0f686fb7955d4e60152afa174b5c133c20a27be8ae3935d2d789a612df

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 33

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5317610f9f8e55dc24581c9a4a78d24e069459905b51f2c0a0da5562b2e37a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "419 / 885 of 1000 / last-modified: 1580766148"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16327
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:51 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 33ms
33ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6c9094cac8fa542195988d92ed1705cf5c88cea911f55a85711ad27006041e75

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 02:58:58 GMT
Server: Apache
ETag: "84c4b4b08c71ce1110818e8853f50222:1580180338"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 768

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 54 KB
20 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXXVMJ

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c08774f3ce229e33b05e66e1a55f6d3051f03fc0926293b43ca45ec6b0cd517

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20534
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Feb 2020 18:20:51 GMT

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 24ms
24ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=9577
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Wed, 22 Jan 2020 14:24:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1137354
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Thu, 21 Jan 2021 14:24:57 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.bankinfosecurity.co.uk/css-responsive/fonts/ 43 KB
44 KB 135ms
134ms Font
application/font-woff 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/css-responsive/vendor/font-awesome.min.css
Origin: https://www.bankinfosecurity.co.uk

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Thu, 30 Jan 2020 20:44:22 GMT
Server: Apache
ETag: "ad90-59d6185a13d97"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 44432

GET
H/1.1 200
OK main.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/ 37 KB
9 KB 129ms
129ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/main.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 25db638a310cc93e2f8bb79e668b4d9bc9a10eb36ccea53210b5d5a1b0f15056

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8893

GET
H/1.1 200
OK bis-hdr.r1.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/ 1 KB
766 B 127ms
127ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/bis-hdr.r1.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 455

GET
H/1.1 200
OK jquery.browser.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/ 2 KB
1 KB 134ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/jquery.browser.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1022

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/ 24 KB
7 KB 136ms
136ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/jquery.prettyPhoto.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6459

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Wed, 22 Jan 2020 14:14:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 1137990
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Thu, 21 Jan 2021 14:14:21 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Wed, 22 Jan 2020 14:33:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1136815
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Thu, 21 Jan 2021 14:33:56 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Tue, 04 Feb 2020 06:22:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:56 GMT
server: sffe
age: 43076
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9744
x-xss-protection: 0
expires: Wed, 03 Feb 2021 06:22:55 GMT

GET ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 0
0

GET
H/1.1 200
OK embed.js Show response
bankinfosecurity.disqus.com/ 66 KB
22 KB 23ms
23ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinfosecurity.disqus.com/embed.js

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

f550a58bd250bbd76f4e594533b42a611b1b380aa2e724c570b7bb9496f538a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: openresty
Age: 39
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22194

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 1941
date: Tue, 04 Feb 2020 17:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Tue, 04 Feb 2020 19:48:30 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 39ms
39ms Script
application/javascript 52.215.103.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?412020
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9c6af299685617864c257472040f437ef951afec994720a24781931cc3527017

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Feb 2020 06:30:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=43807
Connection: keep-alive
Content-Length: 11933
Expires: Wed, 05 Feb 2020 06:30:58 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:10c:38f::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:38f::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=55863
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2

200

livechat.ashx Show response
vue.comm100.com/
Redirect Chain

https://chatserver.comm100.com/livechat.ashx?siteId=92035
https://vue.comm100.com/livechat.ashx?siteId=92035

990 B
678 B

193ms
193ms

Script
application/x-javascript

104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vue.comm100.com/livechat.ashx?siteId=92035
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fe22e1de38d017229acd5f79c996496ced9db6983f125973821f1092b4430bc9

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store
cf-ray: 55fea9397ad39cc3-AMS
content-length: 515

Redirect headers

date: Tue, 04 Feb 2020 18:20:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://vue.comm100.com/livechat.ashx?siteId=92035
content-type: text/html; charset=UTF-8
status: 301
cf-ray: 55fea937e8799cc3-AMS
content-length: 173

GET
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.co.uk/ 3 KB
1 KB 149ms
148ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/ajax.php?json=twitterWidget
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 6a211e51a9f17ce825197fb2e70d01b2031476738f3ba7114960db1fcda6029a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fd21f630b72165e/ 27 B
207 B 30ms
29ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fd21f630b72165e/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=21, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 47

GET
H/1.1 206
Partial Content ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 3 MB
0 50ms
40ms Media
video/mp4 23.210.249.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Last-Modified: Fri, 05 Jul 2013 12:56:36 GMT
X-Trans-Id: txa8501aac39eb4181b1a8c-005c769461dfw1
ETag: e5d65b36cc2f1ee7de6cc53cd6609280
Content-Type: video/mp4
Content-Range: bytes 0-10621769/10621770
X-Timestamp: 1373028995.98411
Cache-Control: public, max-age=826
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10621770
Expires: Tue, 04 Feb 2020 18:34:37 GMT

GET
H2 200 widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html
platform.twitter.com/widgets/ Frame 3D05 0
0 24ms
24ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=https%3A%2F%2Fwww.bankinfosecurity.co.uk
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=https%3A%2F%2Fwww.bankinfosecurity.co.uk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Response headers

status: 200
last-modified: Thu, 09 Jan 2020 22:38:16 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "4b563298f37eb3ef2a2f8897be83c714+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Feb 2020 18:20:51 GMT
x-served-by: cache-iad2141-IAD, cache-fra19153-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bankinfosecurity.co.uk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bankinfosecurity.co.uk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020020307.js Show response
securepubads.g.doubleclick.net/gpt/ 166 KB
61 KB 32ms
32ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020307.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

f07978e99d456e9d30a23f45944e770f90140a3dcd96ade741b52244a4f7f0f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Feb 2020 16:57:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61889
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:51 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 15ms
14ms Image
image/gif 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1996624169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&ul=en-us&de=UTF-8&dt=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1178551264&gjid=452554839&cid=757602922.1580840452&tid=UA-212197-14&_gid=1327804946.1580840452&_r=1&z=1608163361

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1996624169&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&ul=en-us&de=UT...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-212197-36&cid=757602922.1580840452&jid=1296520738&_gid=1327804946.1580840452&gjid=60782760&_v=j80&z=1338290715

35 B
102 B

14ms
14ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-212197-36&cid=757602922.1580840452&jid=1296520738&_gid=1327804946.1580840452&gjid=60782760&_v=j80&z=1338290715

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 04 Feb 2020 18:20:51 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-212197-36&cid=757602922.1580840452&jid=1296520738&_gid=1327804946.1580840452&gjid=60782760&_v=j80&z=1338290715
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
101 B 6ms
6ms Image
image/gif 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=1996624169&t=event&_s=2&dl=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&ul=en-us&de=UTF-8&dt=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IEDAAEAB~&jid=&gjid=&cid=757602922.1580840452&tid=UA-212197-14&_gid=1327804946.1580840452&z=1814668031

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 05:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1167673
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/156/ 9 KB
5 KB 26ms
26ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/156/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 20:22:41 GMT
Server: Apache
ETag: "24e78e4d5137c385c6e3393d80cfd6bf:1568751761"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4198
Expires: Thu, 14 May 2020 18:20:51 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&time=1580840451904
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26url%3Dhttps%253A%252F%252Fwww.bankinfosecurity.co.uk%252Fta505-apt-group-re...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&time=1580840451904&liSync=true

0
63 B

123ms
123ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&time=1580840451904&liSync=true
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: rg31/gNG8BUQjJeN8SoAAA==

Redirect headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: q9xm+ANG8BWwAKQ62ioAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&time=1580840451904&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 lounge.15d8f2a22cfa6b9f96345c682b01a08f.css
c.disquscdn.com/next/embed/styles/ 0
21 KB 32ms
32ms Other
text/css 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.15d8f2a22cfa6b9f96345c682b01a08f.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1621738
cf-ray: 55fea9386b66bf00-FRA
status: 200
vary: Accept-Encoding
content-length: 21564
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Jan 2020 23:42:40 GMT
server: cloudflare
etag: "5e20f4f0-543c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Jan 2021 23:51:50 GMT

GET
H2 200 common.bundle.0d424497492a7a96477653dedbd1462f.js
c.disquscdn.com/next/embed/ 0
89 KB 21ms
20ms Other
application/javascript 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.0d424497492a7a96477653dedbd1462f.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1187661
cf-ray: 55fea9386b67bf00-FRA
status: 200
vary: Accept-Encoding
content-length: 90457
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jan 2020 23:00:01 GMT
server: cloudflare
etag: "5e223c71-16159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jan 2021 17:16:36 GMT

GET
H2 200 lounge.bundle.a0b0b564b806112a1c4571475f829256.js
c.disquscdn.com/next/embed/ 0
108 KB 34ms
34ms Other
application/javascript 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.a0b0b564b806112a1c4571475f829256.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1103679
cf-ray: 55fea9386b69bf00-FRA
status: 200
vary: Accept-Encoding
content-length: 110530
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jan 2020 21:42:27 GMT
server: cloudflare
etag: "5e28c1c3-1afc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jan 2021 23:41:58 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
6 KB 20ms
20ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 04 Feb 2020 18:20:51 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 43
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 5420
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 733 B
1 KB 53ms
53ms Script
application/javascript 52.215.103.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&pv=1580840451916_mjl9gmjdl&bl=en-us&cb=2798829&return=&ht=&d=&dc=&si=1580840451916_mjl9gmjdl&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?412020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ed7ac2e37569aba59fc880364f39f61cdc4015998ab25fb7b6be594c05002482

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 18:20:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 503
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
481 B 182ms
182ms Script
application/javascript 52.55.162.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=412020
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?412020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.162.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-162-167.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Wed, 05 Feb 2020 18:20:52 GMT

GET
H2 200 moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js Show response
platform.twitter.com/js/ 24 KB
8 KB 29ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 636dbf4f87fa130596fdb491938e4ad2b693b397139ba7f8d2a34b738a494078

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7937
x-served-by: cache-iad2120-IAD, cache-fra19153-FRA
last-modified: Thu, 09 Jan 2020 22:38:02 GMT
etag: "352656b32c7e3a4e623687d598b66f66+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet.2d3dab8467c8e4cdce5682bb8dbbe4cd.js Show response
platform.twitter.com/js/ 17 KB
6 KB 109ms
109ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.2d3dab8467c8e4cdce5682bb8dbbe4cd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 87c40d1935f1b97602939d59a8bb89f9c4453f04db5af06fad9eae9a9f73b45c

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 5738
x-served-by: cache-iad2148-IAD, cache-fra19153-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "f236198db47744d3d5115002e9724381+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 pjDpsSuy_normal.jpg
pbs.twimg.com/profile_images/912139555050008576/ 2 KB
2 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/912139555050008576/pjDpsSuy_normal.jpg

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

088751f3fa0be4e220ba2d1a7df5ead4150e7e900a3c66b3b6b5afcdca31f960

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
x-content-type-options: nosniff
age: 102928
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/5 profile_images/912139555050008576
last-modified: Mon, 25 Sep 2017 02:17:51 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 289bba2adf59bcba033e3956f8d02a00
accept-ranges: bytes

GET
H2 200 c6c1c2570fc7b9711dd8de812b996a66_normal.jpeg
pbs.twimg.com/profile_images/3326137784/ 897 B
943 B 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3326137784/c6c1c2570fc7b9711dd8de812b996a66_normal.jpeg

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

82a58e0e078e4b2c3bf00ad5bd49e0c85096159f95e92e3c6bdc1c4596efa991

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:51 GMT
x-content-type-options: nosniff
age: 93437
x-cache: HIT
status: 200
content-length: 897
x-response-time: 3767
surrogate-key: profile_images profile_images/bucket/4 profile_images/3326137784
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/40F7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0941a886cd3b7d416d56e493e97e5145
accept-ranges: bytes

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
11 KB 164ms
164ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=467058776986644&correlator=2508286932972236&output=ldjh&impl=fifs&adsid=NT&eid=21065505%2C21062452%2C21062888%2C21064169%2C21065390%2C21065304&vrg=2020020307&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200204&iu_parts=4444691%2CBIS_CO_UK_TOP_728x90%2CBIS_CO_UK_MID_RB_300x250%2CBIS_CO_UK_MID_RB_2_300x250%2CBIS_CO_UK_MID_RB_3_300x250%2CBIS_CO_UK_MID_RB_300x600%2CBIS_CO_UK_MID_L_180x150%2CBIS_CO_UK_MID_R_180x150%2CBIS_CO_UK_MID2_L_180x150%2CBIS_CO_UK_MID2_R_180x150%2CBIS_CO_UK_TEXT_1%2CBIS_CO_UK_TEXT_2%2CBIS_CO_UK_BOTTOM_728x90%2CBIS_CO_UK_MID_728x90%2CBIS_CO_UK_Interstitial%2CBIS_CO_UK_TOP_320x50%2CBIS_CO_UK_BOTTOM_320x50%2CBIS_CO_UK_MID_320x50%2CBIS_CO_UK_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B416%252C409%252C467%252C399%252C477%252C476%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1580840452&dt=1580840452016&dlt=1580840450515&idt=1483&frm=20&biw=1585&bih=1200&oid=3&adxs=608%2C1018%2C1018%2C-9%2C1003%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C15%2C-9%2C-9%2C-12245933%2C-12245933%2C-9%2C-12245933&adys=71%2C587%2C3865%2C-9%2C2040%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C4258%2C-9%2C-9%2C-12245933%2C-12245933%2C-9%2C-12245933&adks=765058253%2C1922468332%2C2965664516%2C3956713863%2C2937188628%2C84061472%2C560071136%2C2150462234%2C1690656304%2C387703217%2C2927848352%2C2462972772%2C3517166038%2C2242558558%2C1010796744%2C1835964728%2C1952235500%2C1540394969&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678&dssz=68&icsg=52776542044415&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x90%7C360x0%7C360x0%7C0x-1%7C390x595%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1585x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C780x3894&msz=770x90%7C360x250%7C360x250%7C0x-1%7C390x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1555x90%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C236x64&ga_vid=757602922.1580840452&ga_sid=1580840452&ga_hid=1996624169&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C128%2C128%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

049c8258f53ed90ce6337a9c2f6274ab60683c00e39c22f8b39b67f2e017f477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11270
x-xss-protection: 0
google-lineitem-id: 5267923391,5267923391,5267923391,-2,5267923391,-2,-2,-2,-2,-2,-2,5267923391,5267923391,5225344307,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138300477523,138300122435,138300122381,-2,138300122384,-2,-2,-2,-2,-2,-2,138300477550,138300111476,138294589902,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bankinfosecurity.co.uk
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020020307.js Show response
securepubads.g.doubleclick.net/gpt/ 65 KB
24 KB 32ms
31ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

ac7126a7b4878ecdb17a639f2fbd497a572ba866546d953024bd1cb62a963add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Feb 2020 16:57:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24592
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:52 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020307.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
303 B 165ms
165ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1580840452057&_mchCn=&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.co.uk-1580840452056-59113&_mchHo=www.bankinfosecurity.co.uk&_mchPo=&_mchRu=%2Fta505-apt-group-returns-new-techniques-report-a-13678&_mchPc=https%3A&_mchVr=156&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/156/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Feb 2020 18:20:52 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 4be5c5fc-e093-4e6a-829f-9bb166b7f296
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
303 B 332ms
165ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1580840452057&_mchRu=%2Fta505-apt-group-returns-new-techniques-report-a-13678&_mchQp=cat%3D416%26cat%3D409%26cat%3D467%26cat%3D399%26cat%3D477%26cat%3D476%26assetID%3D13678%26assetType%3Darticle%26key%3Dta505%26key%3Devil%20corp%26key%3Dmicrosoft%26key%3Dhtml%26key%3Dmalware%26key%3Dtrojan%26key%3Dbanking%26key%3Dexcel%26key%3Dphishing%26key%3D&_mchId=051-ZXI-237&_mchTk=_mch-bankinfosecurity.co.uk-1580840452056-59113&_mchHo=www.bankinfosecurity.co.uk&_mchPo=&_mchPc=https%3A&_mchVr=156&_mchRe=https%3A%2F%2Fwww.bankinfosecurity.co.uk%2Fta505-apt-group-returns-new-techniques-report-a-13678
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/156/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Feb 2020 18:20:52 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: c953b935-2f1b-4a86-8a89-a73dd36e6b9e
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame E1C1 0
0 134ms
134ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fta505-apt-group-returns-new-techniques-report-a-13678&t_d=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&t_t=TA505%20APT%20Group%20Returns%20With%20New%20Techniques%3A%20Report&s_o=default

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 03 Feb 2020 18:12:41 GMT
ETag: W/"lounge:view:7851266741.35636223876f7be2affe347ea131d5b8.2"
Content-Encoding: gzip
Content-Length: 2655
Date: Tue, 04 Feb 2020 18:20:52 GMT
Age: 3
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=3607953467828600918&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=3607953467828600918%26eid=50056
https://ml314.com/csync.ashx?fp=joUkJx99999Y8MkK&person_id=3607953467828600918&eid=50056

43 B
312 B

52ms
38ms

Image
image/gif

52.215.103.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=joUkJx99999Y8MkK&person_id=3607953467828600918&eid=50056
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:52 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 05 Feb 2020 13:20:52 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=joUkJx99999Y8MkK&person_id=3607953467828600918&eid=50056
Date: Tue, 04 Feb 2020 18:20:52 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: d2a4
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3607953467828600918
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwNzk1MzQ2NzgyODYwMDkxOBAAGg0IhOzm8QUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=e5941459e8d61bb13f21c127cbb714f9f84f938eacfc01800c3e35d59ff683bcf4cb09cee1a4f8eb&person_id=3607953467828600918&eid=50082

43 B
312 B

37ms
37ms

Image
image/gif

52.215.103.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=e5941459e8d61bb13f21c127cbb714f9f84f938eacfc01800c3e35d59ff683bcf4cb09cee1a4f8eb&person_id=3607953467828600918&eid=50082
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 05 Feb 2020 13:20:52 GMT

Redirect headers

date: Tue, 04 Feb 2020 18:20:52 GMT
via: 1.1 google
location: https://ml314.com/csync.ashx?fp=e5941459e8d61bb13f21c127cbb714f9f84f938eacfc01800c3e35d59ff683bcf4cb09cee1a4f8eb&person_id=3607953467828600918&eid=50082
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 307
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b5dcf3b1-f845-40b2-8e3b-462cb4bcbc7d
https://ml314.com/csync.ashx?fp=b5dcf3b1-f845-40b2-8e3b-462cb4bcbc7d&person_id=3607953467828600918&eid=53819

43 B
312 B

92ms
38ms

Image
image/gif

52.215.103.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=b5dcf3b1-f845-40b2-8e3b-462cb4bcbc7d&person_id=3607953467828600918&eid=53819
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 05 Feb 2020 13:20:52 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 18:20:51 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://ml314.com/csync.ashx?fp=b5dcf3b1-f845-40b2-8e3b-462cb4bcbc7d&person_id=3607953467828600918&eid=53819
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Wed, 05 Feb 2020 13:20:52 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3607953467828600918
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3607953467828600918
https://ml314.com/csync.ashx?fp=a62498fdb01876133a27810bd064c15&eid=50146&person_id=3607953467828600918

43 B
312 B

97ms
38ms

Image
image/gif

52.215.103.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=a62498fdb01876133a27810bd064c15&eid=50146&person_id=3607953467828600918
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.103.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-103-126.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Wed, 05 Feb 2020 13:20:52 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 18:20:52 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=a62498fdb01876133a27810bd064c15&eid=50146&person_id=3607953467828600918
Cache-Control: no-cache
X-Server: 10.45.18.182
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2AE3T6JKS2r67R5-kxCdUorHKATpS1tTnej64Q42BSsk&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=2AE3T6JKS2r67R5-kxCdUorHKATpS1tTnej64Q42BSsk&person_id=3607953467828600918&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
440 B

27ms
27ms

Image
image/gif

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:52 GMT
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Tue, 04 Feb 2020 18:20:51 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Wed, 05 Feb 2020 13:20:52 GMT

POST
H/1.1 200
OK ajax.php Show response
www.bankinfosecurity.co.uk/ 5 B
388 B 144ms
143ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/ajax.php?json=notificationCookies&action=getNotifications
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/vendor/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: */*
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 18:20:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
147 B 140ms
140ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1580840452111%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Tue, 04 Feb 2020 18:20:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 42ca6085d893a08c462442e43047706d
x-transaction: 00a95a37008dfb0e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 tweets.json Show response
cdn.syndication.twimg.com/ 6 KB
2 KB 6ms
6ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1222995250911703041&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0100

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

fcd6f1bd81be4eff0d82bfcdda2e1de83f8af54f1b5b6f801415b0d98261fc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
x-cache: HIT
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 1567
x-xss-protection: 0
x-response-time: 129
last-modified: Tue, 04 Feb 2020 18:20:13 GMT
server: ECS (fcn/4196)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=60
x-connection-hash: 37eb354cd03db88504c333fa8c96df0b
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 007ef49b00f9bd9e
expires: Tue, 04 Feb 2020 18:21:52 GMT

GET
H2 200 tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
11 KB 23ms
23ms Stylesheet
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5a9b0bcc0e7274386f0f560595519d66ee86bfccf57e76f2e59a6985091fa3a2

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 11516
x-served-by: cache-iad2133-IAD, cache-fra19153-FRA
last-modified: Tue, 10 Dec 2019 23:44:43 GMT
etag: "7a92a961c027712f349e184a0eafdd76+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 25ms
24ms Image
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 11516
x-served-by: cache-iad2133-IAD, cache-fra19153-FRA
last-modified: Tue, 10 Dec 2019 23:44:43 GMT
etag: "7a92a961c027712f349e184a0eafdd76+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7620
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7150
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 16:13:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e98551560828916"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 16:13:52 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 1039 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 1039 91 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
DATA 200
OK truncated
/ Frame 1039 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 164c56fde3ebabd25078f4bef2de5db8c47c435709ea98079973f4abb12fb99a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 3C2B 200 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 3C2B 91 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
DATA 200
OK truncated
/ Frame 3C2B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 739842ce8749784c974b2f939ac47192e7b7886144806244a2bd4a0c5c238a15

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame B78B 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame B78B 91 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
DATA 200
OK truncated
/ Frame B78B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea78d8ab466df0989f36ac7160f06f218f55b37a7faddf8db4a984aaeb1aef74

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 10F7 200 KB
55 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 10F7 91 KB
27 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
DATA 200
OK truncated
/ Frame 10F7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2e3dd3e090aab6d1ba5014564b3d376454c3f2cbfdc180919475a5be2029120

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14756167690236955475
tpc.googlesyndication.com/simgad/ Frame 1039 90 KB
90 KB 10ms
10ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14756167690236955475

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772ae83ce510fd881c277e08a0415187b430848b34d39b7eb7469f957414ff9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:12 GMT
x-content-type-options: nosniff
age: 40
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92259
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 18:20:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1039 0
290 B 34ms
34ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0mae-cpcIhxEYzzlfscClHEhDnxk1l1UBlOVAB7dG-5VnNGp7qtUEE7s0MltoRTpaEHvqk9q9rW9Opn8Etgx6ucQ4SpOhP6qY7BdAdBjNiq7JD6Go2gv4rJ36ztfh0Hl2MK59Cl-LVOlKlWqIENb_y-BtFU2XWZ6YknFNbQtI1e6XU22R7FKQi2D9_Azg2X3PoSjYyyoZ0HdX7V3gW6ZrRXotJM5EbwpBw5GqFNE3P5ebPseELRaBIDEiqxWgBtGxyRum1GOjC8QWidUd9iZsk1LE58zL1g&sai=AMfl-YRdzaixGDJxgJXNjz4BmVImBXSocO1EdRBwN8Kb1FsJ3ApgCy48mAmr6SY_-_Qvzj4yVpmSqPy6B6hDDrEmIBftyx36V00p6KN-x7mY&sig=Cg0ArKJSzKmI1IEEu-ckEAE&adurl=

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:52 GMT

GET
H2 200 11197045690106090954
tpc.googlesyndication.com/simgad/ Frame 3C2B 103 KB
103 KB 11ms
11ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11197045690106090954

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13a0be3e536500c04ddc0fc297f913ff12c82417d69201f4ecbf20bcd9a21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 09:56:12 GMT
x-content-type-options: nosniff
age: 30280
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 105779
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 09:56:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C2B 0
290 B 33ms
33ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxu9SD5owFb6-nqKAtaD4W9gQzOOq-96hE573ujlld4OZaIRUGq595b6Y7GZmtrJhhqVhmDu9j_CAYFBhsXm7gs3q2gNed8GkiPLJ5L-HKy_qSM6OFRrcIUekchsMwLkmb3Ku0-6Lq3r9SULrOq2HyNMQr_cfy6VOhYp3RRmRhN44aT2wnRP8i3DtefqlX2K1ipokRq8F_eD3lcLtIhJm_I7IUG6lbswQ0Zl4ySMlVkzLV_VSY0rOZHJowAcfiiVkFiM2RPyoVTYcB0KNAdNZgZjabDVTAxOa5O_E&sai=AMfl-YQ8EzFqP9h0Abn8sTp8t30MVPytZBvjT79LK4eQnFVLz3HhvI0c2EYDP9rtT0f-cQnOD7LZSCMkp40pKt45oJeE6AnR7FfhmptWgcNn&sig=Cg0ArKJSzOzAWCeBT-39EAE&adurl=

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:52 GMT

GET
H2 200 11197045690106090954
tpc.googlesyndication.com/simgad/ Frame B78B 103 KB
103 KB 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11197045690106090954

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13a0be3e536500c04ddc0fc297f913ff12c82417d69201f4ecbf20bcd9a21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 09:56:12 GMT
x-content-type-options: nosniff
age: 30280
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 105779
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 09:56:12 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B78B 0
280 B 35ms
35ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSOP1yNLBM7lMGJQP4vHI3NWmvMQVOsHu3nq8RgESuV5JOQQroiSsWlvJ3v5lekQX903a-_kFsZ_sLK29e_g1rxtJUgV5jWG02prVjbzQMqSSym-UbP1vJm3N1VJKZ817uAq8ICPdoK_h3KubcKUQeU9ALESsYusDpXYyXoga7hRXiLDbSuNud7f5-kROPowrIjpX808zWc_4r93esLZsUqcrm45DldtRUkyDt60WHbKgW_wXBOSnT5oUB--LuNmk25gyddQ9hIy8uQgW7u0ep5rLHsNqW8g0mGNZg0w&sai=AMfl-YTbrGR_iLkc5BDZjtSVCWkfUA5_qCr_342WE24xnTz6-4CzSkw7KPxBVXJKExzO2UDXfVCsX8SwGjPUp6P-g_HXBvbSc4nDTb4W5goQ&sig=Cg0ArKJSzMiSSIpotoE0EAE&adurl=

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:52 GMT

GET
H2 200 12241931125343737580
tpc.googlesyndication.com/simgad/ Frame 10F7 176 KB
177 KB 9ms
9ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12241931125343737580

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d359cb09ae8c61b3714d8e17fc42f68004b2daab62b6c1e8e8def189e5ee4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 08:11:17 GMT
x-content-type-options: nosniff
age: 209375
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 180633
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Feb 2021 08:11:17 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 10F7 0
280 B 34ms
34ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuTMuwKDJy2tvCHDYlsej4QO-uHoxe8pGDMnsOvldArkOW-91pLtVIm4vGYsTCn5ynjYlpNvp0bTiMRq92cC3DBs3zpAwrKR2Q8lzvBZoJaLcCeqFEpwnHTmjKiY7Db9bj8EmeSX6zqf9hg_2eGoG8CZ4eKx0PoS_lyWqYd-3GacEgaYoeX9fKOGRDVoQq5mMJUI_s229LMIc9x4NZCiQVx4ihwycyKW4KhAC3tSxeXmorscY9g04Ehe9M2XI6uFQvhv3N1twxECHtP_mru5qNCVtzjrJnqfxhj0E&sai=AMfl-YTsFqzOmA91LmNQx0FaNJO8AY2EIWk9yyhqNrwi4w_IDtJhQy6fOpABMBUk8cHr2tFH7zkBPV7mBaXA7K7puvkkjHZiQ0bm9ZO-IDoN&sig=Cg0ArKJSzMoZc6VSA9JZEAE&adurl=

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 04 Feb 2020 18:20:52 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 16ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=467058776986644&r=180x150&w=180&h=150

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=467058776986644&r=728x90&w=728&h=90

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 8CE4 200 KB
55 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 8CE4 91 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13923
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Tue, 04 Feb 2020 14:28:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 14:28:49 GMT

GET
H2 200 14756167690236955475
tpc.googlesyndication.com/simgad/ Frame 8CE4 90 KB
90 KB 6ms
5ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14756167690236955475

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772ae83ce510fd881c277e08a0415187b430848b34d39b7eb7469f957414ff9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 08:24:13 GMT
x-content-type-options: nosniff
age: 467799
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92259
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jan 2021 08:24:13 GMT

GET
DATA 200
OK truncated
/ Frame 8CE4 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25ba71d2b3eb06c9b6c24e04f52398350fd748819779be959ce88a4babf8b65a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=467058776986644&r=320x50&w=320&h=50

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CE4 0
48 B 38ms
37ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4_5qVs1-6FM2yPc-5jNko8kKN-iLDEq7MDPvxCp7crx6-Vx7NhMGJyUMR7BhYLqgQXq56eLa5D8f_W4YpfKnrGyy3aoEgmXnBFQ0NzLTTqo6I7fUjPTIQSax6HJWuwSW4EgTHgif6fZ9p7-Xt6HPSBHZBnJ8BKVbCdEDzUGAbUj1RfuWkIV97JuQPd5NkLIHNW7UH-yUSYgSeGT2WrJXolJdLOKRtar-glL4_ujdUrAOXNvmE9sRfu851JCS8XFOysRornwyv9CDxVdaGqf-tAYdWmt29ooGCSA&sai=AMfl-YTyrN7822wRZ5Vtf3W2I4XzS6j6h8Lq1FYZxfp7qad49iP1In6fx-oq4nEMnOHpNEcS1g8sa5Sq9woiNhOgE-2vfdcTupTCSjb0Rvz0&sig=Cg0ArKJSzJdMuvpJUf7IEAE&adurl=

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 i0jKjypm_normal.png
pbs.twimg.com/profile_images/1115760531690774528/ 769 B
839 B 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1115760531690774528/i0jKjypm_normal.png

Requested by

Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

3192bdf7a9240957833bee27f87e0b5d7eb49101322272b1ed6a80f0fc6b5207

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
x-content-type-options: nosniff
age: 491127
x-cache: HIT
status: 200
content-length: 769
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/2 profile_images/1115760531690774528
last-modified: Tue, 09 Apr 2019 23:34:55 GMT
server: ECS (fcn/40E1)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d20a6dd0d3833ed1b500220d732170e3
accept-ranges: bytes

GET
H2 200 bundle.099e61e16efedea507ca37360f78f15f.js Show response
vue.comm100.com/js/ Frame 5C2A 1002 KB
243 KB 42ms
42ms Script
application/javascript 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vue.comm100.com/js/bundle.099e61e16efedea507ca37360f78f15f.js
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/livechat.ashx?siteId=92035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0a076a70f1f327ba3be434082c06613f8fe53c89e79ab12f524ff0b662c3043f

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2737856
x-powered-by: ASP.NET
status: 200
content-length: 248215
last-modified: Wed, 11 Dec 2019 21:20:34 GMT
server: cloudflare
etag: "03dfad268b0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55fea93b6df59cc3-AMS

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49c2a3cf0f363bf387c06a35a4a4e6c7255799b3776bed55914862136d783028

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 14756167690236955475
tpc.googlesyndication.com/simgad/ Frame 1039 90 KB
90 KB 6ms
5ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14756167690236955475

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772ae83ce510fd881c277e08a0415187b430848b34d39b7eb7469f957414ff9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 08:24:13 GMT
x-content-type-options: nosniff
age: 467799
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92259
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jan 2021 08:24:13 GMT

GET
H2 200 11197045690106090954
tpc.googlesyndication.com/simgad/ Frame 3C2B 103 KB
103 KB 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11197045690106090954

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13a0be3e536500c04ddc0fc297f913ff12c82417d69201f4ecbf20bcd9a21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 09:56:12 GMT
x-content-type-options: nosniff
age: 30280
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 105779
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 09:56:12 GMT

GET
H2 200 11197045690106090954
tpc.googlesyndication.com/simgad/ Frame B78B 103 KB
103 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11197045690106090954

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13a0be3e536500c04ddc0fc297f913ff12c82417d69201f4ecbf20bcd9a21e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 09:56:12 GMT
x-content-type-options: nosniff
age: 30280
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 105779
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 09:56:12 GMT

GET
H2 200 12241931125343737580
tpc.googlesyndication.com/simgad/ Frame 10F7 176 KB
177 KB 6ms
5ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12241931125343737580

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d359cb09ae8c61b3714d8e17fc42f68004b2daab62b6c1e8e8def189e5ee4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 08:11:17 GMT
x-content-type-options: nosniff
age: 209375
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 180633
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Feb 2021 08:11:17 GMT

GET
H2 200 14756167690236955475
tpc.googlesyndication.com/simgad/ Frame 8CE4 90 KB
90 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14756167690236955475

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772ae83ce510fd881c277e08a0415187b430848b34d39b7eb7469f957414ff9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 08:24:13 GMT
x-content-type-options: nosniff
age: 467799
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92259
x-xss-protection: 0
last-modified: Fri, 10 Jan 2020 19:27:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jan 2021 08:24:13 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 50EC 337 B
309 B 23ms
23ms Stylesheet
text/css 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22867198
cf-ray: 55fea93c297abf00-FRA
status: 200
vary: Accept-Encoding
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Dec 2018 19:32:13 GMT
server: cloudflare
etag: "5c2528bd-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2020 01:16:35 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame F8E1 337 B
316 B 18ms
17ms Stylesheet
text/css 2606:4700::6810:4fa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22867198
cf-ray: 55fea93c2984bf00-FRA
status: 200
vary: Accept-Encoding
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Dec 2018 19:32:13 GMT
server: cloudflare
etag: "5c2528bd-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2020 01:16:35 GMT

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame 5C2A 996 B
610 B 206ms
205ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.099e61e16efedea507ca37360f78f15f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec42b7eaa9460c26b290a319fa7588436f14cff8919afffc72d66f7a78509136

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Feb 2020 18:20:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 548
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.bankinfosecurity.co.uk
cache-control: private
access-control-allow-credentials: true
cf-ray: 55fea93c3eff9cc3-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H/1.1 200
OK bis-hdr.desktop.r2.js Show response
www.bankinfosecurity.co.uk/javascripts-responsive/ 2 KB
906 B 134ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bankinfosecurity.co.uk/javascripts-responsive/bis-hdr.desktop.r2.js
Requested by: Host: www.bankinfosecurity.co.uk
URL: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 18:20:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 595

GET
H/1.1

204
No Content

64ead273d1f41aa7
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7

0
248 B

88ms
32ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/64ead273d1f41aa7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 18:20:51 GMT
Cache-Control: max-age=0,no-cache,no-store
Expires: Tue, 11 Oct 1977 12:34:56 GMT
Server: AC1.1
P3P: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

Redirect headers

Location: https://pixel.sitescout.com/iap/64ead273d1f41aa7
Content-length: 0

GET
H2

200

jot.html
platform.twitter.com/ Frame E24C
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

24ms
24ms

Document
text/html

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.bankinfosecurity.co.uk
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Feb 2020 18:20:52 GMT
x-served-by: cache-iad2147-IAD, cache-fra19153-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 04 Feb 2020 18:20:52 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 04 Feb 2020 18:20:52 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 42ca6085d893a08c462442e43047706d
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 120
x-transaction: 0099e0d50069854a
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame 5C2A 979 B
742 B 310ms
309ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.099e61e16efedea507ca37360f78f15f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9a3b8ec12fbf26d3c4366e2ef37778cc637d2dcf6d12f5f20b08ab8040f2dc15

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 04 Feb 2020 18:20:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 567
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.bankinfosecurity.co.uk
cache-control: private
access-control-allow-credentials: true
cf-ray: 55fea93d89319cc3-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H2 200 campaign.ashx Show response
chatserver3.comm100.com/ Frame 5C2A 6 KB
3 KB 248ms
247ms XHR
text/json 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/campaign.ashx?siteId=92035&campaignId=1275&lastUpdateTime=75567E86D28614B61879350BF24B10CF3D5F2F97D558627059BACCEACEA691D0
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.099e61e16efedea507ca37360f78f15f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
Origin: https://www.bankinfosecurity.co.uk

Response headers

date: Tue, 04 Feb 2020 18:20:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-ray: 55fea93f7f1c9cc9-AMS
status: 200
content-length: 2617
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1039 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ35YAsr1IqItWqOcjPEEEol1eBFicac5vCFQWbXKb4HWcftUkVf-IpuCaD0DkrPPq7qMIYNEyjEQpu28162RVzosN-F8WGTCv6VIS7jI&sig=Cg0ArKJSzGUin-1I8ZQWEAE&id=ampim&o=629,71&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=171&tls=1171&g=100&h=100&tt=1171&r=v&adk=765058253&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3C2B 42 B
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPu0B8G8bVBPIUTRf_jeBJiYCOHk60uIIinFaUYItL403xgef21qT4M5sRjMGd6V5RRm4S3G7nbc0n9wMQjHf0eOti-AJi_UgkqrBQlHc&sig=Cg0ArKJSzEXYHcmO44tOEAE&id=ampim&o=1033,587&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=155&tls=1157&g=100&h=100&tt=1157&r=v&adk=1922468332&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 18:20:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bankinfosecurity.co.uk/	1970-01-20 00:38:32	Name: __gads Value: ID=4a21d208c53991d9:T=1580840452:S=ALNI_MY02W52JpcdMKSqfAEYYwJHVazlbA
www.bankinfosecurity.co.uk/	1970-01-19 07:07:22	Name: __atuvs Value: 5e39b603d6cfd349000
www.bankinfosecurity.co.uk/	1970-01-19 07:07:24	Name: visitorip Value: 185.210.217.117
www.bankinfosecurity.co.uk/	1970-01-22 22:43:20	Name: _ccmaid Value: 3607953467828600918
.bankinfosecurity.co.uk/	1970-01-20 00:38:32	Name: _mkto_trk Value: id:051-ZXI-237&token:_mch-bankinfosecurity.co.uk-1580840452056-59113
.bankinfosecurity.co.uk/	1970-01-19 07:07:20	Name: _gat_newTracker Value: 1
www.bankinfosecurity.co.uk/	1970-01-22 22:43:20	Name: _ccmsi Value: 1580840451916_mjl9gmjdl\|1580840451917
.bankinfosecurity.co.uk/	1970-01-19 07:07:20	Name: _gat Value: 1
www.bankinfosecurity.co.uk/	1970-01-19 07:07:34	Name: PHPSESSID Value: 0ej0tcjg76b9bisi1dtoggqdg7
.bankinfosecurity.co.uk/	1970-01-19 07:08:46	Name: _gid Value: GA1.3.1327804946.1580840452
www.bankinfosecurity.co.uk/	1970-01-19 16:34:42	Name: __atuvc Value: 1%7C6
.bankinfosecurity.co.uk/	1970-01-20 00:38:32	Name: _ga Value: GA1.3.757602922.1580840452

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/156/munchkin.js(Line 19) Message: Munchkin.init("%s") options: 051-ZXI-237 [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bankinfosecurity.co.uk/ta505-apt-group-returns-new-techniques-report-a-13678

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com
051-zxi-237.mktoresp.com
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com
adservice.google.com
adservice.google.de
bankinfosecurity.disqus.com
c.disquscdn.com
cdn.ampproject.org
cdn.syndication.twimg.com
chatserver.comm100.com
chatserver3.comm100.com
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com
disqus.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
in.ml314.com
match.adsrvr.org
ml314.com
munchkin.marketo.net
pagead2.googlesyndication.com
pbs.twimg.com
pixel-a.basis.net
pixel.sitescout.com
platform.twitter.com
ps.eyeota.net
px.ads.linkedin.com
s7.addthis.com
securepubads.g.doubleclick.net
sjs.bizographics.com
stats.g.doubleclick.net
sync.crwdcntrl.net
syndication.twitter.com
tags.bluekai.com
tpc.googlesyndication.com
v1.addthisedge.com
vue.comm100.com
worker.ismgcorp.com
www.bankinfosecurity.co.uk
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
104.130.251.6
104.20.4.43
104.20.5.43
104.244.42.72
151.101.12.134
151.101.12.157
151.101.64.134
192.28.147.68
216.58.207.34
23.210.248.44
23.210.249.12
23.210.250.213
23.5.109.152
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700::6810:4fa6
2a00:1450:4001:808::2003
2a00:1450:4001:814::2002
2a00:1450:4001:818::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2001
2a00:1450:4001:825::200e
2a00:1450:400c:c00::9c
2a02:26f0:10c:38f::3adf
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.241.76.206
35.190.72.21
50.56.167.254
52.209.133.47
52.215.103.126
52.55.162.167
52.57.150.20
66.155.71.25
95.101.176.176
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
049c8258f53ed90ce6337a9c2f6274ab60683c00e39c22f8b39b67f2e017f477
04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07f1864f676b80cef760836490eed2ed047b77a99fcc64e81f9d02986e6457bc
088751f3fa0be4e220ba2d1a7df5ead4150e7e900a3c66b3b6b5afcdca31f960
0a076a70f1f327ba3be434082c06613f8fe53c89e79ab12f524ff0b662c3043f
0dacb3c9eab137eff23c77ccca27a38fa7f29e27d846c48444108221a212f14e
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1564e8da4487c6a723525fdecfd79b39c10e5a9284304f6653d9ae5ac30047a0
164c56fde3ebabd25078f4bef2de5db8c47c435709ea98079973f4abb12fb99a
1778aa41c49b2fc664a99eaa4cdcec43732e55aaa3278e0cffd0658e724acb5a
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90
1cefde1e3abcbf75b91b27f496264e12428b7a803da6d7ec93297442261af30b
1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e
247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251
256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b
25ba71d2b3eb06c9b6c24e04f52398350fd748819779be959ce88a4babf8b65a
25db638a310cc93e2f8bb79e668b4d9bc9a10eb36ccea53210b5d5a1b0f15056
267d1b74c1a492ae9daab8f4a4f253f4c0c017f98a71e2e711c7f93c7ced1d36
28c3ab3803655a44193df1fb4bb6df9ec0eb6f226de737a75640d36b7c6a6eaf
28f738877414b87571a8eefecdc711156eed8c62fd0c1cf3911c5fbd6fc1d655
296611546254974a4079d89a7deee7d292c225f8c5b5917c193f0bea603806ee
3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
3192bdf7a9240957833bee27f87e0b5d7eb49101322272b1ed6a80f0fc6b5207
32fda3736a10f484f76303c23c73292c469feb06f2fc41f729c49dcc1691e785
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
3a002d583a586abbfd8ba3be294c42da110dd6eac872a0efc8afbd9793d88658
3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d
3d6601f455d1861307f2e2266ac347f8dffe2e109e153f228024becd258b2784
3d7510063e1b2e52048eb4de8e364e2d5516dcb3dfa3b30feab3e4c10d785726
3f076961a147d13e72263c5e22c312b276d23f7970465f87801cf8b0fb7d5de9
3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939
4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
441b44d1c8b0181d6502d5a94c3c27e8fa28c79dcaeefd1264bd3a8fe0616c60
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535
471d1b98d4dcda9bc6bafb244adf0e6a3f85c62dd219e0bc3d47256dd3c852d7
49c2a3cf0f363bf387c06a35a4a4e6c7255799b3776bed55914862136d783028
4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305
4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186
4d1946811583260a847ab9793a3b1ac056f0a6f14f135e6816ea7db995986d7d
4d359cb09ae8c61b3714d8e17fc42f68004b2daab62b6c1e8e8def189e5ee4aa
4dced00354b099d831f860145bbd0149f99889d4c45632e4d9e849f008123866
4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04
4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390
5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577
51631cd677e010d6680bd66e595ffa22a11f60cb99310d0efff4b4e298612c4c
5317610f9f8e55dc24581c9a4a78d24e069459905b51f2c0a0da5562b2e37a60
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a32a6c1ad073d4dfdc344357066bc11851ff1a0d1c5857f6dff150f5cd5f8c6
5a7f4479247cd69f6466b02c172186854e3fb39b3cec4ee1cd5041186e25e464
5a9b0bcc0e7274386f0f560595519d66ee86bfccf57e76f2e59a6985091fa3a2
5b17fc1b92901f349708614e1cc20b92394f086c9fa4e3b34e4543de18de0f01
5c08774f3ce229e33b05e66e1a55f6d3051f03fc0926293b43ca45ec6b0cd517
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5fb18a20cdc9e6bf1d73b4157687373715b0b9bea35cb807f928fde9b4361233
6014df0f686fb7955d4e60152afa174b5c133c20a27be8ae3935d2d789a612df
619e872fdcf9abb7f34bcf3be667a52df16a4824b13150e5f9aaf0d64a292709
636dbf4f87fa130596fdb491938e4ad2b693b397139ba7f8d2a34b738a494078
6a211e51a9f17ce825197fb2e70d01b2031476738f3ba7114960db1fcda6029a
6c9094cac8fa542195988d92ed1705cf5c88cea911f55a85711ad27006041e75
6de854b6aa18423832207ade53631260e0a758a3331907ebae09c3b410462526
6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0
725590ab46352a18efa6ddbc0322457f8ab6b18634c858c53dfcbfa322362cc6
739842ce8749784c974b2f939ac47192e7b7886144806244a2bd4a0c5c238a15
74a523f8705490bec37a51330ea8ce358250aa444f53e7d668855cdf425d0c7b
75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0
772ae83ce510fd881c277e08a0415187b430848b34d39b7eb7469f957414ff9a
77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1
78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1
7a13a0be3e536500c04ddc0fc297f913ff12c82417d69201f4ecbf20bcd9a21e
7a7b42f8335acd7d8d936e19b10a631fcaa817b2f51ac981d8475b263309e377
7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760
7d5aa688b5d5ff4c506432198a24844c59be01eaf57d384fed2d4e09ee85d497
7e1e8c883fd8fb0cafdc1636bb195f28a7d8cfb3bf865ab40af470634d2f62ba
7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8
82a58e0e078e4b2c3bf00ad5bd49e0c85096159f95e92e3c6bdc1c4596efa991
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874e26994087937399d0614d4a5cec19a54da07cff2884b6a5fbf32defdbd7e1
87c40d1935f1b97602939d59a8bb89f9c4453f04db5af06fad9eae9a9f73b45c
8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf
8c016e1c610132ef76180ac79189a9ed1b14be28121610554bfac407f350a76b
93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94
962a577330f78a06c7eca1e1806d6d93cd2d5b0e91d0e0ae775bf338eae85757
971f0c03a1e63271a19b7de81d084c6acf81e7506dae8b31a0c6587c6ddf6a34
9a3b8ec12fbf26d3c4366e2ef37778cc637d2dcf6d12f5f20b08ab8040f2dc15
9c6af299685617864c257472040f437ef951afec994720a24781931cc3527017
9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895
9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700
9d52823d0b996bfd44198743c5403d7d4fecd90ce43b69deff494a412eb271d3
a321050e745c1ccbd8c532fd02a1b8e0da1377e0e81fb0d7243350330fac4b80
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
ac7126a7b4878ecdb17a639f2fbd497a572ba866546d953024bd1cb62a963add
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b157bcfc96788f58efc965a882fdcd17ea1ff51b87e1175d6638e08a79aa60ff
b395d4e64733686ffd05cc78428c728e0444bc30a7071a8d4c61fac4200ebbe4
b3c758db64450d9cf3b862e40cce4d5ad74af2ddd62839509ec8c764b588bd39
b514061653bf62d9141b1f9ffb2c24d899e829f1788df4df2057776013539e6b
b5393f531f350571a76f62c64b72e7c45154b57498a0e1c806b23aa99c053287
b5e9d7b83ee59fd4831ec4b6b4bb387abeaa6be304bb4071a7c09869c30569ff
b6623fd99a5b7eab92b6b4f8d7f5c54daa9fa3367caf64cb075194bda30b914f
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e
be6be76ca745414b27ef45501225245c2565227dcbe5570732bbffb1ac1937b2
bee93b52bef557cd0c4cc6c202d62baf8b00782bd6375a4ea37141cdee5762ae
c27f517a52328878d8f7052ed2adf6f7901e2dabdc18bcb8cada275ab2decfea
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c28e9e54ff0a7249e384c247190d4ed3195d43c6013efe706c907d90634f9c84
c30980da6c6f2ec76fdbd29d27519f28daa566818bb50f5df4172e3e84740a64
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c3bf1f576e7f76614784c0cf9681c8784d4130c5711339474ec408579bcced8d
c50a17e8272b9359e4b62e0f305e201f359cb5bd2245671c115d031f2b7f68d0
c5dd956b30ba04636a414909107064ee5215c4e0b2e6e7a9e09ab2e9e8bf010d
c6a03f1c9b8eaf5d0e289552599039f6084dc5428c66c85aa6ff23910d7738b4
c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2
c798e875b156964bf519cf80e2bc26d7bca4487e430ddd4e91a79f246d0f0e2b
cdedc2c99e5c35e35baa5bba15349f699ad8a849a71d0fe48bbfa4982f68ece5
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d3a56a926967f9778c7395c44c2bd718498b0844203b9bfb69e81ad9ca8e5003
d6d0fe0c8915e79cf7d4ca670662c9954cb9568da8f2cda3492ccf0a45cb926e
d6f9943835724fba6f2214952f7c47f37c97997e6abc86969d0ca7db5c6779ef
de1db6996e069ae509b0d73cf144c0d417b651dc4671cfe12339bccdd885b970
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1c494c81d7c1d829f25d286233c813b0edcb8ffff5570cc6065f7569ab84965
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31
e631af6a9f1f8dfdd15b7441060b55d97bf2ee943cbdeaf455bac9ccd2a8b79c
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ea3325c2094d82033ce9583d4180194fb82729dfae65b62925831a88a6838d7c
ea78d8ab466df0989f36ac7160f06f218f55b37a7faddf8db4a984aaeb1aef74
eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461
ec42b7eaa9460c26b290a319fa7588436f14cff8919afffc72d66f7a78509136
eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5
ed7ac2e37569aba59fc880364f39f61cdc4015998ab25fb7b6be594c05002482
ed83db1f3abc53d2ea744b36e0b41f009de707c0ae4178568611bfea56c1f41a
ed9cb4ada4736365be873828d6f0746414ab378b5893503029a559ddd149f79e
eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07978e99d456e9d30a23f45944e770f90140a3dcd96ade741b52244a4f7f0f3
f11135bf51e08c8cdc68cc528d22eb3bb2d6a2e83e2b6e1866f80f3d0900bc73
f1f5847323d3b11619042259842e9c20bf3362b0e77387b1f046c68dc946487a
f2e3dd3e090aab6d1ba5014564b3d376454c3f2cbfdc180919475a5be2029120
f2e985539ac8a7c0fd8aec7d15494e8e56e5d16bbb58f4170eb773c5a5f32d58
f550a58bd250bbd76f4e594533b42a611b1b380aa2e724c570b7bb9496f538a6
f889205fc61765be66116d1570107b8a4a523707f592d3ad8d087e54f68e844e
f92d2ae45734ea5702a735694d4c25ba2a7d96f8de7d2b65c404f7695c2f9aca
fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcd6f1bd81be4eff0d82bfcdda2e1de83f8af54f1b5b6f801415b0d98261fc2f
fe22e1de38d017229acd5f79c996496ced9db6983f125973821f1092b4430bc9

www.bankinfosecurity.co.uk Open in urlscan Pro 50.56.167.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

200 Requests

100 %HTTPS

39 %IPv6

33 Domains

51 Subdomains

32 IPs

7 Countries

12287 kBTransfer

19269 kBSize

12 Cookies

69 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bankinfosecurity.co.uk Open in urlscan Pro
50.56.167.254 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

100 %
HTTPS

39 %
IPv6

33
Domains

51
Subdomains

32
IPs

7
Countries

12287 kB
Transfer

19269 kB
Size

12
Cookies

200 HTTP transactions
10 data transactions