laptrinhx.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Submission: On March 30 via api (March 30th 2022, 2:38:29 pm UTC) from DE — Scanned from DE

Summary HTTP 211 Redirects Links 121 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 49 domains to perform 211 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is laptrinhx.com. The Cisco Umbrella rank of the primary domain is 717493.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time laptrinhx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
16 19	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	222.255.236.247 222.255.236.247	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
5	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	112.213.89.40 112.213.89.40	45544 (SUPERDATA...) (SUPERDATA-AS-VN SUPERDATA-)
1	130.214.229.186 130.214.229.186	35039 (SAP_CC) (SAP_CC)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	192.0.72.26 192.0.72.26	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.217.138.56 52.217.138.56	16509 (AMAZON-02) (AMAZON-02)
2	185.199.110.133 185.199.110.133	54113 (FASTLY) (FASTLY)
1 1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:26f0:fb:... 2a02:26f0:fb::5f64:997b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.139.241.27 151.139.241.27	33438 (STACKPATH) (STACKPATH)
1	2600:9000:231... 2600:9000:2315:3a00:1d:d7f6:39d0:c781	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3032::6815:407b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	103.153.215.173 103.153.215.173	140745 (VINTEK-AS...) (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.)
1	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2403:6a40:0:8... 2403:6a40:0:88:6996:6886:6688:6688	135967 (BKNS-AS-V...) (BKNS-AS-VN Bach Kim Network solutions Join stock company)
1	2600:1f14:2e0... 2600:1f14:2e0:3802:6bf4:294b:4d72:b5b6	16509 (AMAZON-02) (AMAZON-02)
1	18.159.80.129 18.159.80.129	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
3	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	51.254.132.82 51.254.132.82	16276 (OVH) (OVH)
1	192.0.72.19 192.0.72.19	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4014:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a	16509 (AMAZON-02) (AMAZON-02)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
211	55

46 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

laptrinhx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scanlibs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 16 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7ba (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.amcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 222.255.236.247 (Hanoi, Viet Nam)

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

images.careerbuilder.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.213.89.40 (Viet Nam)

ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN)
PTR: ns8940.dotvndns.vn

www.hiepsiit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.214.229.186 (United States)

ASN35039 (SAP_CC, DE)

blogs.sap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

gigadom.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-images-1.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.138.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.110.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-133.github.com

camo.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb::5f64:997b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

developers.redhat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.241.27 (United States)

ASN33438 (STACKPATH, US)

gdj.graphicdesignjunction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:3a00:1d:d7f6:39d0:c781 (United States)

ASN16509 (AMAZON-02, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

qiita-user-contents.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

mmikowski.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:407b (United States)

ASN13335 (CLOUDFLARENET, US)

www.learningjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.153.215.173 (Viet Nam)

ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN)

itctoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149611589.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2403:6a40:0:88:6996:6886:6688:6688 (Hanoi, Viet Nam)

ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN)

media.bkns.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:2e0:3802:6bf4:294b:4d72:b5b6 (Boardman, United States)

ASN16509 (AMAZON-02, US)

www.educba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.80.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

wololo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

reactjsexample.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

www.monkeyuser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.254.132.82 (France)

ASN16276 (OVH, FR)
PTR: 82.ip-51-254-132.eu

www.commitstrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.19 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

boygeniusreport.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4014:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.82.242.209 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	laptrinhx.com laptrinhx.com — Cisco Umbrella Rank: 717493	281 KB
26	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 pix.eu.criteo.net — Cisco Umbrella Rank: 7880 csm.eu.criteo.net — Cisco Umbrella Rank: 7886	238 KB
21	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 585	1 MB
21	google.com 16 redirects www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
16	gstatic.com t3.gstatic.com t2.gstatic.com t0.gstatic.com t1.gstatic.com	10 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	204 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	22 KB
6	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 99	63 KB
6	itctoday.com itctoday.com	938 KB
5	medium.com cdn-images-1.medium.com — Cisco Umbrella Rank: 49869	1 MB
5	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 106	100 KB
4	imgur.com i.imgur.com — Cisco Umbrella Rank: 5468	171 KB
4	scanlibs.com scanlibs.com	84 KB
4	amcharts.com cdn.amcharts.com — Cisco Umbrella Rank: 93719	299 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11668 ads.eu.criteo.com — Cisco Umbrella Rank: 7887 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10325	54 KB
3	monkeyuser.com www.monkeyuser.com	1 MB
3	careerbuilder.vn images.careerbuilder.vn — Cisco Umbrella Rank: 263040	105 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 610	1 KB
2	redhat.com 1 redirects developers.redhat.com — Cisco Umbrella Rank: 306805	192 KB
2	githubusercontent.com camo.githubusercontent.com — Cisco Umbrella Rank: 23530
2	wordpress.com gigadom.files.wordpress.com boygeniusreport.files.wordpress.com — Cisco Umbrella Rank: 22480	89 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	84 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1481	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 348	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1485	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 906	324 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1104	464 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	37 KB
1	commitstrip.com www.commitstrip.com — Cisco Umbrella Rank: 989513	252 KB
1	reactjsexample.com reactjsexample.com — Cisco Umbrella Rank: 975948	52 KB
1	wololo.net wololo.net — Cisco Umbrella Rank: 523079	31 KB
1	educba.com www.educba.com — Cisco Umbrella Rank: 127660	42 KB
1	bkns.vn media.bkns.vn	19 KB
1	pressablecdn.com 149611589.v2.pressablecdn.com	269 KB
1	learningjquery.com www.learningjquery.com	46 KB
1	github.io mmikowski.github.io	65 KB
1	imgix.net qiita-user-contents.imgix.net	26 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 858	35 KB
1	graphicdesignjunction.com gdj.graphicdesignjunction.com	9 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8505	76 KB
1	wp.com 1 redirects i2.wp.com — Cisco Umbrella Rank: 6027	227 B
1	amazonaws.com s3.amazonaws.com	57 KB
1	sap.com blogs.sap.com — Cisco Umbrella Rank: 143518	256 KB
1	hiepsiit.com www.hiepsiit.com	30 KB
1	google.de adservice.google.de Failed www.google.de — Cisco Umbrella Rank: 5640	501 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	647 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	37 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 431	3 KB
211	49

	Domain	Requested by
42	laptrinhx.com	laptrinhx.com
21	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
19	www.google.com	16 redirects laptrinhx.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	pix.eu.criteo.net	ads.eu.criteo.com
9	static.criteo.net	ads.eu.criteo.com
8	pagead2.googlesyndication.com	laptrinhx.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	www.facebook.com	2 redirects connect.facebook.net
6	itctoday.com	laptrinhx.com
6	t1.gstatic.com	laptrinhx.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	cdn-images-1.medium.com	laptrinhx.com
5	i.ytimg.com	laptrinhx.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	t3.gstatic.com	laptrinhx.com
4	i.imgur.com	laptrinhx.com
4	scanlibs.com	laptrinhx.com
4	cdn.amcharts.com	laptrinhx.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	cm.g.doubleclick.net	laptrinhx.com googleads.g.doubleclick.net
3	www.monkeyuser.com	laptrinhx.com
3	t0.gstatic.com	laptrinhx.com
3	images.careerbuilder.vn	laptrinhx.com
2	image6.pubmatic.com	2 redirects
2	developers.redhat.com	1 redirects laptrinhx.com
2	camo.githubusercontent.com	laptrinhx.com
2	t2.gstatic.com	laptrinhx.com
2	connect.facebook.net	laptrinhx.com connect.facebook.net
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	boygeniusreport.files.wordpress.com	laptrinhx.com
1	www.commitstrip.com	laptrinhx.com
1	reactjsexample.com	laptrinhx.com
1	wololo.net	laptrinhx.com
1	www.educba.com	laptrinhx.com
1	media.bkns.vn	laptrinhx.com
1	149611589.v2.pressablecdn.com	laptrinhx.com
1	www.learningjquery.com	laptrinhx.com
1	mmikowski.github.io	laptrinhx.com
1	qiita-user-contents.imgix.net	laptrinhx.com
1	images-na.ssl-images-amazon.com	laptrinhx.com
1	gdj.graphicdesignjunction.com	laptrinhx.com
1	1.bp.blogspot.com	laptrinhx.com
1	i2.wp.com	1 redirects
1	s3.amazonaws.com	laptrinhx.com
1	gigadom.files.wordpress.com	laptrinhx.com
1	blogs.sap.com	laptrinhx.com
1	www.hiepsiit.com	laptrinhx.com
1	www.google.de	laptrinhx.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	laptrinhx.com
1	cdn.jsdelivr.net	laptrinhx.com
0	adservice.google.de Failed	pagead2.googlesyndication.com
211	62

This site contains links to these domains. Also see Links.

Domain
t.laptrinhx.com
news.laptrinhx.com
twitter.com
www.facebook.com
raoxyz.com
congtyaz.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-06` - `2022-04-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.careerbuilder.vn Sectigo RSA Domain Validation Secure Server CA	`2022-03-04` - `2023-04-04`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
hiepsiit.com cPanel, Inc. Certification Authority	`2022-02-11` - `2022-05-12`	3 months	crt.sh
blogs.sap.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-04` - `2022-11-04`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-28` - `2023-01-28`	a year	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2022-05-27`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2022-03-18` - `2023-03-21`	a year	crt.sh
*.stackpathdns.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-06`	a year	crt.sh
Images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-02-01` - `2023-01-02`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
itctoday.com R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.bkns.vn GlobalSign RSA OV SSL CA 2018	`2021-07-12` - `2022-08-13`	a year	crt.sh
*.educba.com Amazon	`2022-03-17` - `2023-04-15`	a year	crt.sh
wololo.net R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
www.monkeyuser.com R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
commitstrip.com R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Frame ID: FA3FF5691770A1D3C2D9043EE3F754D9
Requests: 135 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220328/r20190131/zrt_lookup.html
Frame ID: 5E2F5CCDC28244C99D0790EE46E6EC7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&adk=1812271804&adf=3025194257&lmt=1648651098&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651098681&bpp=3&bdt=256&idt=87&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5858494597979&frm=20&pv=2&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107
Frame ID: 7A931EF41A6B3ADE2932E92B08BFEF1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=280&slotname=5152953241&adk=1133147547&adf=726176103&pi=t.ma~as.5152953241&w=1200&fwrn=4&fwrnh=100&lmt=1648651098&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651098684&bpp=2&bdt=259&idt=112&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=341&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cbF6B7TZgm&p=https%3A//laptrinhx.com&dtd=118
Frame ID: 0A9282E249D6FD221E2D442811DEBE53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9
Frame ID: 040161BBACF7097CC7174EF533323E84
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkRrWwAOKgEKmpWZAAw8Pz9V_GkxCplHrOSLmQ&u=%7CdGc0hg84bu054ma4%2FRWMaTnWXg6YUc1WOEGwCgyG%2B9c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYeQbdi6UKkDltCKI-ny5rcn1Vqwvb_6NpBJSxFIciMh6Tj6Qb6oFTP6Cf4oqnu42WOQfYch5er2yhrkFvqU9z70JFv3-dX7ilrp5VK31ammb2pPhXjNrJUHSeuKR7GbLf4JWmn5wFLUwEdrZV4gScfkthclpiBeeSmHQ93vnKOhIV9sITtV_9uG3cHZx9s80Ilwz_8p9WZbxsWSqGwxfwQevCdqVQ4__96usQV_g45hH0mtJahxQFAEWJpjIVCmlWLSzw0y8YGnZOF6ixrbYeOkIaUujZv2EKWEHKBRQWgH8bO62EiWSPCY85Ykxhta5cHzekP_trtUfJ03akctiM1MuWMd_Zs8zyg0i2RN9KvNfe-3kcQZcabMA-TgJlsfFZJDHkUUrf8svwa9-_EVT38&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiDmtW2tEYoHUOJmr6gS_-LDQAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjAyNjExMDM3ODA2MjgyNKAB1bbS6gPIAQmpAsFv17N7rbI-qAMBqgTgAU_QdoXi-7anJbA80J3RyKCQ4-y55CxOpr7XJbBsbI4w07zR2gZJ_A_OKXYEomL33bDjNwAEisrNQnhVeIu5MkG4rocd_VD9yekUphbUYnKs0lBZjpa8YGpzmAenX3PEyXo3T_WOVgHFAlgheJHC29P0iK2EZDljCBgO0fSxhDRBDzozPerYgMgGT8PyqgNFaNzKs0k1odcBMx-sJw_NrGYmBa3Gf7JA6PcKlRCTHfgdVk9VTjwBfQ_P2O4Mk5gToq_MpExYIS0TjMRflGMrdsX9iETHX2lEOaUwRvqpTIvngAaOrf7bpvn65wmgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2P8IB2f-jklMTroMkjR3GLKqn36Q%26client%3Dca-pub-2026110378062824%26adurl%3D
Frame ID: 59D4D1094F80BBD617EBD25C86260B35
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90F759CD7AD129E5764E4D8F3B3BE367
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ba1c36a500438%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=
Frame ID: B8362EAAB8150E86F71259C44D173426
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/save.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a2dbb4c7cbda4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&locale=en_US&sdk=joey&size=large&uri=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F
Frame ID: 3F7EFBF3263A05186FA59C96B77E5EE9
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width
Frame ID: 582F2B356663CBA8CB5C82ABFF97A757
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5AE7D06ED049F36111EFC2EF6502E69
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1E6B6564B0076E7569587FEBBE03F60
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daily Emotet IoCs and Notes for 11/11/19 | LaptrinhXChart created using amCharts libraryZoom OutChart created using amCharts library

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

amCharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

amcharts.*\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

211
Requests

88 %
HTTPS

60 %
IPv6

49
Domains

62
Subdomains

55
IPs

8
Countries

7901 kB
Transfer

12721 kB
Size

15
Cookies

121 Outgoing links

These are links going to different origins than the main page.

URL: https://t.laptrinhx.com/
Title: Tiktok

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/bn-in/
Title: India (বাংলা)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/cs-cz/
Title: Česká republika (čeština)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/da-dk/
Title: Danmark (Dansk)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/de-at/
Title: Österreich (Deutsch)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/de-ch/
Title: Schweiz (Deutsch)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/de-de/
Title: Deutschland (Deutsch)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/el-gr/
Title: Ελλάδα (ελληνικά)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-ae/
Title: United Arab Emirates (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-au/
Title: Australia (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-ca/
Title: Canada (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-gb/
Title: United Kingdom (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-ie/
Title: Ireland (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-in/
Title: India (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-my/
Title: Malaysia (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-nz/
Title: New Zealand (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-ph/
Title: Philippines (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-sg/
Title: Singapore (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-us/
Title: United States (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-xl/
Title: International Edition (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/en-za/
Title: South Africa (English)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-ar/
Title: Argentina (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-cl/
Title: Chile (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-co/
Title: Colombia (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-es/
Title: España (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-mx/
Title: México (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-pe/
Title: Perú (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-us/
Title: United States (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-ve/
Title: Venezuela (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/es-xl/
Title: América Latina (español)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/fi-fi/
Title: Suomi (suomi)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/fr-be/
Title: Belgique (français)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/fr-ca/
Title: Canada (français)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/fr-ch/
Title: Suisse (français)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/fr-fr/
Title: France (français)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/fr-xl/
Title: Afrique francophone (français)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/hi-in/
Title: India (हिंदी)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/hu-hu/
Title: Magyarország (magyar)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/id-id/
Title: Indonesia (Bahasa Indonesia)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/it-it/
Title: Italia (italiano)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/ja-jp/
Title: 日本 (日本語)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/ko-kr/
Title: 한국 (한국어)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/mr-in/
Title: India (मराठी)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/nb-no/
Title: Norge (norsk, bokmål)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/nl-be/
Title: België (Nederlands)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/nl-nl/
Title: Nederland (Nederlands)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/pl-pl/
Title: Polska (polski)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/pt-br/
Title: Brasil (português)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/pt-pt/
Title: Portugal (Português)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/ru-ru/
Title: Россия (Pусский)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/sv-se/
Title: Sverige (svenska)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/te-in/
Title: India (తెలుగు)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/th-th/
Title: ไทย (ไทย)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/tr-tr/
Title: Türkiye (Türkçe)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/vi-vn/
Title: Việt Nam (Tiếng Việt)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/zh-cn/
Title: 中华人民共和国 (简体中文)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/zh-hk/
Title: 香港特别行政區 (繁體中文)

Search URL Search Domain Scan URL

URL: https://news.laptrinhx.com/zh-tw/
Title: 台灣 (繁體中文)

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Privacy%2C+Your+Personal+Information+and+How+To+Protect+Them&url=https%3A%2F%2Flaptrinhx.com%2Fprivacy-your-personal-information-and-how-to-protect-them-2926990870%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fprivacy-your-personal-information-and-how-to-protect-them-2926990870%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=An+iPad+Pro+with+a+new+3D+system+is+coming+in+2020%2C+with+AR+headset+and+glasses+to+follow&url=https%3A%2F%2Flaptrinhx.com%2Fan-ipad-pro-with-a-new-3d-system-is-coming-in-2020-with-ar-headset-and-glasses-to-follow-3193093127%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fan-ipad-pro-with-a-new-3d-system-is-coming-in-2020-with-ar-headset-and-glasses-to-follow-3193093127%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Daily+Emotet+IoCs+and+Notes+for+2021%2F01%2F25&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-2021-01-25-2795618352%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-2021-01-25-2795618352%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Emotet+C2+Deltas+from+2021%2F01%2F25+as+of+08%3A00EST+or+13%3A00UTC&url=https%3A%2F%2Flaptrinhx.com%2Femotet-c2-deltas-from-2021-01-25-as-of-08-00est-or-13-00utc-1597724268%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Femotet-c2-deltas-from-2021-01-25-as-of-08-00est-or-13-00utc-1597724268%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Weekend+Emotet+IoCs+and+Notes+for+2021%2F01%2F22-24&url=https%3A%2F%2Flaptrinhx.com%2Fweekend-emotet-iocs-and-notes-for-2021-01-22-24-3665508105%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fweekend-emotet-iocs-and-notes-for-2021-01-22-24-3665508105%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Emotet+C2+Deltas+from+2021%2F01%2F22+as+of+12%3A00EST+or+17%3A00UTC&url=https%3A%2F%2Flaptrinhx.com%2Femotet-c2-deltas-from-2021-01-22-as-of-12-00est-or-17-00utc-2958585705%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Femotet-c2-deltas-from-2021-01-22-as-of-12-00est-or-17-00utc-2958585705%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Daily+Emotet+IoCs+and+Notes+for+2021%2F01%2F21&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-2021-01-21-3628129095%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-2021-01-21-3628129095%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=SAP+EAM+Data+Migration+Part+5+%E2%80%93+Bills+of+Materials&url=https%3A%2F%2Flaptrinhx.com%2Fsap-eam-data-migration-part-5-bills-of-materials-3971999653%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fsap-eam-data-migration-part-5-bills-of-materials-3971999653%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Deconstructing+Convolutional+Neural+Networks+with+Tensorflow+and+Keras&url=https%3A%2F%2Flaptrinhx.com%2Fdeconstructing-convolutional-neural-networks-with-tensorflow-and-keras-880448275%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fdeconstructing-convolutional-neural-networks-with-tensorflow-and-keras-880448275%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=How+to+plot+the+model+training+in+Keras+%E2%80%94+using+custom+callback+function+and+using+TensorBoard&url=https%3A%2F%2Flaptrinhx.com%2Fhow-to-plot-the-model-training-in-keras-using-custom-callback-function-and-using-tensorboard-272494757%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fhow-to-plot-the-model-training-in-keras-using-custom-callback-function-and-using-tensorboard-272494757%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=The+Edge+Computing+Ecosystem%3A+From+Sensors+to+the+Centralized+Cloud&url=https%3A%2F%2Flaptrinhx.com%2Fthe-edge-computing-ecosystem-from-sensors-to-the-centralized-cloud-2873512354%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fthe-edge-computing-ecosystem-from-sensors-to-the-centralized-cloud-2873512354%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Read+CO2+concentration+from+mh-z19+sensor+on+the+Raspberry+Pi+%26+handle+it.+Detect+Raspberry+Pi+model+automatically+and+read+value+from+appropriate+serial+device.&url=https%3A%2F%2Flaptrinhx.com%2Fread-co2-concentration-from-mh-z19-sensor-on-the-raspberry-pi-handle-it-detect-raspberry-pi-model-automatically-and-read-value-from-appropriate-serial-device-1357331869%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fread-co2-concentration-from-mh-z19-sensor-on-the-raspberry-pi-handle-it-detect-raspberry-pi-model-automatically-and-read-value-from-appropriate-serial-device-1357331869%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Deep+Learning+Recommendation+Models+%28DLRM%29%3A+A+Deep+Dive&url=https%3A%2F%2Flaptrinhx.com%2Fdeep-learning-recommendation-models-dlrm-a-deep-dive-1647961390%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fdeep-learning-recommendation-models-dlrm-a-deep-dive-1647961390%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Comprehensive+Guide+on+Remote+File+Inclusion+%28RFI%29&url=https%3A%2F%2Flaptrinhx.com%2Fcomprehensive-guide-on-remote-file-inclusion-rfi-2067330620%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fcomprehensive-guide-on-remote-file-inclusion-rfi-2067330620%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=NLP-A+Complete+Guide+for+Topic+Modeling-+Latent+Dirichlet+Allocation+%28LDA%29+using+Gensim%21&url=https%3A%2F%2Flaptrinhx.com%2Fnlp-a-complete-guide-for-topic-modeling-latent-dirichlet-allocation-lda-using-gensim-92045175%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fnlp-a-complete-guide-for-topic-modeling-latent-dirichlet-allocation-lda-using-gensim-92045175%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Authorizing+multi-language+microservices+with+Louketo+Proxy&url=https%3A%2F%2Flaptrinhx.com%2Fauthorizing-multi-language-microservices-with-louketo-proxy-2326716650%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fauthorizing-multi-language-microservices-with-louketo-proxy-2326716650%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Kubernetes+Architecture&url=https%3A%2F%2Flaptrinhx.com%2Fkubernetes-architecture-425129512%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fkubernetes-architecture-425129512%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=30+Business+Logo+Designs+for+Inspiration+%2366&url=https%3A%2F%2Flaptrinhx.com%2F30-business-logo-designs-for-inspiration-66-168236122%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2F30-business-logo-designs-for-inspiration-66-168236122%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Malware+Forensics+Field+Guide+for+Linux+Systems&url=https%3A%2F%2Flaptrinhx.com%2Fmalware-forensics-field-guide-for-linux-systems-1360068853%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fmalware-forensics-field-guide-for-linux-systems-1360068853%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Linux+%E3%81%8B%E3%82%89+FPGA+%E3%81%AE%E3%83%A1%E3%83%A2%E3%83%AA%E3%81%AB%22%E3%82%AD%E3%83%A3%E3%83%83%E3%82%B7%E3%83%A5%E3%82%92%E6%9C%89%E5%8A%B9%E3%81%AB%E3%81%97%E3%81%A6%22%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%99%E3%82%8B%E3%83%87%E3%83%90%E3%82%A4%E3%82%B9%E3%83%89%E3%83%A9%E3%82%A4%E3%83%90&url=https%3A%2F%2Flaptrinhx.com%2Flinux-kara-fpga-nomemorini-kyasshuwo-you-xiaonishite-akusesusurudebaisudoraiba-3612028391%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Flinux-kara-fpga-nomemorini-kyasshuwo-you-xiaonishite-akusesusurudebaisudoraiba-3612028391%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=RESTful+APIs%2C+the+big+lie&url=https%3A%2F%2Flaptrinhx.com%2Frestful-apis-the-big-lie-885205810%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Frestful-apis-the-big-lie-885205810%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=14+Top+Calendar+and+Date+Picker+jQuery+Plugins&url=https%3A%2F%2Flaptrinhx.com%2F14-top-calendar-and-date-picker-jquery-plugins-2060482297%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2F14-top-calendar-and-date-picker-jquery-plugins-2060482297%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=What+do+you+think+of+the+upcoming+revamp+of+the+PlayStation+Plus+service%3F&url=https%3A%2F%2Flaptrinhx.com%2Fwhat-do-you-think-of-the-upcoming-revamp-of-the-playstation-plus-service-3504862084%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fwhat-do-you-think-of-the-upcoming-revamp-of-the-playstation-plus-service-3504862084%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=A+Tiny+and+powerful+state+management+library+for+React&url=https%3A%2F%2Flaptrinhx.com%2Fa-tiny-and-powerful-state-management-library-for-react-146484940%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fa-tiny-and-powerful-state-management-library-for-react-146484940%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Honor+X7+ra+m%E1%BA%AFt%3A+Chipset+Snapdragon+680%2C+camera+48MP%2C+pin+5.000mAh&url=https%3A%2F%2Flaptrinhx.com%2Fhonor-x7-ra-mat-chipset-snapdragon-680-camera-48mp-pin-5-000mah-1371473228%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fhonor-x7-ra-mat-chipset-snapdragon-680-camera-48mp-pin-5-000mah-1371473228%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Text+Selection+Across+Multiple+Blocks+Is+Coming+to+WordPress&url=https%3A%2F%2Flaptrinhx.com%2Ftext-selection-across-multiple-blocks-is-coming-to-wordpress-1452789084%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Ftext-selection-across-multiple-blocks-is-coming-to-wordpress-1452789084%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=SSD+CLOUD+VPS+%E2%80%93+M%C3%A1y+ch%E1%BB%A7+%E1%BA%A3o+chuy%C3%AAn+nghi%E1%BB%87p+gi%C3%A1+r%E1%BA%BB&url=https%3A%2F%2Flaptrinhx.com%2Fssd-cloud-vps-may-chu-ao-chuyen-nghiep-gia-re-1158150748%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fssd-cloud-vps-may-chu-ao-chuyen-nghiep-gia-re-1158150748%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Unit+Testing+Types&url=https%3A%2F%2Flaptrinhx.com%2Funit-testing-types-4053136128%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Funit-testing-types-4053136128%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Google+c%E1%BA%ADp+nh%E1%BA%ADt+l%E1%BB%97+h%E1%BB%8Fng+b%E1%BA%A3o+m%E1%BA%ADt+kh%E1%BA%A9n+c%E1%BA%A5p+cho+3%2C2+t%E1%BB%B7+ng%C6%B0%E1%BB%9Di+d%C3%B9ng+Chrome&url=https%3A%2F%2Flaptrinhx.com%2Fgoogle-cap-nhat-lo-hong-bao-mat-khan-cap-cho-3-2-ty-nguoi-dung-chrome-953073794%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fgoogle-cap-nhat-lo-hong-bao-mat-khan-cap-cho-3-2-ty-nguoi-dung-chrome-953073794%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Daily+Emotet+IoCs+and+Notes+for+11%2F11%2F19&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F

Search URL Search Domain Scan URL

URL: https://raoxyz.com/
Title: raoxyz

Search URL Search Domain Scan URL

URL: https://congtyaz.com/
Title: congtyaz

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/&text=%22%22

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://www.google.com/s2/favicons?domain=paste.cryptolaemus.com HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paste.cryptolaemus.com&size=16

Request Chain 69

https://www.google.com/s2/favicons?domain=blogs.sap.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blogs.sap.com&size=16

Request Chain 71

https://www.google.com/s2/favicons?domain=gigadom.wordpress.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://gigadom.wordpress.com&size=16

Request Chain 74

https://www.google.com/s2/favicons?domain=cbinsights.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cbinsights.com&size=16

Request Chain 77

https://i2.wp.com/1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/01.png?w=687&ssl=1 HTTP 302
https://1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/01.png

Request Chain 78

https://www.google.com/s2/favicons?domain=hackingarticles.in HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hackingarticles.in&size=16

Request Chain 80

https://developers.redhat.com/blog/wp-content/uploads/2020/06/Auth-Sequence-1.png HTTP 301
https://developers.redhat.com/sites/default/files/blog/2020/06/Auth-Sequence-1.png

Request Chain 81

https://www.google.com/s2/favicons?domain=jboss.org HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jboss.org&size=16

Request Chain 86

https://www.google.com/s2/favicons?domain=qiita.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://qiita.com&size=16

Request Chain 88

https://www.google.com/s2/favicons?domain=mmikowski.github.io HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mmikowski.github.io&size=16

Request Chain 90

https://www.google.com/s2/favicons?domain=learningjquery.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://learningjquery.com&size=16

Request Chain 95

https://www.google.com/s2/favicons?domain=itctoday.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://itctoday.com&size=16

Request Chain 98

https://www.google.com/s2/favicons?domain=bkns.vn HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bkns.vn&size=16

Request Chain 100

https://www.google.com/s2/favicons?domain=educba.com HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://educba.com&size=16

Request Chain 103

https://www.google.com/s2/favicons?domain=wololo.net HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://wololo.net&size=16

Request Chain 105

https://www.google.com/s2/favicons?domain=reactjsexample.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://reactjsexample.com&size=16

Request Chain 124

https://www.google.com/s2/favicons?domain=blog.usejournal.com HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blog.usejournal.com&size=16

Request Chain 126

https://www.google.com/s2/favicons?domain=bgr.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bgr.com&size=16

Request Chain 146

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECWV6BRybwBQTVjTVFTQ5VE&google_cver=1&google_push=AYg5qPJGQstEOSLwLF9-CVwC__sf5xb_5ctnW34Yw2z5fy1xIVu-DTUwVREpwS4M_BX5yQrSlL_KvE6ywykVEg_xNrhMCGQbgw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECWV6BRybwBQTVjTVFTQ5VE&google_cver=1&google_push=AYg5qPJGQstEOSLwLF9-CVwC__sf5xb_5ctnW34Yw2z5fy1xIVu-DTUwVREpwS4M_BX5yQrSlL_KvE6ywykVEg_xNrhMCGQbgw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DVJgeAHfTgiH2NkK-skS5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJGQstEOSLwLF9-CVwC__sf5xb_5ctnW34Yw2z5fy1xIVu-DTUwVREpwS4M_BX5yQrSlL_KvE6ywykVEg_xNrhMCGQbgw

Request Chain 147

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDRTnMInH_JSmsJ4xr6cL-A&google_cver=1&google_push=AYg5qPI3Qx_DikeJ89aDVPeFav_BnvaCtCJGbJ73KvfI7I2uqf3uwxOTcnLE5h7AOMC52QTyARm4dyClj-LlXuGmox8hDI2XdZ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFET0FRUUstMUEtNjU2OQ==&google_push=AYg5qPI3Qx_DikeJ89aDVPeFav_BnvaCtCJGbJ73KvfI7I2uqf3uwxOTcnLE5h7AOMC52QTyARm4dyClj-LlXuGmox8hDI2XdZ0

Request Chain 148

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y&google_cver=1&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y

Request Chain 181

https://www.facebook.com/v3.3/plugins/comments.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width

211 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/ 96 KB
40 KB 463ms
408ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d745d7516fab6abb46cf209a4e6ca23723f64d95743e97d64bc910cec4e0e687

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 6f41968df9430ff2-MRS
content-encoding: br
content-security-policy: upgrade-insecure-requests script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-type: text/html; charset=utf-8
date: Wed, 30 Mar 2022 14:38:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKhK%2FulROZdFDbqYzTY47%2F1q0WLJCqj4jOJkqzsgfp1g7USjU%2Ba7sO6ld%2FjzBvaVjzYtAWCQeEB2YVa%2BJMmQleO%2B3nK%2BsMUPY4nJgI8KGWf1t%2Fo4M%2FjNxvPGFSCO0iAXoaGAWulHAwDCMBUC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 jrIL4lALVidoER8knIu1r3RzlTA.js Show response
laptrinhx.com/cdn-cgi/apps/head/ 7 KB
3 KB 33ms
32ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/cdn-cgi/apps/head/jrIL4lALVidoER8knIu1r3RzlTA.js

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bb31d735e8432585a40fca9f1303bbb5a279623d6a4adf6a642e54700669e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1718567
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EKFQMV5KJJE266GC
x-amz-id-2: 0KfS4ggbQh5R7w5yoR9Kd3jl0qZvcCTLjNwNpY+Tz4IBtilv/pSbKklLoy4PGWo0oPMxeEwzTso=
last-modified: Tue, 13 Jul 2021 19:41:41 GMT
server: cloudflare
etag: W/"a9d484cbe15211c99b453044ca2640a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x82P0nYZfnJ3%2FCwx%2FBIxR3KPaAvGNGNn0nkigw2vCBP1Y5cfnr6clRMSjsFQQggmyIp63ASCQDQwmpSlALD86qrWOdFUMNZD%2B5BxNLeJLP%2BisWdXNqMsyqw21KvfHgEN2yzTS2I%2BwwT1mcjA"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: AcqWRCvBLRa3xmJBMo39jZ.80iXToZd5
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f419690adf90ff2-MRS

GET
H2 200 custom.css
laptrinhx.com/cdn/ 150 KB
29 KB 37ms
37ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/cdn/custom.css?v=0.9050

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323a4533e338bf25fd3a6449c8ce9747affdb6f8d228ecd30bb77e1b68e02691

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 4354
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 04 Mar 2021 13:38:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6040e2dc-25691"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRMN5NWuLjg3vgkYdfKFKjsvR7ZIl7UjMa1GSiZUVq0dKy2TNdQ8nNg0WSP3hCSqdOZIeJEJdKJwQgYkawCkyM5cm9GGQnRq0l269noT4SaOi9UTe2AZO8m7enWmjphpJLIHUTN8%2BJI%2BiwJr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
cf-ray: 6f419690adff0ff2-MRS
cf-bgj: minify

GET
H2 200 dark-mode-toggle.min.mjs Show response
cdn.jsdelivr.net/npm/dark-mode-toggle@0.8.0/dist/ 7 KB
3 KB 174ms
26ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/dark-mode-toggle@0.8.0/dist/dark-mode-toggle.min.mjs

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a291e9fe9a438b33d09c46eac2c455e8735ecbfeec17e339727aa5c9db16cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Origin: https://laptrinhx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 795222
x-jsd-version: 0.8.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19151-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1d39-u6fJPIP4mYvMbXhM3DenldIWsEs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6f41969189a6cc5a-ZRH

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 153ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdd692f09eb94847571d4676434990b8873ab99764c193cbc23ee9ee99482d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53950
x-xss-protection: 0
server: cafe
etag: 2647060550129216781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 14:38:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 134ms
21ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-65593818-5

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn-cgi/apps/head/jrIL4lALVidoER8knIu1r3RzlTA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c24b0cad0f1848650222b8267994fae95f6744e642dde3296f7411c84f14f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37823
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Mar 2022 14:38:17 GMT

GET
H2 200 86YUGyDaXU8fXuaUuI5-TzSAeyg.js Show response
laptrinhx.com/cdn-cgi/apps/body/ 25 KB
8 KB 33ms
32ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/cdn-cgi/apps/body/86YUGyDaXU8fXuaUuI5-TzSAeyg.js

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn-cgi/apps/head/jrIL4lALVidoER8knIu1r3RzlTA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56dfc56d1c8e123f0832aa2a4a1183017a5bee1a8b8f9820f6f9bf8b6e824c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2577984
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: E053WX86HPXYHNBJ
x-amz-id-2: N5RHDksVVy8Th0eKMJ/84GzPxgDS1L46VdqHz3Kd8y4aoUr59CGsW6CqFnjGw92X7CJYvZ4zjLU=
last-modified: Tue, 13 Jul 2021 19:41:40 GMT
server: cloudflare
etag: W/"079e036d5ba07434e7316f04ea956188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EaaIiynhLbZJUOhTqUUV9TmqXOM7iMIESgNywg0jTKi6S2pfUIz33XzckqKGK7MmdHuLo2AW%2FWMY5DF3KtYolbuSjHOzWzqq7G9uJj7mhifh9DzOfN8lnUKcPefTwn2SxrMcHLAJ%2FmECp8m"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: pKb.Yw26Hp3NrheGCrEAV8p_oiZl0uJZ
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6f419690ee4b0ff2-MRS

GET
DATA 200
OK truncated
/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0be5ab7a9de5e2340f137739809e35971b7825bc769ab138e6045544a5b37259

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=paste.cryptolaemus.com
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paste.cryptolaemus.com&size=16

726 B
1010 B

56ms
20ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paste.cryptolaemus.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Wed, 30 Mar 2022 14:38:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paste.cryptolaemus.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:08:17 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c60b2e8e81bc1a96fdb5c2f5aa721e20b42a314dda339ef4506027e477d0081a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65593818-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2011
date: Wed, 30 Mar 2022 14:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 30 Mar 2022 16:04:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 296 KB
107 KB 51ms
37ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2026110378062824&plah=laptrinhx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57c5e87832728734eabcdac247a426f82dc1535ad5377e5cab16d09c0c72b252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109245
x-xss-protection: 0
server: cafe
etag: 12178774807514611477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 14:38:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220328/r20190131/ Frame 5E2F 10 KB
5 KB 30ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220328/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 72395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Mar 2022 18:31:42 GMT
etag: 4044455266028820542
expires: Tue, 12 Apr 2022 18:31:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=496221584&t=pageview&_s=1&dl=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&ul=en-us&de=UTF-8&dt=Daily%20Emotet%20IoCs%20and%20Notes%20for%2011%2F11%2F19%20%7C%20LaptrinhX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=861838603&gjid=586575640&cid=1922533143.1648651099&tid=UA-65593818-5&_gid=656609813.1648651099&_r=1&gtm=2ou3n1&z=521461291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://laptrinhx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65593818-5&cid=1922533143.1648651099&jid=861838603&gjid=586575640&_gid=656609813.1648651099&_u=YEBAAUAAAAAAAC~&z=538028387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 30 Mar 2022 14:38:18 GMT
content-type: text/plain
access-control-allow-origin: https://laptrinhx.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
647 B 37ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=laptrinhx.com&callback=_gfp_s_&client=ca-pub-2026110378062824

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2026110378062824&plah=laptrinhx.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

cfe837f46fd3d783877e2b79862378ea52f9d0747f469c326cf1c02e4b7dd5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET integrator.js
adservice.google.de/adsid/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=laptrinhx.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 14:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A93 9 KB
4 KB 117ms
101ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&adk=1812271804&adf=3025194257&lmt=1648651098&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651098681&bpp=3&bdt=256&idt=87&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5858494597979&frm=20&pv=2&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5da3ee66c088459a421a419d52da1fe0b297ed8eee42068ca849c0cd1b7f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4029
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 14:38:18 GMT
expires: Wed, 30 Mar 2022 14:38:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A92 436 B
234 B 137ms
136ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=280&slotname=5152953241&adk=1133147547&adf=726176103&pi=t.ma~as.5152953241&w=1200&fwrn=4&fwrnh=100&lmt=1648651098&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651098684&bpp=2&bdt=259&idt=112&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=341&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cbF6B7TZgm&p=https%3A//laptrinhx.com&dtd=118

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c54695a2461c88393db1e06023ad1db883f2c4c04b95c2a408c0b7f3fb74a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 14:38:18 GMT
expires: Wed, 30 Mar 2022 14:38:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 core.js Show response
cdn.amcharts.com/lib/4/ 1 MB
256 KB 99ms
52ms Script
text/javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amcharts.com/lib/4/core.js
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e340f37ccbaf1230fb16e6ce926a574f480ee52d3f0ef8444875c132991ec99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
via: 1.1 f1cf0dd6472fa007238228b98c5a369e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4626
cf-polished: origSize=1053282
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Mon, 14 Feb 2022 10:51:53 GMT
server: cloudflare
etag: W/"3e5aa76fc8a658d1b79ad6ef3ea405e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huUIpQOkOKDiAMp7LtJCN5q55SqVxEXNn1fWqefsCrTfSrDyx6Y3Bu7IvOmT1jYgH0y5PQwUzG7Q%2B%2BAlqRX8S7pgNytX2%2FqCnJ3rM26EF4h5qbuNAEpIMYRJFig9mETEpWAagamjikFS%2B%2BEWrPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=16070400
x-amz-cf-pop: MXP63-P1
cf-ray: 6f41969328c683bb-MXP
x-amz-cf-id: fF7shdnGZp-IzuxozuSScWfJyEXBeJa6KqXA86dq-bEm3sYl3Ez__w==
cf-bgj: minify

GET
H2 200 charts.js Show response
cdn.amcharts.com/lib/4/ 143 KB
30 KB 81ms
35ms Script
text/javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amcharts.com/lib/4/charts.js
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb6754087064b74b598913cac0ec4a2c24cbd66722977ee31a5455599ab9916

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
via: 1.1 0775da0a2f9756772faa2f4ff573da68.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4626
cf-polished: origSize=146974
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Mon, 14 Feb 2022 10:51:53 GMT
server: cloudflare
etag: W/"b4e5bf2b4e7d4448581c794b22570cb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7K2CMF%2FYJZ%2FkHdEGAvuFp8xyJGtrIFTiKA3AonCMCJi%2FQnut9C2Uls%2BtMCIGq9xbUrqlKxmejZqxP%2BT%2FO9OM%2F0Et04MWI1NbTC2MGWkk2z3am6PVkkz1dCxbZNWSyh%2FrInqjMy6uoiA8rOLPTsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=16070400
x-amz-cf-pop: MXP63-P1
cf-ray: 6f41969328cc83bb-MXP
x-amz-cf-id: 8wOShmQNMGaPI6mWLPW_pI-rjc8sklJkVDrvl_k1-zjeSI1SSZpngw==
cf-bgj: minify

GET
H2 200 wordCloud.js Show response
cdn.amcharts.com/lib/4/plugins/ 13 KB
6 KB 78ms
32ms Script
text/javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amcharts.com/lib/4/plugins/wordCloud.js
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f5ed73496cd60e84cbd357ab710e0d75fe0a1a06172f7a2969f84161110914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
via: 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4410
cf-polished: origSize=14374
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Mon, 14 Feb 2022 10:54:33 GMT
server: cloudflare
etag: W/"dae56389b420c0770278b883d4e5957c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpPIFtMJJYe3BniWZdjuhc7cLLOiZpZRXsWts25dfrcr678ro0CoXUZuNNYL4N37UWP4Ci9S%2FPbuxmfm2h4Sb%2BkHUuWK18lHH65oF%2Fj5rPZzbNQqZyD9pvDuJ%2Bbx%2BYpC4LUsy9XGPqqi%2BAhNpMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=16070400
x-amz-cf-pop: AMS1-C1
cf-ray: 6f41969328ce83bb-MXP
x-amz-cf-id: CHiV6Dzbe08iDsw38aZyv-KsXyvhm9OOeZQYukcr0m-Mxie5xlUKvQ==
cf-bgj: minify

GET
H2 200 forceDirected.js Show response
cdn.amcharts.com/lib/4/plugins/ 25 KB
7 KB 80ms
34ms Script
text/javascript 2606:4700:20::681a:7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amcharts.com/lib/4/plugins/forceDirected.js
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 216574bfa9e563b5a30852dd93cbe80fa0c7af1919cce820d1be832039c87039

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4410
cf-polished: origSize=26242
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Mon, 14 Feb 2022 10:54:32 GMT
server: cloudflare
etag: W/"268bd01bfd98a71e38bce3424a1a6de5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFBBp%2Bd22dHk6Fl0B%2Bl5qbNe2In%2FeuVVKLHH6L6xrPhh3jkUBVN2njVSq47JyaLk2sgGeoVBT3T9AU0PmYh7hc4u5tgfR51DCc%2BPrSAiFUeRkbepk0Y6eLs%2BNPaue1mjQUOx%2By9HPFhvVRpKTKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=16070400
x-amz-cf-pop: AMS1-C1
cf-ray: 6f41969328cf83bb-MXP
x-amz-cf-id: WTelkn0KSWFhaliHysk45Mf3VUR42SQYKpENCNo1K_Jemy4bGgWD7A==
cf-bgj: minify

GET
H3 200 favicon.png
laptrinhx.com/cdn/ 1 KB
2 KB 42ms
41ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/favicon.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0ea70e8f2e0fb4264e619ab50cf26caf2cf2165b6b20c8fe4e265e2b59164be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2324
vary: Accept-Encoding
content-length: 1031
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 03 May 2020 03:13:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5eae36f0-407"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3TiNg2uXihvzAUkSFWVdiUZx04lS8GkZdHfJGcSU1k3b2RdU2KI5C%2FaeWCkNygJsBP5h%2BcLj%2F3sQbjQ7z96ZUet933%2FXKLBfdJvD%2Fm0IzKBB5vWYabo1O9GC5FHkEz%2F4hHCuTEwPYwlLz1K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419692ffec5a0d-MXP

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b2228c8ed200577126db43a8d7168a8da19efd252a1df628f46438345a64044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Origin: https://laptrinhx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0FbF7wEJLdh04WjiQ6sTdg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 7UGRI6k6gPi/pnXj+nLe/8JxkoW4Z9Ake/K7bYypklR63UHOAR2/Z/41FcdKqJsbnFMQw9kTQ2UDnBps/FZ8rA==
x-fb-trip-id: 686109401
x-fb-content-md5: 6f4904c93d90c92e5a2e2daf490cfbc0
x-frame-options: DENY
date: Wed, 30 Mar 2022 14:38:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a4bc603b63873413cd628b16fe9d32b2"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 30 Mar 2022 14:50:03 GMT

GET
H3 200 script.js Show response
laptrinhx.com/cdn/ 291 KB
97 KB 40ms
39ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/cdn/script.js?v=0.9050

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f179d83350b1da1ca4d2190562920d53c42bb4ebd1f5242c86f3a2408045fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2324
cf-polished: origSize=298504
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 16 Mar 2021 16:16:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6050d9c6-48e08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyNXA2TCZ8lHbAk1VWFCSIzhlBjAKsC%2F1N2uwOIyeXMCEGtA6eBF0bK1CZKFWMr0q9DrjSJPGoMJ5qUNNo0A7MKRmLY64V2it1H9mYPI7PkfGil9RImMrFqqNlrgO3Wq2eZXJfREUfDkM%2F52"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
cf-ray: 6f419692fff15a0d-MXP
cf-bgj: minify

GET
H3 200 blog-cover.jpg
laptrinhx.com/cdn/ 6 KB
7 KB 40ms
39ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/blog-cover.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468c8a376db29cb07cf4408da3b36e9d6c5fe1677aea99e95e71e3fcb0ba6f92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2323
vary: Accept-Encoding
content-length: 6159
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 25 Jul 2019 07:00:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d3953a7-180f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0l8SuQZr5DpDEsYbyDwpx9c5BRZqTgup9XzzmZqjSmA3kXgErI0UQ1lqp67Q7jHLU%2B0k%2F%2BJ0B7tH3FgZQn9vm9vO4Um8zMqxsoUygPSpQYedDcEFSvca0Vo7bYgLE7hdU96XrHgMIdV27mX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419692fff45a0d-MXP

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
30ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65593818-5&cid=1922533143.1648651099&jid=861838603&_u=YEBAAUAAAAAAAC~&z=705075537

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
35ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-65593818-5&cid=1922533143.1648651099&jid=861838603&_u=YEBAAUAAAAAAAC~&z=705075537

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg-main1.svg
laptrinhx.com/cdn/bg/ 664 B
1 KB 373ms
372ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/bg/bg-main1.svg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03527cdd8d30c8d35ff35d8e1be294beff2aa76b7574e277073883c7d81123da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 08 Jan 2020 15:05:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e15efd6-298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymoOZnTwGjonfRKRIXDXOunaFMJT61n%2FT%2FuZ5MogRCAXFDqChf%2FzmhPoF0KQP6dnQ9YsdXzdcJ6GtQxrEgaFxpWaYjakYouDmcBb%2FCy8wsulq2vK62Kd%2Fg3rreRg3zxjRjQzieT0GFXgYXg%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
cf-ray: 6f4196949ca35a0d-MXP

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=88fa49c8629f6f263b80e2aabb77a234

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78e585e4d07b15ca2ed80452aeb633dfd2a8557861a425a261281620c84fa3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Origin: https://laptrinhx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VlCLJYNjU+Xpesd2Y93wwg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84124
x-fb-rlafr: 0
x-fb-debug: ADJqZ1as8llo0mqKjZn56MLxEzBAbN9E7MPwSyDxH5f8n+CsjC6r0UgfmWpnHoKAU9y/PlAu0bQuS29XOKnLnA==
x-fb-content-md5: 2759dd6d6b1baddc367d05e1630fa91f
x-frame-options: DENY
date: Wed, 30 Mar 2022 14:38:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "cfd48f754a4d1e0774f21bce97c7300f"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Mar 2023 13:32:04 GMT

GET
H3 200 bubbles.svg
laptrinhx.com/cdn/bg/ 3 KB
2 KB 378ms
378ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/bg/bubbles.svg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fdd4cfb7bb83961b9a553a555e1857eae632e7f5b8102a436548fa404700746

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 10 Oct 2019 07:55:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d9ee3fc-b30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJBPXuhq0yF0HPxZb28n%2B1%2FUxK%2B8rnUDsbP5SpUFHeaf0FbZkvjVpSTp0szt6SFJZxHVeKs%2F%2FQ5%2FsViC%2Fo%2FhXojkxF7JaSLR0bVEIzYDD0UAf%2FvWNzf8AMg9Kp6QqqLfKzagbNFJ1ITfCgz2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
cf-ray: 6f419694acc65a0d-MXP

GET
H3 200 moon.svg
laptrinhx.com/cdn/icon/ 586 B
1 KB 36ms
36ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/moon.svg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

621b54e5d3acddbe93a633ee199a3fe538cd2469527f4cc2cc65b67131189704

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2323
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 24 Oct 2019 18:51:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5db1f2b6-24a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmnBBddCTgQXUbU3lDMpravo9g1V4si5JjzI0l7x7yRiizZDEILsXGE2dHcin09gLWY2vUWX5IMqSoqam7Asms6sOTJRx%2BgjltLkAHQHjqFdZLMKwlZLAyION5pa0h9zXWD%2BFr5ChpdlWpyB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
cf-ray: 6f419694accd5a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 5 KB
2 KB 444ms
443ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=home

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b08e0b004c48f1d9692333bb535647bc812d8d9f67987272c432c724c98c6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxxSEHbrvtScxl2LWdH%2B1Se7DnTckEbV167QkRSYcWmx9FFhqklCI8PPFOAXY%2BXuX7W26glSeB5VZKHdlClYtvxAM%2BJX60zEnVD4s0T4jjQ4NJIzZ2uCxrDTkRLX1NwPDcEdcVzYG3gT5T5z"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd015a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 4 KB
2 KB 430ms
429ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=ebooks

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c59256d9da57a8b3e1db6dfb557021da6367d009bccc25b92c879986c295673

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhnmROkrCKewa53nhN1sHMUKJmY36m7XsL%2FOYE%2FqohhYC1nSQmageW2bc91nW6kssZIN5iYjuiVu4O9yG80GN3Miv6HBFXGjgxINO0UtZLNnXN3ppWD1mSpeH0tgYqPJ8ADo13BeY4cGH61C"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd0c5a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 4 KB
2 KB 433ms
433ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=themes

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8f1e5286594e966751e12125c3fba0c140cc2217d87661e305224fa1a9a3b59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUoqnYyhuO0AzSwh%2Bjnx6CmQEJzoQmdMMiTGMAloX3jSm0gOiFr%2BgZBCLeRdbb%2FYbbePay75CnJHTRbECugb8t0S8MdqgfKAxyNBssANwFDvDEwLtEg7jRvl9O%2Br7U14B81psCKglw6fM11Q"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd105a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 3 KB
2 KB 386ms
385ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=tutorials

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a0113f56c3dfc27b724ab7921fd430064702233b51de3937717895591915e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hX7f010ZxeCfHSSd6SxwTLLpcrE6FEOYUiPCsWob%2FIbruZjG2u6er%2BqLJX00xBjTM29RlE8TGywC9yge1YQGLRwdPLIfGRONxNA2dBOIHHQKNB2pLX6n2AEtJEbfgp%2BjZtGNdhA71aYg0dYH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd125a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 3 KB
1 KB 442ms
442ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=funny

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86c9ed0f23530e9c79219a80d1ac660fb258e93a07fc1999ab8b14de02abb35e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYA2aEaRl9Vucp2WZ8YJk6g6VliR6hnBK%2Bbig8OI4lrvtC5IUaVjp1mxXBsCJsOymjaNrnpL5Hv6H0LOfxEfbfUwMU2f7XEvbOuJ4EsZ8XPRxv6MAWLbHoOoq9iWiVvRmVE%2BWNfRsaTN15HF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd145a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 3 KB
2 KB 344ms
344ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=it-jobs

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1efe8a6aab3b4e9ec2540e9787a88f79a985d57d5a8c15033182daf659b86132

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IfjzfDwjKPodNNo5SNpQ320tRI9m3Tt2sltHQTyIgYrDkDDg7tCaPfktNF0TYE4dx1%2FZwOnt8Lx7GjPFBkgCKtGxdUSjydbnexU%2FYVT5dEOzkkRt%2F5UD5JXxp1l%2BYMigTlqJgtWqOayBS9p"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd155a0d-MXP

GET
H3 200 get-top Show response
laptrinhx.com/ajax/ 4 KB
2 KB 355ms
354ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/get-top?top=videos

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0643a80cb2078ff8567cb4b2016d8f73727340f073a7befae1145a3e0a7543f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXDwzL4A83tiMKluPgn6tpuc8tFXxuHcgr2U5ABBRcilUt0DVJjl1e4ZR4W2YNhM49Jib1btYcXeoZEuOfMXIDizRFE5zKkfLg6kasO3gH0APu0QqjqaxFmGt62z4OqKL%2Fp6UGh117kWXN2N"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694bd185a0d-MXP

GET
H3 200 menu Show response
laptrinhx.com/ajax/ 2 KB
2 KB 364ms
363ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/menu?path=%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce5a81115fe6f71c1edea17bc4247d2a6c38cdfef7073edcd2dc2971f42deea8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjv6JydgVwaJLQjk1jXnZ3Payw4lpVSiObj6QoNmb53WKQ9Puwbhz8YeSe6Y6gGnumTY7s9A3wS%2FmtOPxSk7SLFacM%2FDxvVMoNdD504ZcX1yryYVfb5mWS6ZDy7Jzw4EZ9dzXRNi1tnhObjq"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694bd1a5a0d-MXP

GET
H3 200 new-post Show response
laptrinhx.com/ajax/ 12 KB
5 KB 434ms
434ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/new-post

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43dca7beb19f75ace75d0d6ca4dc00fda163f6109198d8879d8e49dcbbc9c10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq7QxmeYzzElmMY7QarP8%2BU2isVFI8ELYlQ%2BU4onZUodCz%2B4jxVbwDZkXAfTcwDgk8rDOqFde66wC6QhfFzslZvi6pOxRK8E%2FYkLDQdHIgLJI72p6%2BhA0wXZn3UxaV0NvASKKDDdsKOkbhOm"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694bd1b5a0d-MXP

GET
H3 200 tags-total Show response
laptrinhx.com/ajax/ 5 KB
2 KB 380ms
379ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/tags-total

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1b88f820071e1914b68ad1a5e0f760cb91d66a42658941bde44ad33a208d62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CH1%2FUHszxj8I6f%2BEwhGMFIZvTvJh45bCnHA%2Fuj4hwZ2DIfshjgF92avVjXBqcsUsNWaVZ3v%2Fow5XVbFlZZ6GhbOcWrw9iPlcRv5FZ5o4Hp4AmIGNZrYRna5qwCkZqhcBAfh5FwaPSX4xB1a"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd265a0d-MXP

GET
H3 200 authors-total Show response
laptrinhx.com/ajax/ 2 KB
2 KB 415ms
414ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/authors-total

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

864023030afd00d66ebfb86f11acd1a3b0b2c7b2ce9eb80e6c68077c4ffdfb57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djW%2BGzO93%2FXLiOqsw3HYkQBWxl%2F5InFfZKLPbTSlj2vlkg1zmzd2tzscfo2NBIXX8wi7vpWXxEehZKnYolikc%2BPRkPxywuzpVXQO5vDGfhQ%2FtnHAVrejtZVkvrkQKdv50BazHeutvni2Iopq"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd2b5a0d-MXP

GET
H3 200 last-post2 Show response
laptrinhx.com/ajax/ 23 KB
4 KB 415ms
414ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/last-post2

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ccea91b70f17797ad019ae0e554729a4a6592d80132f298da21cd3a56dd9ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5lNsEs8NYoBm09gA1DO62q4lJC27lof3xy7%2B7UcyHxAo123kilhqdWXLrM23AsyQwcEORt7vOKI%2BDJSM725isJAFyzu1rFaFAZeMuzSNw62ZnLoO0hXzXMrFonOFsgOklc9zgpga2yr6Trx"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd2c5a0d-MXP

GET
H3 200 trending Show response
laptrinhx.com/ajax/ 53 KB
7 KB 400ms
399ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/trending

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a511fdf44cca6b02e85a7b663f8cc5de62a4ce9ebaf3404a6e548262b60ea3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z5WWJ0Gq7pcjh64xpymgvW8ZFpz8k343SdE%2Fy4Ok%2F7wsyQfJdusIZZLRzmkOsu4qniINpk9ksfujlsUgzlT%2BpIZ%2BheurgkWk4gF%2FHNv%2BxuWlTxAcFpxh4x7wua9O0LVYAbdKEQ%2FwiIKtMXi"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd475a0d-MXP

GET
H3 200 bookmark Show response
laptrinhx.com/ajax/ 0
990 B 382ms
382ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/bookmark?id=1809292531

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GG8BsviCPYODhaer0vUOemd6N8HapecC962zXZaLtuacjWPHS08QFBAzDzzORqFFpskZhp8GQdWv%2FDfMbm%2BYrM64wDUnWZ473dPVQVf5wlgMwS9aT8O8HC6cIIyDk%2BljiYTypqrbRcA7xNBZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694cd4c5a0d-MXP

POST
H3 200 related-post Show response
laptrinhx.com/ajax/ 16 KB
2 KB 961ms
960ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/related-post

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb2154fb2b46b2573e5b20c777fb349893286cf73ca5d98d54be7042ed63a77

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP3Fff4N2mTqzmOar411zRdWZr4s2LvFVMvpdSWz5PE1Ze%2FIBvj0%2BwufpuLJJKmgyasKhuyAMXuPj39z%2BySyDarHQXEavR8PyxoRcEhOFHXEqVG66dX8wtF0tIXKhpFBPA643uyi5Dicxw5K"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd4e5a0d-MXP

POST
H3 200 increment-view Show response
laptrinhx.com/ajax/ 3 B
939 B 559ms
559ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/increment-view

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28dae7c8bde2f3ca608f86d0e16a214dee74c74bee011cdfdd46bc04b655bc14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxkZpTZ%2FRCWKavGn4j0HYS1jQwv1LWPZREHAJMK7fItpF6XuzPQIkGdIGwJapeThQi9uUuJyqZqGoJuKK%2BdQENtTPW%2FhoQF8CEJFDF8sxffDsQq%2FP0%2F41BYKzHw9t7adUsZQ5ma8P8yTDHu4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694cd515a0d-MXP

POST
H3 200 quote-post Show response
laptrinhx.com/ajax/ 99 B
1 KB 460ms
460ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/quote-post

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caeec4cb0b2a41dd969a28fe9aa7df8734c3fe70ec1867732f7d6ed64957c0d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taNmCG5E%2BmfSjndDWsuiWBda7abwZMkCszUjORsCk0T5ird%2Bs04K6AyCe9r655c%2BYQPyEAYIXolF0MegBRr%2FZpfXpXOM9haYTjaHWa0b97tn1LWCQxaghePj%2BT70pwA6LTYYNq7%2BIQzPG6Cd"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd525a0d-MXP

POST
H3 200 related-tag Show response
laptrinhx.com/ajax/ 2 KB
2 KB 630ms
630ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/related-tag

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d1dc8150fd57992132d766052c9def8bfbb8f30e347520c00f6f462967b3498

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGdIMcINryK5D7xFFiD5WhjedQlXyKPF4CZIDVZXfMNMuhzYXOiJ%2BpNIqSMofE%2BKmiXbTDLUv7NN3Kw9USxYIXUYyFKZjCdZlt1Y9N4H094UstynJkHT6sTt3p3U4mmQctuaYlep8qqJxxjN"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 6f419694cd535a0d-MXP

POST
H3 200 post-prev-next Show response
laptrinhx.com/ajax/ 6 KB
2 KB 646ms
646ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/post-prev-next

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb84c91f403529a7f2f3661d6a5b7ee555c574647e59e790adc45649a4fc6579

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Vb%2FoqkjW5T0gBmXuncrHjxQR%2B%2BNfLhqOntZ3XJl75PFehgF0fWJtJ09%2BOCb3uMAm0zX7kMnBAciOqQhh0GtfQAlKjGrcA72G3LszBM9Ji4nenvUKy0%2B2NVEfvZnp2QAMxfaaGFIboC288fV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694cd545a0d-MXP

GET
H3 200 last-post Show response
laptrinhx.com/ajax/ 1 KB
1 KB 391ms
391ms XHR
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/ajax/last-post

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/script.js?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f15997c945adab658b7c8e05680e0a30be1b1a031ca4a7fd9b4416664137a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
date: Wed, 30 Mar 2022 14:38:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gnp4JBsd02TZyi8f5hsepURhurtrs0Iqcc2qmTe%2Fe56PQTP%2BYWkCYDpfOUsnHDUnDLNlqRvcPui71cvUhk%2BRzJK4lsi%2B5j44HD9crZieS3NTc0uws0cogTQKF3uN4MEZJ3E%2B%2BCs3TfwM0jx7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 6f419694cd555a0d-MXP

GET
H3 200 sst_icons.woff
laptrinhx.com/cdn/fonts/ 2 KB
3 KB 28ms
28ms Font
font/woff 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/cdn/fonts/sst_icons.woff

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98bd147a9f2bbfebf2fdee36a57883223ffba851d2adb4f465a8900812373a5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://laptrinhx.com/
Origin: https://laptrinhx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 2104
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 13 May 2019 07:02:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5cd91669-838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri8qW8bPIWwleKU5aYzJzAPN9A6%2BQtQ64L0R4kA%2BNbUwxokwlLu8jY8yIE0bm%2Fgz2SpVvPJhHN3ItZuX3Ad1FVt%2B8eKyRhRyEyVwkUe3Ig0frxTcYNdyKFsrE%2Fah04fKBLMw6ehocKGcJsgS"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419694fd9d5a0d-MXP

GET
H2 200 145852wacontre-5983d463b1640.jpg
images.careerbuilder.vn/employer_folders/lot9/161649/ 87 KB
87 KB 1189ms
291ms Image
image/jpeg 222.255.236.247
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.careerbuilder.vn/employer_folders/lot9/161649/145852wacontre-5983d463b1640.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.255.236.247 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: d8339b9ae233d6ec110d68701190e9dcd781cd61c7bcedd0354d44b6faade0a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
last-modified: Wednesday, 30-Mar-2022 14:38:19 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-store, no-cache, no-store, no-cache
accept-ranges: bytes
content-length: 88792

GET
H2 200 105720unnamed.png
images.careerbuilder.vn/employer_folders/lot0/180310/ 12 KB
12 KB 1190ms
291ms Image
image/png 222.255.236.247
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.careerbuilder.vn/employer_folders/lot0/180310/105720unnamed.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.255.236.247 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: 1930221a7f3f63776276e9de50672fb60ad022d987e3a6524a90299243e26648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
last-modified: Wednesday, 30-Mar-2022 14:38:19 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: public, no-store, no-cache, no-store, no-cache
accept-ranges: bytes
content-length: 12035

GET
H2 200 140202chanchinh_90x90_100809.gif
images.careerbuilder.vn/employers/29800/ 6 KB
6 KB 1189ms
291ms Image
image/gif 222.255.236.247
VNPT-AS-VN VNPT Corp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.careerbuilder.vn/employers/29800/140202chanchinh_90x90_100809.gif
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 222.255.236.247 Hanoi, Viet Nam, ASN45899 (VNPT-AS-VN VNPT Corp, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6495436bd41ddbda9660b2d78de2ea925ab34b4060082a40170de5c27b08efef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
last-modified: Wednesday, 30-Mar-2022 14:38:19 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
cache-control: public, no-store, no-cache, no-store, no-cache
accept-ranges: bytes
content-length: 6152

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/bB-xAYpeVL8/ 25 KB
26 KB 41ms
18ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bB-xAYpeVL8/hqdefault.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b3066934852d6aefc6c66911ba51f8913d3365929929f394c1af6301a1d8d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26065
x-xss-protection: 0
server: sffe
etag: "1618604385"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Mar 2022 16:38:18 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/1kL7OxuThN8/ 23 KB
23 KB 46ms
24ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1kL7OxuThN8/hqdefault.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a873d33e3ba2852ca3ce57e4d469ba3f7031879e91df9ca470101566283bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23135
x-xss-protection: 0
server: sffe
etag: "1617100320"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Mar 2022 16:38:18 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qvrcaPX8ihc/ 13 KB
13 KB 52ms
30ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qvrcaPX8ihc/hqdefault.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1819e9e4a0c6859d077cd4bc3c75fc7118f1a49c8aff31ba454c762ad73a3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12807
x-xss-protection: 0
server: sffe
etag: "1618609844"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Mar 2022 16:38:18 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/sM6DbsKHBKE/ 34 KB
34 KB 48ms
26ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/sM6DbsKHBKE/hqdefault.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b88b76363553ea9009e4c58d1d6dddef5970428453fcaaf08628e76340cc5d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34953
x-xss-protection: 0
server: sffe
etag: "1614036510"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Mar 2022 16:38:18 GMT

GET
H3 200 laptrinhx.png
laptrinhx.com/cdn/ 13 KB
14 KB 30ms
30ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/laptrinhx.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4992ed04e919fb75750cdb596910f6a90a855bc39870572873435803bc51edc8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 13806
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 31 Dec 2020 12:29:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fedc447-35ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfIdmFP6jirEOklZZxv0le5YyX9eP26%2F0o943AEKAdjCBzzhwqC6pvM3H2EU%2FuMgpCVpLFLXpZn1%2BUOLKX3enRHZUK4VdAapnJpZyJiCoYaUaHsmDzrTmh0Gf%2FzzZ8CrMgVAKOGNHlvBR92A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f4196977c995a0d-MXP

GET
H2 200 ngon-ngu-lap-trinh-c.jpg
www.hiepsiit.com/public/uploads/images/C/ 30 KB
30 KB 1321ms
188ms Image
image/jpeg 112.213.89.40
SUPERDATA-AS-VN S...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hiepsiit.com/public/uploads/images/C/ngon-ngu-lap-trinh-c.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.213.89.40 , Viet Nam, ASN45544 (SUPERDATA-AS-VN SUPERDATA-, VN),
Reverse DNS: ns8940.dotvndns.vn
Software: Apache /
Resource Hash: 5c5b08ac5e0a72787a5b561c315493b9d578c71334a77f875e12bbeb5239b905

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
last-modified: Mon, 12 Oct 2020 14:46:01 GMT
server: Apache
accept-ranges: bytes
content-length: 30232
content-type: image/jpeg

GET
H3 200 2.jpg
i.ytimg.com/vi/W2bmR8V8rJ8/ 5 KB
5 KB 31ms
16ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/W2bmR8V8rJ8/2.jpg?time=1424261316715

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd02cd6b9a75af6d734dd94e449f79d83867eec28c1636274c628e613383cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4639
x-xss-protection: 0
server: sffe
etag: "1408364302"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Mar 2022 16:38:18 GMT

GET
H/1.1 200
OK BOMs.jpg
blogs.sap.com/wp-content/uploads/2020/10/ 255 KB
256 KB 100ms
12ms Image
image/jpeg 130.214.229.186
SAP_CC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.sap.com/wp-content/uploads/2020/10/BOMs.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

130.214.229.186 , United States, ASN35039 (SAP_CC, DE),

Reverse DNS

Software

undisclosed /

Resource Hash

7744a4e85f4aefcd5ca65c23f43e3769e22d4d17a24e846d371728c78b3d6e4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.sap.com sap.lookbookhq.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

app-response-code: 200
Date: Wed, 30 Mar 2022 14:34:50 GMT
X-Cacheable: YES
Age: 208
Connection: Keep-Alive
X-JSL: D=2126 t=1648651099076466
content-length: 261241
x-node: nodeid-bvpjf
last-modified: Wed, 14 Oct 2020 21:38:44 GMT
Server: undisclosed
x-jsl-app: D=1432 t=1648650890408286
X-Frame-Options: SAMEORIGIN
etag: "3fc79-5b1a85b144215"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
App-Response-Size: 261241
Cache-Control: max-age=43200, stale-while-revalidate=3600, public
Content-Security-Policy: frame-ancestors 'self' *.sap.com sap.lookbookhq.com;
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H3 200 twitter.png
laptrinhx.com/cdn/icon/ 718 B
2 KB 26ms
25ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/twitter.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cabc7b0a3dec80a79e7a0bba210c4e1259f834c450255f0f357a4424effde4bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 718
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 23 Jul 2019 14:33:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d371ad1-2ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX4FCyWEscWhwJUNYRxzpkhT8SCCHmyKWn0jwxK2T%2BQmg3wheKsNyRfAOLVJnlDHspmsLyn095i4vAV%2FlheC5s8AyUNrWiQD4jlzMjaIAe48KsCXGJsexoSQLlziXeLFLntDRqqk1DrrQ2fo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419698b83c5a0d-MXP

GET
H3 200 facebook.svg
laptrinhx.com/cdn/icon/ 417 B
1 KB 32ms
30ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/facebook.svg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ab26cd5436f646ae93cd6db3b1048652ca754057780e8ae8787d76ea8b7dec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2322
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 23 Jul 2019 14:34:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5d371afc-1a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQuGQxHnjNN8PTlMNLFadusnlLi7oklaCp3ILFegWAzqVrUqt0uPwzdxP6VGQR%2BV8bTNN3jR0%2FGdvGpj6uNMsuyEarjQfkMxUNjjLzoz4fvkY9JJF2XcnnqSqvD%2FYWG8Vls3IhWmf5lLvdYZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
cf-ray: 6f419698b8475a0d-MXP

GET
H3 200 email.png
laptrinhx.com/cdn/icon/ 403 B
1 KB 41ms
38ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/email.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97717f3bdc47d512640a6c94d39a88b40978172bb157198de98e97d29bc9c644

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2322
vary: Accept-Encoding
content-length: 403
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 23 Jul 2019 14:34:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d371b11-193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aw7Q8u3iUtYra44lU6u9RC06h4jpN2V0udqieInmZXjLTtBkCSQDGVqFPvK%2BxezyFxJSPW6qO6K6SoYIM64FSpgphbdh1LGGeIGWGI4qzqtGjeHDWfJlHHKc2SdLwfQ5fxVmI92dlTPpulSu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419698b8495a0d-MXP

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=blogs.sap.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blogs.sap.com&size=16

271 B
947 B

43ms
8ms

Image
image/png

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blogs.sap.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5c53cefd90b5a45afcf7a17c4782987d57bfd9981a63fefe268ca06fc61338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 06:52:47 GMT
x-content-type-options: nosniff
age: 200732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0
last-modified: Tue, 10 Apr 2018 15:09:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://static.community.services.sap/com-hdr/v8/101.46.10/shared-ui/1dx-assets/images/favicon.png
expires: Mon, 04 Apr 2022 06:52:47 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:34:03 GMT
x-content-type-options: nosniff
server: sffe
age: 255
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blogs.sap.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 333
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:04:03 GMT

GET
H2 200 screenshot-2020-04-18-at-5.37.32-pm.png
gigadom.files.wordpress.com/2020/04/ 88 KB
89 KB 71ms
12ms Image
image/png 192.0.72.26
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gigadom.files.wordpress.com/2020/04/screenshot-2020-04-18-at-5.37.32-pm.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5b103b6dd4cd46cfba0944e3c19de471e7fbce56bf0198c37179bb619b23c09e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT ams 26 np
date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Apr 2020 12:07:50 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://gigadom.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 90451
expires: Sat, 07 May 2022 10:13:14 GMT

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=gigadom.wordpress.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://gigadom.wordpress.com&size=16

377 B
1 KB

41ms
7ms

Image
image/jpeg

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://gigadom.wordpress.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b61ca3c161ce274e9f82a42249280820c01fe62660994717577791dfb24ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 12:14:42 GMT
x-content-type-options: nosniff
age: 8617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377
x-xss-protection: 0
last-modified: Sun, 08 Jul 2018 21:27:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://secure.gravatar.com/blavatar/6f83bb11aa5ba291a4fb7a33e19939b8?s=32
expires: Wed, 06 Apr 2022 12:14:42 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:19:11 GMT
x-content-type-options: nosniff
server: sffe
age: 1147
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://gigadom.wordpress.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:49:11 GMT

GET
H2 200 1*sJd7qlz3-IaEP1hydGwyTA.png
cdn-images-1.medium.com/freeze/max/1000/ 85 KB
85 KB 72ms
30ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/freeze/max/1000/1*sJd7qlz3-IaEP1hydGwyTA.png?q=20

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468eee25780f40c29069d2d91645e07ff5775c98bc4f414c5818ee7eee6dbf06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10462
x-envoy-upstream-service-time: 89
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86750
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f419698f99ccc42-ZRH
expires: Fri, 29 Apr 2022 14:38:19 GMT

GET
H/1.1 200
OK Edge-Computing-Graphic-1024x576.png
s3.amazonaws.com/cbi-research-portal-uploads/2019/01/08144511/ 56 KB
57 KB 415ms
119ms Image
image/png 52.217.138.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cbi-research-portal-uploads/2019/01/08144511/Edge-Computing-Graphic-1024x576.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.138.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2f12daf14684476b3ef7891883165e562e041161952aabffb39a701162f1782f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 14:38:20 GMT
Last-Modified: Tue, 08 Jan 2019 19:45:16 GMT
Server: AmazonS3
x-amz-request-id: AB1BXFZGBEMJTTQG
ETag: "04ce7e884e4353912ad99414a048b115"
x-amz-id-2: 1ZhHPGbdf8ENhtSBvUT+h6WH9DsQ5LkdQNHD9JpE5rA1HTAFAuUesGFzocfOk5trtBD5kT8FJW8=
x-amz-version-id: foWX6Fr73JdfGhnxKVFp1gntHflYxX6v
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 57528
x-amz-meta-hasbeencompressed: 1

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=cbinsights.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cbinsights.com&size=16

285 B
429 B

42ms
8ms

Image
image/png

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cbinsights.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a558f9c53e092e98696ca0afde1369b11e2b26581bb898eaf59e3b55bf8cdbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:17:30 GMT
x-content-type-options: nosniff
age: 559249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285
x-xss-protection: 0
last-modified: Wed, 11 Apr 2018 00:30:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.cbinsights.com/favicon.ico
expires: Thu, 31 Mar 2022 03:17:30 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:19:11 GMT
x-content-type-options: nosniff
server: sffe
age: 1147
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cbinsights.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:49:11 GMT

GET
H2 403 68747470733a2f2f63616d6f2e716969746175736572636f6e74656e742e636f6d2f613237306466313136326564356333626639393638623234303634623931656564306466636331312f36383734373437303733336132663
camo.githubusercontent.com/8456a67ab97a13866d928d3a14dff59a57cdeccb/ 0
0 126ms
101ms Image
text/plain 185.199.110.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camo.githubusercontent.com/8456a67ab97a13866d928d3a14dff59a57cdeccb/68747470733a2f2f63616d6f2e716969746175736572636f6e74656e742e636f6d2f613237306466313136326564356333626639393638623234303634623931656564306466636331312f36383734373437303733336132663
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-133.github.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H2 200 0*rlnAH_rod_BKr3cP
cdn-images-1.medium.com/max/526/ 50 KB
50 KB 596ms
555ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/526/0*rlnAH_rod_BKr3cP

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0c696bcc3e5b91a8a5a98fa69cbedc79d806de689581d0ea018e39065c204c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51333
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 6f419698f99ecc42-ZRH
expires: Fri, 29 Apr 2022 14:38:19 UTC

GET
H2

200

01.png
1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/
Redirect Chain

https://i2.wp.com/1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/01.png?w=687&ssl=1
https://1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/01.png

76 KB
76 KB

32ms
9ms

Image
image/png

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/01.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7154482c9253f4032ac52966ce9007f18d15254aa701e4603e771c0cb9284909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:30:10 GMT
x-content-type-options: nosniff
age: 489
content-disposition: inline;filename="01.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77581
x-xss-protection: 0
server: fife
etag: "v99cd"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 27 Mar 2022 13:52:29 GMT

Redirect headers

x-nc: EXPIRED hhn 1
date: Wed, 30 Mar 2022 14:38:19 GMT
server: nginx
location: https://1.bp.blogspot.com/-0Ya1gW-ad2s/XyQP5CNlQmI/AAAAAAAAmcY/2GKJioWcXskl9Ip-VqzgDOqHuNcytpHdACLcBGAsYHQ/s1600/01.png
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
timing-allow-origin: *
content-length: 138

GET
H3

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=hackingarticles.in
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hackingarticles.in&size=16

376 B
401 B

24ms
9ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hackingarticles.in&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2609991acfecb113dfd25fc91ac3d5e3f141b9b05e31a7fda2fc92fb418c28a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:01:05 GMT
x-content-type-options: nosniff
age: 167834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
last-modified: Thu, 16 Apr 2020 10:57:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.hackingarticles.in/favicon.ico
expires: Mon, 04 Apr 2022 16:01:05 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:27:10 GMT
x-content-type-options: nosniff
server: sffe
age: 668
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hackingarticles.in&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:57:10 GMT

GET
H3 200 1*IJw8N-HSEzLpwJDS6JVs-w.png
cdn-images-1.medium.com/max/871/ 60 KB
60 KB 95ms
70ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/871/1*IJw8N-HSEzLpwJDS6JVs-w.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc427467e02960ccf9d7164e74077347133a4806c042b6282edd80638fed128a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10460
x-envoy-upstream-service-time: 97
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61344
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f4196995eb7cc4e-ZRH
expires: Fri, 29 Apr 2022 14:38:19 GMT

GET
H/1.1

200
OK

Auth-Sequence-1.png
developers.redhat.com/sites/default/files/blog/2020/06/
Redirect Chain

https://developers.redhat.com/blog/wp-content/uploads/2020/06/Auth-Sequence-1.png
https://developers.redhat.com/sites/default/files/blog/2020/06/Auth-Sequence-1.png

204 KB
191 KB

77ms
77ms

Image
image/png

2a02:26f0:fb::5f64:997b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://developers.redhat.com/sites/default/files/blog/2020/06/Auth-Sequence-1.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

HTTP/1.1

Server

2a02:26f0:fb::5f64:997b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7f0e3a714e236333b6fa25d1186ada3875edaa4987be84dc9163c5c7fb59fd12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 14:38:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 13 May 2021 20:31:05 GMT
Server: Apache
x-rh-edge-request-id: 462480b1
ETag: "32f3e-5c23c01abe048-gzip"
X-MYVHOST: executed
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=384272
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 195419
Expires: Mon, 04 Apr 2022 01:22:51 GMT

Redirect headers

Date: Wed, 30 Mar 2022 14:38:19 GMT
Server: AkamaiGHost
x-rh-edge-request-id: 4624804c
Location: https://developers.redhat.com/sites/default/files/blog/2020/06/Auth-Sequence-1.png
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Wed, 30 Mar 2022 14:38:19 GMT

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=jboss.org
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jboss.org&size=16

133 B
276 B

43ms
8ms

Image
image/png

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jboss.org&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e9ae795b15c50cced87bea96caf36b2b3f9bb8a363dfadeb4fdcdff465ff46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 11:40:51 GMT
x-content-type-options: nosniff
age: 10648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
last-modified: Fri, 22 May 2020 12:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.jboss.org/img/favicon.ico
expires: Wed, 06 Apr 2022 11:40:51 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:19:11 GMT
x-content-type-options: nosniff
server: sffe
age: 1147
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jboss.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:49:11 GMT

GET
H3 200 1*2y516oRxWBY9ASyN25t0mQ.png
cdn-images-1.medium.com/max/616/ 90 KB
90 KB 37ms
31ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/616/1*2y516oRxWBY9ASyN25t0mQ.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e9088819767e178d0f17cdae2c9af320e41310f35a0466c181a9d98481c7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10458
x-envoy-upstream-service-time: 74
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91750
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220322-153408-5d6507f242
accept-ranges: bytes
cf-ray: 6f4196995eb5cc4e-ZRH
expires: Fri, 29 Apr 2022 14:38:19 GMT

GET
H2 200 business_logo_design_thumb.jpg
gdj.graphicdesignjunction.com/wp-content/uploads/2020/05/ 9 KB
9 KB 62ms
7ms Image
image/jpeg 151.139.241.27
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdj.graphicdesignjunction.com/wp-content/uploads/2020/05/business_logo_design_thumb.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.27 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: bc7f3a22f95684b2d09312693ac37e4a9a9cf5b3835459592d2b040b3132f4ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
last-modified: Tue, 05 May 2020 01:38:25 GMT
server: nginx
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8911

GET
H2 200 51UT2GaH8%2BL.jpg
images-na.ssl-images-amazon.com/images/I/ 35 KB
35 KB 91ms
11ms Image
image/jpeg 2600:9000:2315:3a00:1d:d7f6:39d0:c781
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/I/51UT2GaH8%2BL.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3a00:1d:d7f6:39d0:c781 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 81a8eb9d21e718efca58ee7b796645966e475c35a78f92527a3815a6c0026490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:23:16 GMT
via: 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront)
age: 58502
edge-cache-tag: x-cache-315,/images/I/51UT2GaH8%2BL
x-nginx-cache-status: MISS
x-cache: Hit from cloudfront
content-length: 35423
surrogate-key: x-cache-315 /images/I/51UT2GaH8%2BL
last-modified: Tue, 24 Dec 2013 10:45:39 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 55e3d5da-b95f-49ad-97d7-c4953df6c953
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: I_w2KwOaM7tdnhmVdPMYrutO3eWyGuqy830spKgqPPDR30h3LhNZqw==
expires: Mon, 24 Mar 2042 22:23:16 GMT

GET
H2 200 https%3A%2F%2Fqiita-image-store.s3.ap-northeast-1.amazonaws.com%2F0%2F24981%2Ffae77581-cc75-1a24-8f9b-f00d1a25a2f3.png
qiita-user-contents.imgix.net/ 26 KB
26 KB 49ms
7ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qiita-user-contents.imgix.net/https%3A%2F%2Fqiita-image-store.s3.ap-northeast-1.amazonaws.com%2F0%2F24981%2Ffae77581-cc75-1a24-8f9b-f00d1a25a2f3.png?ixlib=rb-1.2.2&auto=format&gif-q=60&q=75&s=2b006555403b0df470d0dbfcfa5ee68e

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

81c563ab78f65ce3d4c1edc76ff2de2c15a9e5bad150eb5fa44a418ecc4cb4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
fastly-original-body-size: 26551
age: 111637
x-cache: HIT, HIT
x-imgix-id: e0fa79c525f4e2c0b8ffcf8bb6a0963a58ee3a7c
content-length: 26551
x-served-by: cache-sjc10059-SJC, cache-hhn4029-HHN
last-modified: Tue, 29 Mar 2022 07:37:42 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=qiita.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://qiita.com&size=16

350 B
531 B

36ms
9ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://qiita.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

654e8c2c6cc9676911d5cfda26ee3e1627792e251042a4d02cbafd48d9045460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 07:15:12 GMT
x-content-type-options: nosniff
age: 199387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
last-modified: Mon, 02 Dec 2019 06:40:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cdn.qiita.com/assets/favicons/public/production-c620d3e403342b1022967ba5e3db1aaa.ico
expires: Mon, 04 Apr 2022 07:15:12 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:34:03 GMT
x-content-type-options: nosniff
server: sffe
age: 255
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://qiita.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:04:03 GMT

GET
H2 200 2015-08-10-rip-small.jpg
mmikowski.github.io/images/ 65 KB
65 KB 180ms
124ms Image
image/jpeg 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mmikowski.github.io/images/2015-08-10-rip-small.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 601a6adb733eb7ef3c775335b95f965d7c94d40173824f0fb822280228130f61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fastly-request-id: ab0ace7127f545a9485a311faad8a3d40fa68bf5
date: Wed, 30 Mar 2022 14:38:19 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 66269
x-served-by: cache-mxp6946-MXP
last-modified: Wed, 04 Dec 2019 18:14:40 GMT
server: GitHub.com
x-github-request-id: B17C:3C65:227B7:25536:624442CB
x-timer: S1648651099.279930,VS0,VE106
etag: "5de7f790-102dd"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 30 Mar 2022 11:55:15 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=mmikowski.github.io
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mmikowski.github.io&size=16

279 B
430 B

40ms
8ms

Image
image/png

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mmikowski.github.io&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50d3be11c1df9c9e16599cf3b08b0da389fca900f895ced0b1efaeb81001a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 12:04:40 GMT
x-content-type-options: nosniff
age: 9219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
last-modified: Tue, 18 Jun 2019 15:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://mmikowski.github.io/favicon.ico
expires: Wed, 06 Apr 2022 12:04:40 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:19:11 GMT
x-content-type-options: nosniff
server: sffe
age: 1147
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mmikowski.github.io&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:49:11 GMT

GET
H2 200 best-jquery-calendar-plugins.jpg
www.learningjquery.com/wp-content/uploads/ 45 KB
46 KB 121ms
36ms Image
image/jpeg 2606:4700:3032::6815:407b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.learningjquery.com/wp-content/uploads/best-jquery-calendar-plugins.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:407b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334b4718a71650f2528f192fdb37975db92eec9b9e2a3dfada5a98331eeaeb92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10785
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46437
last-modified: Thu, 21 May 2020 14:24:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snoE9jvOOIz6QJRgrv2gJ7Bk2nb9OQdhLRtVHtvWoiU26hh%2B0lnIAq2cwQr7Vrq66XoGz%2FLpHda460%2BPa2YX8FYtXo%2FNx0rY7w%2FO2%2FuEmTqDpo8iHlDOJpFcfzrD1GoPrMHGOABS4%2BNro%2FNAVd3UvNOOW0YU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 6f41969acf3f41ab-MRS
x-proxy-cache: HIT
expires: Tue, 26 Jul 2022 12:41:04 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=learningjquery.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://learningjquery.com&size=16

173 B
317 B

35ms
8ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://learningjquery.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad31ed76d017094ce15298d3979ec09f5d5fd05b6bf60da2e8a1623ef177d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 12:30:45 GMT
x-content-type-options: nosniff
age: 7654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 173
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.learningjquery.com/wp-content/themes/ljq/images/favicon.png
expires: Wed, 06 Apr 2022 12:30:45 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:19:11 GMT
x-content-type-options: nosniff
server: sffe
age: 1147
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://learningjquery.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:49:11 GMT

GET
H3 200 like.png
laptrinhx.com/cdn/icon/ 4 KB
5 KB 28ms
28ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/like.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79d7641b7b7af5ed581d24bf7af1c96964554b1c75d1c6e3defb51d507d5903

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 3864
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 19 Nov 2019 17:35:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dd427d3-f18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akkyeElI1D6lzg0Lq0Wg25vfLXnkvbtcUO7Kc%2F6i5Mx0adSPhAduKF7YiU5hgCuU67gQIfaoB7zd%2FbuNVlyXaicu2MrJXbhbqP02xKiZNmAuu%2BJOn8a4awi%2BwCUzsn4DipBGuiE0DO64cM%2BO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419698c86e5a0d-MXP

GET
H3 200 dont-miss.png
laptrinhx.com/cdn/icon/ 4 KB
5 KB 29ms
28ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/dont-miss.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e605103a125349e6eedef067689d754641003d47dc4b80216b81f327ead0df51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 3741
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 19 Nov 2019 17:35:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dd427f0-e9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OUj5sbdUW%2FJ40%2Fo7ZoKL452HTUwLcnyq7eNi006jy6Zn%2BjkSD2waT3%2BZ%2BCtTyBb%2F7S5PBS9Hj2r3ej2yuV2%2B0%2B%2BMqS%2Fn4yriPvX5tMVBphiLEEtR9cVWLZ70HiiwTtFJbkkxWe6Ni04qSJX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419698c8725a0d-MXP

GET
H3 200 view.png
laptrinhx.com/cdn/icon/ 3 KB
4 KB 27ms
26ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/view.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a48f3672638fd18d01f790ae4ce4edf68007711c7104f12f03fbb5bcd52919

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 3301
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 19 Nov 2019 17:34:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5dd427a2-ce5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y2LLROXdWBRrC0MkXYKDopA5xAfjd2eu0PPhBOqD5qx6ul4R7puaPY3zG1SL5egm4IPoo%2BaR5Z4O%2F4ROWnTJRhPg9h52GWwymnpZDpWLVWtPbpdg5R6pLwdkCIKPZei34ibKVOK%2FHlSEJKv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419698c8805a0d-MXP

GET
H2 200 honor-x7-ra-mat-chipset-snapdragon-680-camera-48mp-pin-5-000mah-1.jpg
itctoday.com/wp-content/uploads/2022/03/ 95 KB
95 KB 2177ms
871ms Image
image/jpeg 103.153.215.173
VINTEK-AS-VN VINT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itctoday.com/wp-content/uploads/2022/03/honor-x7-ra-mat-chipset-snapdragon-680-camera-48mp-pin-5-000mah-1.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.153.215.173 , Viet Nam, ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 412359e008cd8f5391628f11858234d8e74d81dba356a4077a0b7b832af0e336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:34:57 GMT
last-modified: Tue, 29 Mar 2022 12:36:54 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 97630
expires: Thu, 28 Jul 2022 14:34:57 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=itctoday.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://itctoday.com&size=16

667 B
827 B

25ms
8ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://itctoday.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c137c4c64307da61d68e742d8466ca1b028856195a6403c92202810fbcd85b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 12:57:17 GMT
x-content-type-options: nosniff
age: 178862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 667
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://itctoday.com/wp-content/themes/digi/images/favicon.ico
expires: Mon, 04 Apr 2022 12:57:17 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:27:10 GMT
x-content-type-options: nosniff
server: sffe
age: 669
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://itctoday.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:57:10 GMT

GET
H2 200 multi-text-selection.jpg
149611589.v2.pressablecdn.com/wp-content/uploads/2022/03/ 268 KB
269 KB 36ms
6ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149611589.v2.pressablecdn.com/wp-content/uploads/2022/03/multi-text-selection.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

00e12bf450c21d26b28c1119a5c0e0e4ce5d69018d61bfc4e58dc99d5dc66e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Wed, 30 Mar 2022 14:38:19 GMT
x-ac: 2.hhn _atomic_ams
last-modified: Wed, 30 Mar 2022 01:25:06 GMT
server: nginx
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://wptavern.com/wp-content/uploads/2022/03/multi-text-selection.jpg>; rel="canonical"
content-length: 274432
expires: Wed, 06 Apr 2022 14:38:19 GMT

GET
H2 200 vps-ssd-la-gi-su-khac-nhau-giua-vps-ssd-va-vps-hdd-1-526x271.jpg
media.bkns.vn/uploads/2022/03/ 18 KB
19 KB 1395ms
288ms Image
image/jpeg 2403:6a40:0:88:6996:6886:6688:6688
BKNS-AS-VN Bach K...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bkns.vn/uploads/2022/03/vps-ssd-la-gi-su-khac-nhau-giua-vps-ssd-va-vps-hdd-1-526x271.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2403:6a40:0:88:6996:6886:6688:6688 Hanoi, Viet Nam, ASN135967 (BKNS-AS-VN Bach Kim Network solutions Join stock company, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5f820324bc0ec7544a1f1ee172cc42b877bcbfb7a5d8198a72214915884c485d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 30 Mar 2022 01:21:58 GMT
server: nginx
etag: "6243b0b6-49ce"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18894
expires: Fri, 29 Apr 2022 14:38:20 GMT

GET
H2

404

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=bkns.vn
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bkns.vn&size=16

726 B
786 B

33ms
17ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bkns.vn&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Wed, 30 Mar 2022 14:27:10 GMT
x-content-type-options: nosniff
server: sffe
age: 669
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bkns.vn&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:57:10 GMT

GET
H2 200 Unit-Testing-Types.jpg
www.educba.com/academy/wp-content/uploads/2021/06/ 42 KB
42 KB 665ms
326ms Image
image/jpeg 2600:1f14:2e0:3802:6bf4:294b:4d72:b5b6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.educba.com/academy/wp-content/uploads/2021/06/Unit-Testing-Types.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:2e0:3802:6bf4:294b:4d72:b5b6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fc630344a4ff9bf393fc45c3c7717601da19574957c6a3adb2eac705095b8361

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .educba.com .wallstreetmojo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://www.wallstreetmojo.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
content-type: image/jpeg
vary: Accept-Encoding,User-Agent
content-length: 42614
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Apr 2013 12:00:00 GMT
server: Apache
x-frame-options: allow-from https://www.wallstreetmojo.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-language: en-US
cache-control: max-age=157680000, public, must-revalidate
content-security-policy: frame-ancestors 'self' *.educba.com *.wallstreetmojo.com
accept-ranges: bytes
x-robots-tag: index, noarchive
expires: Thu, 28 Jul 2022 14:38:19 GMT

GET
H3

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=educba.com
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://educba.com&size=16

402 B
427 B

12ms
8ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://educba.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd7707620d8a9336f4bf1d4aa8356a194589c97c463106131e89a8d87ef6887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 04:47:15 GMT
x-content-type-options: nosniff
age: 121864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 402
x-xss-protection: 0
last-modified: Mon, 08 Jun 2020 11:26:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cdn.educba.com/academy/wp-content/uploads/2020/05/cropped-apple-touch-icon-32x32.png
expires: Tue, 05 Apr 2022 04:47:15 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:27:10 GMT
x-content-type-options: nosniff
server: sffe
age: 669
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://educba.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:57:10 GMT

GET
H2 200 google-cap-nhat-lo-hong-bao-mat-khan-cap-cho-32-ty-nguoi-dung-chrome-1.jpg
itctoday.com/wp-content/uploads/2022/03/ 111 KB
112 KB 2262ms
1153ms Image
image/jpeg 103.153.215.173
VINTEK-AS-VN VINT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itctoday.com/wp-content/uploads/2022/03/google-cap-nhat-lo-hong-bao-mat-khan-cap-cho-32-ty-nguoi-dung-chrome-1.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.153.215.173 , Viet Nam, ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 80bd7a40984357addad6af28ed2ccf233fc54b895817de9ab342fcc1e2077741

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:34:57 GMT
last-modified: Tue, 29 Mar 2022 12:20:22 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 114126
expires: Thu, 28 Jul 2022 14:34:57 GMT

GET
H2 200 psplus-1024x576.webp
wololo.net/wagic/wp-content/uploads/2022/03/ 30 KB
31 KB 70ms
40ms Image
image/webp 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wololo.net/wagic/wp-content/uploads/2022/03/psplus-1024x576.webp
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6c23a3e60974925453991470dff6203c7135a22eab321f9a85c26356c1e1c3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
content-encoding: br
etag: "7940-5db6520e114f2-gzip"
response: 200
last-modified: Wed, 30 Mar 2022 01:04:33 GMT
server: nginx
display: staticcontent_sol
x-origin-cache-control
x-ezoic-cdn: Hit ds;mm;18ff2920bc300a03b8edd72fbe7f5a6f;2-5993-2;2b71355c-c63c-464e-6b43-ed74ef8fe570
content-type: image/webp
x-middleton-display: staticcontent_sol
cache-control: public, max-age=15552000
x-middleton-response: 200
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding,User-Agent,Origin

GET
H3

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=wololo.net
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://wololo.net&size=16

603 B
628 B

13ms
9ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://wololo.net&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcde6bda055c6de7654a22b3a9fcee4e121149da17417c58cde90347ebea8cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 06:14:05 GMT
x-content-type-options: nosniff
age: 375854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 603
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://wololo.net/favicon.ico
expires: Sat, 02 Apr 2022 06:14:05 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:27:10 GMT
x-content-type-options: nosniff
server: sffe
age: 669
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://wololo.net&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:57:10 GMT

GET
H2 200 useBaseState.png
reactjsexample.com/content/images/2022/03/ 52 KB
52 KB 98ms
33ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reactjsexample.com/content/images/2022/03/useBaseState.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48f911e435d29da984703acc41fe919d641cea8c4dc114a915589d29ce62b3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3251
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53029
last-modified: Wed, 30 Mar 2022 01:17:54 GMT
server: cloudflare
etag: "6243afc2-cf25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJEJZapjVUDbRkVJ8V%2BWPvuBzeAxpF4SKYKW3S%2B6ecuWY0OoUmVirMa7Hqrp0kfU7iYp7QRU3PQEMjJIXFIRb%2Fgu03G%2FJJnvJ7I8juP1Sn5m06oASbJn5eBKo7sKBCsWzADCvU%2FIMIdR9XXDZQxgXG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6f41969d6efa100a-MRS

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=reactjsexample.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://reactjsexample.com&size=16

289 B
704 B

23ms
7ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://reactjsexample.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f01fcf13c2ccf4075d87a50d9e70a8fb7edbf32f9a937b3fca3e9b998d0ae3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 04:51:49 GMT
x-content-type-options: nosniff
age: 35190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
last-modified: Wed, 11 Apr 2018 00:59:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://reactjsexample.com/favicon.ico
expires: Wed, 06 Apr 2022 04:51:49 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:27:10 GMT
x-content-type-options: nosniff
server: sffe
age: 669
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://reactjsexample.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 338
x-xss-protection: 0
expires: Wed, 30 Mar 2022 14:57:10 GMT

GET
H2 200 building-java-microservices-grpc-video.jpg
scanlibs.com/wp-content/uploads/ 34 KB
34 KB 148ms
75ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scanlibs.com/wp-content/uploads/building-java-microservices-grpc-video.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a64ec60541fc015c22d3b6762273f7c017b4359bdeef057e1f37b83e56428e7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34621
last-modified: Sun, 02 May 2021 18:45:27 GMT
server: cloudflare
etag: "608ef347-873d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDlI1jyywgvTICattgi5zj4B5Hy92gQf%2BdCsiyx33AB0iAvDe49V%2B%2F1moCJjvn9OKA8ilx7JobzE7R5yEoz%2FNuxqtrzocYGMOA%2FvmyXyLkF3lFZkkv387F%2BFVylBVNdi3qCJENZaCDz46JY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6f41969d8c8241c4-MRS
expires: Fri, 29 Apr 2022 14:26:12 GMT

GET
H2 200 mastering-shiny-interactive-dashboards.jpg
scanlibs.com/wp-content/uploads/ 15 KB
15 KB 83ms
83ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scanlibs.com/wp-content/uploads/mastering-shiny-interactive-dashboards.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9304db75b84c5498c435c9238af80b55d510bb3bdead9dc80b5911baff1772a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15035
last-modified: Fri, 30 Apr 2021 15:16:08 GMT
server: cloudflare
etag: "608c1f38-3abb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk%2BPI3k3IeNluEs6RGpCzafEoFfT3WfDMLxSPO%2BVWQ1wE5QdgGHIyrS9H8L1SH%2BqSFrNQ%2BSlo7Ra%2BWk0HhifQdpW3PvuhoCyAo5LhAvmsCHCC9%2BR1Su2JoNV6ou32HqOMUSjjhvO9aEvCXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6f41969ddd3841c4-MRS
expires: Fri, 29 Apr 2022 14:26:12 GMT

GET
H2 200 api-testing-development-postman.jpg
scanlibs.com/wp-content/uploads/ 16 KB
16 KB 70ms
69ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scanlibs.com/wp-content/uploads/api-testing-development-postman.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c926045e935344042306319724df6334c46a9e76ff94893e2ee38395cf322f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16347
last-modified: Fri, 30 Apr 2021 15:26:47 GMT
server: cloudflare
etag: "608c21b7-3fdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ythMOOrLAYAvgioQG0ixip%2F8SdBh5Jfj%2FVHTQxodGDYIKTDheAR0zk58Lc85B%2F0x5ROHBQBv5DltCnk2aD%2BIM%2BPPinlBhQMJEHhf6BrHKKb2XNCHOzKnX7jo%2B82Sep067M2iUXn%2FxEZm5ts%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6f41969ddd3e41c4-MRS
expires: Sun, 24 Apr 2022 14:30:16 GMT

GET
H2 200 modern-data-protection-recoverability.jpg
scanlibs.com/wp-content/uploads/ 18 KB
18 KB 70ms
70ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scanlibs.com/wp-content/uploads/modern-data-protection-recoverability.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bb178924aa932c8765b3a483976e549f587407bd63dfb5052789b21784d8a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17928
last-modified: Fri, 30 Apr 2021 15:18:39 GMT
server: cloudflare
etag: "608c1fcf-4608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayAWk3gKLWHgGceWH602pYNHx9uJ6eJ%2FfA6cTDMSVyvA6eqD30WiDygAiXm6fb8dqGWBfAuz6WjH4AcKMb7I5gQ01z%2B2SSxmptAwojZhzPvzKzt8A1%2BByS0J%2FqHgBBVA5fzlKP7emXu3we8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6f41969ddd4241c4-MRS
expires: Fri, 29 Apr 2022 14:26:12 GMT

GET
H2 200 ve3StuN.jpg
i.imgur.com/ 31 KB
32 KB 25ms
7ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ve3StuN.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4fae60420292dca967dda56aedf8d94c16ecb0f577db64f7265ae04f5d104bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
age: 1152471
x-cache: HIT, HIT
content-length: 32066
x-served-by: cache-iad-kjyo7100078-IAD, cache-fra19163-FRA
last-modified: Thu, 24 Oct 2019 05:06:14 GMT
server: cat factory 1.0
x-timer: S1648651100.789470,VS0,VE1
etag: "0e9998059dfc1a9dea05f575a8fa73b5"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 221

GET
H2 200 OvB53aD.jpg
i.imgur.com/ 40 KB
40 KB 18ms
17ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OvB53aD.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5e7b99e1ab2965143ebd3f6e8898a3a51a222b1140349061ea198ad3f2da735b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
age: 1929253
x-cache: HIT, HIT
content-length: 40592
x-served-by: cache-iad-kcgs7200058-IAD, cache-fra19163-FRA
last-modified: Thu, 14 Jan 2021 13:09:36 GMT
server: cat factory 1.0
x-timer: S1648651100.808315,VS0,VE2
etag: "6623a04b78610b50d69dd8c5e246813d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 2AYF9s4.jpg
i.imgur.com/ 46 KB
46 KB 18ms
18ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/2AYF9s4.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6c22768076916e67bf8469e03525f76918e4f51ef1ff13c6fa64cbd1b4ee596e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
age: 1909528
x-cache: HIT, HIT
content-length: 46914
x-served-by: cache-iad-kjyo7100110-IAD, cache-fra19163-FRA
last-modified: Tue, 23 Jun 2020 17:33:24 GMT
server: cat factory 1.0
x-timer: S1648651100.808507,VS0,VE2
etag: "beac3def6b21ce27be56c3420ea002a8"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 HbQoRzp.jpg
i.imgur.com/ 54 KB
54 KB 383ms
383ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/HbQoRzp.jpg

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e42d40e35bb1ca3cb5d043176898314197107e06e3e4ab40edc1a2d410d9c78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
x-content-type-options: nosniff
age: 1236375
x-cache: HIT, HIT
content-length: 55000
x-served-by: cache-iad-kjyo7100143-IAD, cache-fra19163-FRA
last-modified: Fri, 01 Jun 2018 04:26:44 GMT
server: cat factory 1.0
x-timer: S1648651100.808512,VS0,VE365
etag: "3e4e74cbd09c9140a5f4a6b2192ac34f"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 nokia-c01-plus-ban-2022-chinh-thuc-ra-mat-gay-sot-voi-gia-chi-tu-1-7-trieu-nhung-bo-nho-lon-gap-doi-1.jpg
itctoday.com/wp-content/uploads/2022/03/ 190 KB
190 KB 1729ms
871ms Image
image/jpeg 103.153.215.173
VINTEK-AS-VN VINT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itctoday.com/wp-content/uploads/2022/03/nokia-c01-plus-ban-2022-chinh-thuc-ra-mat-gay-sot-voi-gia-chi-tu-1-7-trieu-nhung-bo-nho-lon-gap-doi-1.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.153.215.173 , Viet Nam, ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: d0127e3ae778fb0269cc319e174515249943436d4b372b428b00232023925bde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:34:57 GMT
last-modified: Tue, 29 Mar 2022 12:11:09 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 194388
expires: Thu, 28 Jul 2022 14:34:57 GMT

GET
H2 200 doi-thu-gia-re-cua-ipad-mini-6-lo-dien-gia-hua-hen-se-hot-hon-nokia-t20-1.jpg
itctoday.com/wp-content/uploads/2022/03/ 106 KB
106 KB 1694ms
871ms Image
image/jpeg 103.153.215.173
VINTEK-AS-VN VINT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itctoday.com/wp-content/uploads/2022/03/doi-thu-gia-re-cua-ipad-mini-6-lo-dien-gia-hua-hen-se-hot-hon-nokia-t20-1.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.153.215.173 , Viet Nam, ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: b264d7b70dbc7a6734e79cb1d87e5d5bd6c2a766e01ab9559529f400f98bbbf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:34:57 GMT
last-modified: Tue, 29 Mar 2022 12:06:54 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 108820
expires: Thu, 28 Jul 2022 14:34:57 GMT

GET
H2 200 he-lo-phien-ban-oneplus-nord-2t-cuc-pham-gia-re-moi-se-khien-nguoi-dung-thich-thu-1.png
itctoday.com/wp-content/uploads/2022/03/ 420 KB
420 KB 1066ms
302ms Image
image/png 103.153.215.173
VINTEK-AS-VN VINT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itctoday.com/wp-content/uploads/2022/03/he-lo-phien-ban-oneplus-nord-2t-cuc-pham-gia-re-moi-se-khien-nguoi-dung-thich-thu-1.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.153.215.173 , Viet Nam, ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 255f10e608202a2d62bd3d79816ad42712bd8bf8000491b855df3315ea904af9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:34:57 GMT
last-modified: Tue, 29 Mar 2022 11:57:09 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 429620
expires: Thu, 28 Jul 2022 14:34:57 GMT

GET
H2 200 nokia-x22-camera-sieu-to-khong-lo-pin-5000-mah-khien-galaxy-s22-khoc-thet-1.jpg
itctoday.com/wp-content/uploads/2022/03/ 14 KB
14 KB 1634ms
871ms Image
image/jpeg 103.153.215.173
VINTEK-AS-VN VINT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itctoday.com/wp-content/uploads/2022/03/nokia-x22-camera-sieu-to-khong-lo-pin-5000-mah-khien-galaxy-s22-khoc-thet-1.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.153.215.173 , Viet Nam, ASN140745 (VINTEK-AS-VN VINTEK VIET NAM TECHNOLOGY TELECOM CO.,LTD, VN),
Reverse DNS
Software: Apache/2 /
Resource Hash: 18e70b3198a20a58f2f87a600cb499447d8af3f2e96da28719fb36c5d4f47ba8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:34:57 GMT
last-modified: Tue, 29 Mar 2022 12:02:37 GMT
server: Apache/2
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 14638
expires: Thu, 28 Jul 2022 14:34:57 GMT

GET
H2 200 209-trolley-conundrum.png
www.monkeyuser.com/assets/images/2021/ 303 KB
303 KB 221ms
128ms Image
image/png 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.monkeyuser.com/assets/images/2021/209-trolley-conundrum.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 8836fbb9d741722beb421a2bea88740b84d050998ca07e2fa3737394ac39c738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fastly-request-id: b2e4d8202533a1515d1568779607cf1207392940
date: Wed, 30 Mar 2022 14:38:20 GMT
via: 1.1 varnish
fastly-original-body-size: 0
age: 0
x-cache: MISS
content-length: 309939
x-served-by: cache-mxp6972-MXP
last-modified: Fri, 18 Mar 2022 12:06:43 GMT
server: GitHub.com
x-github-request-id: ED5C:12046:200F82:20B268:62446547
x-timer: S1648651100.286034,VS0,VE102
etag: "623475d3-4bab3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 30 Mar 2022 14:22:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 208-masochism.png
www.monkeyuser.com/assets/images/2021/ 767 KB
768 KB 142ms
142ms Image
image/png 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.monkeyuser.com/assets/images/2021/208-masochism.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 4de62ac1229445319cb0b188be629ee8867063c1925b18d7689e3c4d4005b8a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fastly-request-id: d5ae8df1ee860506add4b9d4c7f17e1dd2023c36
date: Wed, 30 Mar 2022 14:38:20 GMT
via: 1.1 varnish
fastly-original-body-size: 0
age: 0
x-cache: MISS
content-length: 785401
x-served-by: cache-mxp6972-MXP
last-modified: Fri, 18 Mar 2022 12:06:43 GMT
server: GitHub.com
x-github-request-id: A59A:E054:1E683A:1F0723:62446547
x-timer: S1648651100.317587,VS0,VE104
etag: "623475d3-bfbf9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 30 Mar 2022 14:22:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 qa.png
www.monkeyuser.com/assets/images/covers/ 200 KB
200 KB 142ms
141ms Image
image/png 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.monkeyuser.com/assets/images/covers/qa.png
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 5199297d1cfd21738414ba84dcb77ed50254dae5421b56ba12f397e71c2af92f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-fastly-request-id: 4074c1f2b8a3f293b50c4185d8d7ef78d3aa0c01
date: Wed, 30 Mar 2022 14:38:20 GMT
via: 1.1 varnish
fastly-original-body-size: 0
age: 0
x-cache: MISS
content-length: 204476
x-served-by: cache-mxp6972-MXP
last-modified: Fri, 18 Mar 2022 12:06:43 GMT
server: GitHub.com
x-github-request-id: 9270:12046:200F82:20B267:62446547
x-timer: S1648651100.317769,VS0,VE102
etag: "623475d3-31ebc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 30 Mar 2022 14:22:23 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H/1.1 200
OK Strip-Mise-en-prod-samedi-matin-650-finalenglish.jpg
www.commitstrip.com/wp-content/uploads/2021/03/ 252 KB
252 KB 158ms
28ms Image
image/jpeg 51.254.132.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.commitstrip.com/wp-content/uploads/2021/03/Strip-Mise-en-prod-samedi-matin-650-finalenglish.jpg
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.254.132.82 , France, ASN16276 (OVH, FR),
Reverse DNS: 82.ip-51-254-132.eu
Software: nginx /
Resource Hash: bb9dc3c489f54f69edd320647423e1f8f757da53c6d1aa957c3996d99b15294d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Wed, 30 Mar 2022 14:38:20 GMT
Last-Modified: Fri, 05 Mar 2021 14:08:34 GMT
Server: nginx
ETag: "60423b62-3f007"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258055
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 last-post.png
laptrinhx.com/cdn/icon/ 492 B
1 KB 46ms
45ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/last-post.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22db316a8ea80dd814b7d639eff17a4047c9b74a31b98ea498ba000af9cb9cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2321
vary: Accept-Encoding
content-length: 492
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 29 Apr 2020 07:38:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ea92f11-1ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvJKIS%2B3CCx5v0BvKaNqgd7rvSGgktlodhi7eAadqxRYSN0D4PwGoNm537phftiFRfnyi5etuPu2jLxh2BqMoAwVCMBYPhXdTZIyPT%2Bj2lBXz0KDNSYs976%2Bbo8RkNU8wAGfIKkH8rNMwuwc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f419699db965a0d-MXP

GET
H3 200 1*gAbvnP5MO9i6BAZLCdVakw.png
cdn-images-1.medium.com/max/896/ 998 KB
998 KB 318ms
318ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-1.medium.com/max/896/1*gAbvnP5MO9i6BAZLCdVakw.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8bb91d8240ba46783e5b5c01f42275e245841e2542a22994867978f30317a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-envoy-upstream-service-time: 137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1021743
pragma: public
sepia-upstream: medium
server: cloudflare
etag: "16.3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
medium-fulfilled-by: miro/main-20220330-133401-fe9f360f0d
accept-ranges: bytes
cf-ray: 6f41969b08ebcc4e-ZRH
expires: Fri, 29 Apr 2022 14:38:19 GMT

GET
H3

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=blog.usejournal.com
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blog.usejournal.com&size=16

726 B
742 B

20ms
18ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blog.usejournal.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 726
x-xss-protection: 0

Redirect headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blog.usejournal.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:08:19 GMT

GET
H2 403 webp.net-resizeimage-2-2.jpg
boygeniusreport.files.wordpress.com/2019/11/ 0
0 199ms
146ms Image
text/html 192.0.72.19
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boygeniusreport.files.wordpress.com/2019/11/webp.net-resizeimage-2-2.jpg?quality=98&strip=all
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.19 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=bgr.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bgr.com&size=16

287 B
312 B

14ms
11ms

Image
image/png

2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bgr.com&size=16

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90d539d740fb820364745484011c96f1f353ae16c369185411ab571ef9490d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 17:12:57 GMT
x-content-type-options: nosniff
age: 77122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 11:43:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://bgr.com/wp-content/themes/bgr-2021/assets/images/favicons/apple-touch-icon-57x57.png
expires: Tue, 05 Apr 2022 17:12:57 GMT

Redirect headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bgr.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:08:19 GMT

GET
H3 200 popular.png
laptrinhx.com/cdn/icon/ 986 B
2 KB 33ms
32ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/icon/popular.png

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d36353eaf861b135a53971586f30a4e85e1905eefcb3013c0a8330f6bd84e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2322
vary: Accept-Encoding
content-length: 986
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 29 Apr 2020 07:43:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ea93007-3da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOKpOz1BdTAb0svZDif2VPfTu%2Bxil0AqD5%2BDOR8p8TML0A8mBjKmVW8bgOGFnLSoeAysIbmiDu8SHUGDTvyoRisvUgypQ6CM0XLW6Za8%2F8VD7AuozgRfU%2FBsjr%2BTtykJ34IW7GfRSejUCuUs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f41969b98c35a0d-MXP

GET integrator.js
adservice.google.de/adsid/ 0
0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=laptrinhx.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 14:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0401 27 KB
12 KB 515ms
515ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

616a575b1d7805a7590c5217c66b2089cdf9866c864956fa0ab26f1e783bfe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11795
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 14:38:20 GMT
expires: Wed, 30 Mar 2022 14:38:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://camo.githubusercontent.com/8456a67ab97a13866d928d3a14dff59a57cdeccb/68747470733a2f2f63616d6f2e716969746175736572636f6e74656e742e636f6d2f613237306466313136326564356333626639393638623234303634623931656564306466636331312f36383734373437303733336132663
Requested by: Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-133.github.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 ajax-loader.gif
laptrinhx.com/cdn/ 4 KB
5 KB 38ms
38ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://laptrinhx.com/cdn/ajax-loader.gif

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2317
vary: Accept-Encoding
content-length: 4178
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 04 Jan 2020 09:04:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e10551a-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFuzxwnt2Erhsn4MnOq6S6hJnuf8cHALIkJXR8KfwZvQ4Ncm%2BmKhaOWl9RqQP56ZkE5YqX13LqAUonFWeH4RWkO3EkqzXs4U6T93wA%2BUUg5yoD1uWQoEfOgL7DfAxEfvl1ao9knDoTP%2Bidak"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f41969fab335a0d-MXP

GET
H3 200 slick.woff
laptrinhx.com/cdn/fonts/ 1 KB
2 KB 28ms
28ms Font
font/woff 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://laptrinhx.com/cdn/fonts/slick.woff

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/cdn/custom.css?v=0.9050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://laptrinhx.com/
Origin: https://laptrinhx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only
age: 2316
vary: Accept-Encoding
content-length: 1380
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sat, 04 Jan 2020 09:04:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e105526-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK0ci09oDS%2BX4BgRs4RwOIluRGitQiLs7QFj0tHFPKHokMM8pcWUbWkninvglTuUp%2F1%2FwyUsEvizMxOebHmRi1D4P7fod7VkHDtGBWsPw6LPfrghA%2B3ZScK%2BXF1aM0fU4%2BcdxuyaxiBcWA90"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=5356800
content-security-policy: upgrade-insecure-requests, script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com *.googleadservices.com *.google.com.vn *.google.com *.googlesyndication.com *.laptrinhx.com *.sharethis.com *.amcharts.com; object-src 'self'
accept-ranges: bytes
cf-ray: 6f41969fcb705a0d-MXP

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 0401 2 KB
1 KB 45ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 14:33:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0401 119 KB
37 KB 186ms
137ms Script
text/javascript 2a00:1450:4014:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648494235360460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Mar 2022 14:38:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 0401 15 KB
7 KB 44ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Apr 2022 14:30:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0401 0
0 14ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR83AjT_cqSrKiB0lw6j6n9KV_MU7YTetDkfN0lQdKAu2jAkGUBQQPPTvHAkMDmDfNsQncFvL0XvEGLGWv_Zy4YNp8o8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0401 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmQW0W2tEYoHUOJmr6gS_-LDQAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjAyNjExMDM3ODA2MjgyNKAB1bbS6gPIAQmpAsFv17N7rbI-qAMBqgTdAU_QdoXi-7anJbA80J3RyKCQ4-y55CxOpr7XJbBsbI4w07zR2gZJ_A_OKXYEomL33bDjNwAEisrNQnhVeIu5MkG4rocd_VD9yekUphbUYnKs0lBZjpa8YGpzmAenX3PEyXo3T_WOVgHFAlgheJHC29P0iK2EZDljCBgO0fSxhDRBDzozPerYgMgGT8PyqgNFaNzKs0k1odcBMx-sJw_NrGYmBa3Gf7JA6PcKlRCTHfgdVk9VTjwBfU3N-XyLHAQAHTPYB5xlh9UamM7pnk0z9HE1teI14HdoISCawukWgAaOrf7bpvn65wmgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMDI2MTEwMzc4MDYyODI0GAA&sigh=n4sB15hQkyQ&uach_m=[UACH]&cid=CAQSPACNIrLMnxWwhF3RCgd_DZTEeg7q9DrLSCs4ZpYla7lm-prk1Zu1Mf4VgDgIHSRQLMf4EtBR8UzjZpczYBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 30 Mar 2022 14:38:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 0401 0
0 78ms
22ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMWUEt-BMKwC2ASdg2ICAgAAAAWtuLp7lQ6zEFxrRGJT9pduq55y1BBsIgAS&wp=YkRrWwAOKgEKmpWZAAw8Pz9V_GkxCplHrOSLmQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 261034
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 59D4 172 KB
54 KB 214ms
146ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YkRrWwAOKgEKmpWZAAw8Pz9V_GkxCplHrOSLmQ&u=%7CdGc0hg84bu054ma4%2FRWMaTnWXg6YUc1WOEGwCgyG%2B9c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYeQbdi6UKkDltCKI-ny5rcn1Vqwvb_6NpBJSxFIciMh6Tj6Qb6oFTP6Cf4oqnu42WOQfYch5er2yhrkFvqU9z70JFv3-dX7ilrp5VK31ammb2pPhXjNrJUHSeuKR7GbLf4JWmn5wFLUwEdrZV4gScfkthclpiBeeSmHQ93vnKOhIV9sITtV_9uG3cHZx9s80Ilwz_8p9WZbxsWSqGwxfwQevCdqVQ4__96usQV_g45hH0mtJahxQFAEWJpjIVCmlWLSzw0y8YGnZOF6ixrbYeOkIaUujZv2EKWEHKBRQWgH8bO62EiWSPCY85Ykxhta5cHzekP_trtUfJ03akctiM1MuWMd_Zs8zyg0i2RN9KvNfe-3kcQZcabMA-TgJlsfFZJDHkUUrf8svwa9-_EVT38&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiDmtW2tEYoHUOJmr6gS_-LDQAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjAyNjExMDM3ODA2MjgyNKAB1bbS6gPIAQmpAsFv17N7rbI-qAMBqgTgAU_QdoXi-7anJbA80J3RyKCQ4-y55CxOpr7XJbBsbI4w07zR2gZJ_A_OKXYEomL33bDjNwAEisrNQnhVeIu5MkG4rocd_VD9yekUphbUYnKs0lBZjpa8YGpzmAenX3PEyXo3T_WOVgHFAlgheJHC29P0iK2EZDljCBgO0fSxhDRBDzozPerYgMgGT8PyqgNFaNzKs0k1odcBMx-sJw_NrGYmBa3Gf7JA6PcKlRCTHfgdVk9VTjwBfQ_P2O4Mk5gToq_MpExYIS0TjMRflGMrdsX9iETHX2lEOaUwRvqpTIvngAaOrf7bpvn65wmgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2P8IB2f-jklMTroMkjR3GLKqn36Q%26client%3Dca-pub-2026110378062824%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aff9ebdb30c164bb04791eaa97ad287e3bd3be72e4c9d2c11760ff95be992fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 14:38:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TH7_OysszGTDJGF-PlzJ5dkX2gw-jataY-twj3uio9wRNQupu32XDd6BuUALLA0ydbUCsCNKdiI1zG2DuyaV_Tf_rqIswUCeIILBQM8z8D49r60cxiHA3b9JWwQie3rGtCM-ep_kTQfJ0m9Mht5Wcc-V4b-MN2V6Czk8Tb3BEBlj1my2UYaFfoBTazCtzQMuVfRzsra8ihGptSe-RnJzgI3oWvFR8G4Cek0cGVvfrKpG-2UrZNc6hEG76l1Kp-oBBYTmNw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 130865197
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 90F7 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 4328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 31 Mar 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 90F7 35 B
464 B 44ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG8xooavqHBS0criNg_68pc&google_cver=1&google_push=AYg5qPIQxxhWEWXPv619lj6jMF-wgTTSilV7r7I6X-ALKkNSz4YaqiYG8kLiWvo0ynn6lFbjej2XEouUJg9oAifmN_oFcDdw5EI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 90F7 43 B
324 B 47ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBYu1NPyQ1KNlB7FzKq8d7g&google_push=AYg5qPK5TnH-7V6qYpsM-LxfJ7sG7S_r_gAN9sAzP6poyRJuk3qpCfn-uB33ChMcyTyqJSggUqvhpMU_nhtx8FIfqLb8gcEuZQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:20 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 90F7 43 B
351 B 45ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJ2uMAdRQpug1vIK_zhyblg&google_cver=1&google_push=AYg5qPL4sHGmO53DhvVU9dSX5tZHReR6FjwW6mhok6uLHZCs8XFHqgiLE4Fw63ICY0ZiAfophE_GqpEnxpfAu-37vGlDSJDxbg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:20 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: e5sdhq8iep196pobimb5fm97eqguu8h2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DVJgeAHfTgiH2NkK-skS5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

37ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DVJgeAHfTgiH2NkK-skS5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJGQstEOSLwLF9-CVwC__sf5xb_5ctnW34Yw2z5fy1xIVu-DTUwVREpwS4M_BX5yQrSlL_KvE6ywykVEg_xNrhMCGQbgw

Requested by

Host: laptrinhx.com
URL: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DVJgeAHfTgiH2NkK-skS5w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJGQstEOSLwLF9-CVwC__sf5xb_5ctnW34Yw2z5fy1xIVu-DTUwVREpwS4M_BX5yQrSlL_KvE6ywykVEg_xNrhMCGQbgw
date: Wed, 30 Mar 2022 14:38:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDRTnMInH_JSmsJ4xr6cL-A&google_cver=1&google_push=AYg5qPI3Qx_DikeJ89aDVPeFav_BnvaCtCJGbJ73KvfI7I2uqf3uwxOTcnLE5h7AOMC52QTyARm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFET0FRUUstMUEtNjU2OQ==&google_push=AYg5qPI3Qx_DikeJ89aDVPeFav_BnvaCtCJGbJ73KvfI7I2uqf3uwxOTcnLE5h7AOMC52QTyARm4dyClj-LlXuGmox8hDI2XdZ0

170 B
329 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFET0FRUUstMUEtNjU2OQ==&google_push=AYg5qPI3Qx_DikeJ89aDVPeFav_BnvaCtCJGbJ73KvfI7I2uqf3uwxOTcnLE5h7AOMC52QTyARm4dyClj-LlXuGmox8hDI2XdZ0

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFET0FRUUstMUEtNjU2OQ==&google_push=AYg5qPI3Qx_DikeJ89aDVPeFav_BnvaCtCJGbJ73KvfI7I2uqf3uwxOTcnLE5h7AOMC52QTyARm4dyClj-LlXuGmox8hDI2XdZ0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjA...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 90F7 43 B
297 B 129ms
21ms Image
image/gif 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEI1j4i2RsumfS7CcBcqnJZo&google_cver=1&google_push=AYg5qPLbegdpNMl-63gygSohQQP3DidNwMOX5Uu4lPuxIrtvLugZWzZyhEbewWK1PSNkpgUWYpaCz5mxABFfO6Ba6yk97U-EYDw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2026110378062824&output=html&h=600&slotname=3483460739&adk=1055165634&adf=2066135634&pi=t.ma~as.3483460739&w=300&lmt=1648651100&psa=1&format=300x600&url=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648651100621&bpp=3&bdt=2197&idt=3&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De086b29adb66d10d-221fe5cb67cd0031%3AT%3D1648651098%3ART%3D1648651098%3AS%3DALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw&prev_fmts=0x0%2C1200x280&nras=1&correlator=5858494597979&frm=20&pv=1&ga_vid=1922533143.1648651099&ga_sid=1648651099&ga_hid=496221584&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1064&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31063247&oid=2&pvsid=1808181346014839&pem=221&tmod=885580033&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OEZAjHlJfo&p=https%3A//laptrinhx.com&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:20 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 90F7 0
223 B 63ms
16ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LY1vJAmoADNriDeQQMFjtlPv-afOrYGeeW4FV8ztM-9j8Q8_38n1oEV-p6obzIlQcPj6Ss

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0401 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce1b6b2c4b538eae742f05464031e3bdede7badc612ef5ce8caf5dd41d1a32ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 59D4 2 KB
1 KB 44ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkRrWwAOKgEKmpWZAAw8Pz9V_GkxCplHrOSLmQ&u=%7CdGc0hg84bu054ma4%2FRWMaTnWXg6YUc1WOEGwCgyG%2B9c%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYeQbdi6UKkDltCKI-ny5rcn1Vqwvb_6NpBJSxFIciMh6Tj6Qb6oFTP6Cf4oqnu42WOQfYch5er2yhrkFvqU9z70JFv3-dX7ilrp5VK31ammb2pPhXjNrJUHSeuKR7GbLf4JWmn5wFLUwEdrZV4gScfkthclpiBeeSmHQ93vnKOhIV9sITtV_9uG3cHZx9s80Ilwz_8p9WZbxsWSqGwxfwQevCdqVQ4__96usQV_g45hH0mtJahxQFAEWJpjIVCmlWLSzw0y8YGnZOF6ixrbYeOkIaUujZv2EKWEHKBRQWgH8bO62EiWSPCY85Ykxhta5cHzekP_trtUfJ03akctiM1MuWMd_Zs8zyg0i2RN9KvNfe-3kcQZcabMA-TgJlsfFZJDHkUUrf8svwa9-_EVT38&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiDmtW2tEYoHUOJmr6gS_-LDQAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjAyNjExMDM3ODA2MjgyNKAB1bbS6gPIAQmpAsFv17N7rbI-qAMBqgTgAU_QdoXi-7anJbA80J3RyKCQ4-y55CxOpr7XJbBsbI4w07zR2gZJ_A_OKXYEomL33bDjNwAEisrNQnhVeIu5MkG4rocd_VD9yekUphbUYnKs0lBZjpa8YGpzmAenX3PEyXo3T_WOVgHFAlgheJHC29P0iK2EZDljCBgO0fSxhDRBDzozPerYgMgGT8PyqgNFaNzKs0k1odcBMx-sJw_NrGYmBa3Gf7JA6PcKlRCTHfgdVk9VTjwBfQ_P2O4Mk5gToq_MpExYIS0TjMRflGMrdsX9iETHX2lEOaUwRvqpTIvngAaOrf7bpvn65wmgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2P8IB2f-jklMTroMkjR3GLKqn36Q%26client%3Dca-pub-2026110378062824%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 59D4 2 KB
1 KB 44ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 59D4 308 B
636 B 28ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 59D4 507 B
836 B 15ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 59D4 43 B
348 B 63ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=h_FIocb61xGonwmuRgMNor4puXo5oX3b2zfgDKR-92lmCZNeHBI1JzlD-YGOJFQWsJNX0N7J9P__qz5aYjQCej4ui2Hsf8Ir3LdcGhauGHATaL8ZGAoOHALV5qT59ot6Rpx88TKu_RAWs8M_b6lM9lzHv4uDlWGEbiEwY6BLnbWbzS7m_gfHsJ32BZ6FyD7ahHF6oNO3EpUHHI8HGzy0pebyJ3kPJ_udsRC35NPtP9qWmK7Frb2jsrsT1zUcZBMWhy1yZ8Ls5T1V69E0H_viLb81SXXEzkCQPiqg3mTiHDAwvPjHFJO77TCqj-mJST6vOgg6L2gwrAEQcjbHk8-Ca8VwkLOGh8cgzEBFdO_n9hnYVs9c6LAg8lQZWPk7H6_7P3dInju3Hm6Lwu-l2rsvK5VgYTdeWsteXMAfLh8oiSZZfnmotlT2yEWP3Cn0NqxuBA7xtQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:20 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3263328
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 59D4 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 2241c8b8db3f488aa45370bcce8a4af2_cpn_300x600_1.jpeg
static.criteo.net/design/dt/4955/220222/ Frame 59D4 17 KB
17 KB 13ms
12ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/4955/220222/2241c8b8db3f488aa45370bcce8a4af2_cpn_300x600_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cef514245b8ec86368954de1bc28f62864961ed3377b366264b7da71f3202c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Tue, 22 Feb 2022 11:19:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6214c6bc-4264"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 16996
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 2 KB
2 KB 132ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=4955&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F4955%2F220315%2Fe73b03a6dd564783b5213b257fba254a_logo_1200x628.jpg&v=3&w=596&s=cqpKRUi8VjZbOYW8RiCWSDAl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fd95bc4a2930c310df0fa4a02259951fbe8b3ffa995c20f526ce02e51854f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29783313
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2106
expires: Fri, 10 Mar 2023 07:46:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 74 KB
74 KB 139ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=4955&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F4955%2F220315%2F557ea545bc90409daa26e7ec04abda19_affiliates_ss22_ohnelogo_1200x1200.jpg&v=3&w=1200&s=bKCFmzuqDq6q8eCv9GafxbJz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

18fe83f28b5469dc5e7f8b6878aa7e86b7a31839ac20bdb3acc1f377538db06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29783334
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 75412
expires: Fri, 10 Mar 2023 07:47:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 18 KB
18 KB 132ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00744127-001_1.jpg&v=3&w=400&s=-YYsOzxUAxl-1wvXy3zzQrl-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

27377803f0c1923c3d5d32c5b85d3794a7452e1fe27dc165fa6c11d94fa3c064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=262686
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18584
expires: Sat, 02 Apr 2022 15:36:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 8 KB
9 KB 138ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00583320-003_1.jpg&v=3&w=400&s=STStmdc6SOm2saLYgxCq3ZK6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f6270bd263e4da19a7f1d006027561db756f342db7d260459f166ee11bbcae5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=516649
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8684
expires: Tue, 05 Apr 2022 14:09:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 3 KB
3 KB 157ms
51ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00743706-002_1.jpg&v=3&w=400&s=DSSVzUK-Ko_NBecLCOtzK8_s&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

02351bba897892ccd1eb5e270978dd4b88a63de5b018984fa14526101d9c157a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=354725
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3016
expires: Sun, 03 Apr 2022 17:10:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 8 KB
8 KB 156ms
50ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00731764-001_1.jpg&v=3&w=400&s=Z3dEGxFOLnZoONVbaP8AKgG4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5a8b11a4e5448be8730c2892d3829dc682bec2f21be9c158cf8b296a8ee15927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=78420
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7818
expires: Thu, 31 Mar 2022 12:25:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 12 KB
12 KB 26ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00752267-003_1.jpg&v=3&w=400&s=9QsrjR2czUCUdX5aYJtgXSdO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

94e1e09da771dfd037f11e85116bb217b7b0ca39af6eec836e1870995e05d5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=505997
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12028
expires: Tue, 05 Apr 2022 11:11:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 5 KB
5 KB 26ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00731889-001_1.jpg&v=3&w=400&s=aAOu_qV4KLnXI7mM8GgVelg9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7208f9fb965f6bd84cb0f43accef87d01858af47acdd671b6fd242d735ae330d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=190969
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4948
expires: Fri, 01 Apr 2022 19:41:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 4 KB
4 KB 27ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00741236-001_1.jpg&v=3&w=400&s=qZq3fX955Xvc3yGZ8NCt3Vub&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1b3f50cac875b57357b7716c6a9717ebf9c0e59b14f4301847785d17596e59b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=329679
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4214
expires: Sun, 03 Apr 2022 10:13:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 19 KB
19 KB 36ms
35ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00736793-001_1.jpg&v=3&w=400&s=34dacAqfJK_AOQWHmWx4uur0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2e77ce1afe8b605a903d920e951813bdfee51b89edd911091c8726ff6f3bce30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=257118
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19572
expires: Sat, 02 Apr 2022 14:03:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 2 KB
3 KB 27ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00683755-032_1.jpg&v=3&w=400&s=Hm90brhE7ftp08iK44G-41wV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

77c60ac9f434251d4368b46ca924255149f20359dea3cdb643dd43fd92550645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=494910
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2492
expires: Tue, 05 Apr 2022 08:06:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 27 KB
28 KB 28ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00731918-001_1.jpg&v=3&w=400&s=SWiJsfUtjnQ72k_n31EeXSyp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e0d5d6797984ae121e2952692737349455e08c1c2a517f5bbb91f759c7d7cc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=263479
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 28084
expires: Sat, 02 Apr 2022 15:49:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 2 KB
3 KB 30ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00752626-002_1.jpg&v=3&w=400&s=4w8M_tESBexsu49MPY_IohkG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

58886cc9b93f368d76a97136a7a4392a44b56857eb91a3dcaa60d97662746cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=518080
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2458
expires: Tue, 05 Apr 2022 14:33:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59D4 2 KB
3 KB 31ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=4955&q=80&r=0&u=https%3A%2F%2Fstatic.lodenfrey.com%2Fout%2Fpictures%2Fgenerated%2Fproduct%2F1%2F944_1180_75%2F00698575-008_1.jpg&v=3&w=400&s=0hOkFwkwT3NFcVWS2LSr0dR5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b4d4a302536868814e656fc867b941eb9ba1597c8a9e3299aa2685bb4c8b6bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=489577
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2402
expires: Tue, 05 Apr 2022 06:37:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 59D4 0
128 B 68ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TH7_OysszGTDJGF-PlzJ5dkX2gw-jataY-twj3uio9wRNQupu32XDd6BuUALLA0ydbUCsCNKdiI1zG2DuyaV_Tf_rqIswUCeIILBQM8z8D49r60cxiHA3b9JWwQie3rGtCM-ep_kTQfJ0m9Mht5Wcc-V4b-MN2V6Czk8Tb3BEBlj1my2UYaFfoBTazCtzQMuVfRzsra8ihGptSe-RnJzgI3oWvFR8G4Cek0cGVvfrKpG-2UrZNc6hEG76l1Kp-oBBYTmNw&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Mar 2022 14:38:20 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 59D4 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 59D4 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:20 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Mar 2023 14:38:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0401 42 B
64 B 58ms
44ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmZidqYbx22D1seBWdmrqOw9hrGE-uShQkBSONtRAqb1Nig-QyDzuZfZoNQ4Ov60Nh1OrIuuL09qN3mx4DNhHE&sig=Cg0ArKJSzJBxF5r0tfM2EAE&cid=CAASF-RoTlg8pIdTWArzO2_bVx8_TbnHHXqX&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220328&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&vu=1&app=0&itpl=20&adk=1055165634&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648651100631&rpt=815&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 59D4 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Mar 2022 14:38:21 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 22ms
22ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220328&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c6734d31c4e5ffde831fce9d3eb8164837a556b3869187fef531eb45eb8edcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Mar 2022 14:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10640
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v3.3/plugins/ Frame B836 47 KB
15 KB 213ms
188ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ba1c36a500438%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=88fa49c8629f6f263b80e2aabb77a234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

710af5297bb2f76f1505a317810677b981d190bcd69c43c9c8706656f8defe32

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 30 Mar 2022 14:38:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: FVEQ1JQG/s7ukMUamqEOnaAxEvYzo+1wiV+04EzZ7LqadD/Q0u1qqvvQiBkb1hzmCNU8/4hNXxlEouVNhTQeww==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 save.php Show response
www.facebook.com/v3.3/plugins/ Frame 3F7E 47 KB
17 KB 136ms
121ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.3/plugins/save.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a2dbb4c7cbda4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&locale=en_US&sdk=joey&size=large&uri=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=88fa49c8629f6f263b80e2aabb77a234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bc7cd123176573d6400bd6bc425d527d2d13b3e550874434be41ebe8dddf4cb

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Wed, 30 Mar 2022 14:38:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ZEGZeBt0vjYbvqy7And6lisCdRNeouJxqTFYCZ3nkq5xScguc7+hP5cDEnS3TjpEQ3rzr5DPx/kME7tZhsoMAA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 582F
Redirect Chain

https://www.facebook.com/v3.3/plugins/comments.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptr...
https://www.facebook.com/plugins/feedback.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptr...

133 KB
30 KB

2026ms
2026ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=88fa49c8629f6f263b80e2aabb77a234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ab906d88d650fead07a772065344479d5967e028976b4da92c22f8ecf5cc2fb

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Wed, 30 Mar 2022 14:38:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: YPcX4lUJfZLCMb1XDmSrBRzW4meRdroc7SBUQUSy7yiL/vUaCNFoZQy7jXb99n/eCt6/YzrEInzwIxD+K4DN0w==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
date: Wed, 30 Mar 2022 14:38:23 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width
priority: u=0
strict-transport-security: max-age=15552000; preload
x-fb-debug: dRJYUBEc0CbN+fYT+gaZW+EA/IEJGrUuWg+tAVL+pRg+gRMH7DCZ374MmdlTs3NMpvpX3AG3QqDQIDz7Kctx7A==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 128ms
101ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Mar 2022 14:38:23 GMT

GET
H2 200 1couZnzyKgS.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame 3F7E 19 KB
5 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/1couZnzyKgS.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.3/plugins/save.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a2dbb4c7cbda4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&locale=en_US&sdk=joey&size=large&uri=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5966ade67ff39aadb0349c181e880ec47ede96f4082d6308e8361602fc5e0d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HLXc9rLhhZxjWlbiEe0MBw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4844
x-fb-rlafr: 0
x-fb-debug: H25A+9KYQcwSd+qMB0OcHAKsGiLnLA44wd7suqTtNO8HYFIZEJO406o98FY7t5N+Czsra72qztmxZfTJ2wNv9Q==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 16:38:40 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 3F7E 2 KB
1004 B 8ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 815
x-fb-rlafr: 0
x-fb-debug: VnlILut8ndz7sZVwWWNGuVouTe1EzFBvo7ccBotdIyi4CwAPMoqdM9DTgnjCCax8sqEd234irNRkTjoAYcCs8A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 29 Mar 2023 09:41:03 GMT

GET
H2 200 EFr_VFYatPg.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 3F7E 307 KB
83 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EFr_VFYatPg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70ba72f2a8a571c7ee6b9c5b6a9a2f307d21d506e115c852d335bc71babb9354

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BbCqV3I+0UzfhK34TfyxyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84411
x-fb-rlafr: 0
x-fb-debug: YCeeesY2p6vF1oVfisfSXEm2v+Iyg9QeY9IEiiGhHdn+hx6vOfb7c0uzZIbl+4/kIxHvpT2rJcxMrZu4a274cg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Mar 2023 01:55:46 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 3F7E 5 KB
2 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yJ9Wq2491L53MWugs2kUlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1642
x-fb-rlafr: 0
x-fb-debug: 80Ab6j1OmWtIPhv8ZEOPbMsrs23bsxuZbJxmH6NQIASWi/mn5CLgYNvxiNG1DWCgSi/MhtqFRS6OxkSCQ0GjSQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 23 Mar 2023 00:10:43 GMT

GET
H2 200 bn5IKAKfOiU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 3F7E 42 KB
14 KB 15ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/bn5IKAKfOiU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f957f0996053d409ed93207c211a1538f97466ba02605ed96fa6a66c42cc1c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: f8Otbo9uUTQ4mUqw1oEruQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 13686
x-fb-rlafr: 0
x-fb-debug: rdtvHhMzTXJWNUDZJ/2Rwz/ttMmgK6+Y8qOnIwOTRBsRvLWT4VfCo+zeu/BHLtOtW5pV7BYyhxY6Xy3l9wu3QA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 11:15:40 GMT

GET
H2 200 gZafJ_MF82q.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 3F7E 49 KB
15 KB 15ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/gZafJ_MF82q.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5869f8b7a0c1419b0f8793234ae47779f4e1d46bc1aaf914bd037fe55d84ae6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: jmPv8gy3vfAa+iebuZyWGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15488
x-fb-rlafr: 0
x-fb-debug: dwLs+61EOS40FOVh7dUC+wADPtTnlr1YMJ/IpIv5QWJlxai49JEdx+hyCil8AsMXBdYxiv7bxtBQCXJF/EfpfQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 10:39:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5AE 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 14:25:24 GMT
expires: Thu, 30 Mar 2023 14:25:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1E6 783 B
532 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2365b37a1a33788069e407048e568431dc80249682baf171cbe2ff0c3bda4db1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tycn+p3vV8YGmaI/C+t+2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-Tycn+p3vV8YGmaI/C+t+2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Mar 2022 14:38:23 GMT
expires: Wed, 30 Mar 2022 14:38:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 SQdp1QIZvnh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/ Frame 3F7E 82 KB
22 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/SQdp1QIZvnh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EFr_VFYatPg.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f6a09123b72e9f9de4c536462d3c6de92b0609afb676ca3bc9aedd9967b76d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JdmAWfJ+0t761LQJGtzS7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22913
x-fb-rlafr: 0
x-fb-debug: lfcyJ1mmsLG1aE4dujJk2YTHrZ7si6g7LZ/7pnJII/ZzYUmtpEu9XbPJ760xHwbLSQHEIaedNSliT9dTanCUwg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Mar 2023 15:43:58 GMT

GET
H3 200 HUpsRw4A4la.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 3F7E 21 KB
7 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/HUpsRw4A4la.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EFr_VFYatPg.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

662dae67065bef1763ed6d671404e7e86e7488a05c82147f7e2df1ef1809b1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MiMMzhtCdKcDEaRbkM9vBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7041
x-fb-rlafr: 0
x-fb-debug: vh2j/KXFgIr72tts+VE68RcCFm2FclRd/DZUJCXLgnqFiRqFk9VYpKKLEuWjiSKMyJe0BtlbBYvhRR9vG9a3iA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 29 Mar 2023 15:22:39 GMT

GET
H3 200 CWJINsGKrOS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 3F7E 18 KB
6 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/CWJINsGKrOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EFr_VFYatPg.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0dd739c0e029cf3ccc53afcfaeac9d062ffe27325823314d830689726c8a034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 13jUvIkjL6/WDwDC8XNWKw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: IYS43TaOyCCqK6me+PKv47uBhs3zHVgr77iOuMvIq/gW9jF4RFWIoQLUh7MHT6v9H9R6Pb8dY5cSQcTSqLjOxg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 29 Mar 2023 10:37:18 GMT

GET
H3 200 KWY7Edb5_DT.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 3F7E 7 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/KWY7Edb5_DT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EFr_VFYatPg.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a724ff2a95b5a54c343317baf6090f082980a1989788544c59c24c70f0e125d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Eoz73gpLVGWHqQXnDz/66Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2272
x-fb-rlafr: 0
x-fb-debug: iE07CwJe3X+2NbkyixfDkJndOr/tAXspqjmzTnshnnX6WRvo0uhWflde5VKwpkQhasjnD8NDX2UL/7lxh4U6Fg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 14:07:18 GMT

GET
H3 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame B836 400 B
454 B 16ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ba1c36a500438%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: 3+MXB3kabjhV3uOpV7DTE5bcgNWrrE0/tfy3HEEEF8JX68/l43UKDbdR+P4tw/xhZ+D5/yfQrKEJsuGQLp5YtQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 14:08:50 GMT

GET
H3 200 EYfAjw_UrT9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yy/l/en_US/ Frame B836 522 KB
136 KB 7ms
7ms XHR
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yy/l/en_US/EYfAjw_UrT9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8574871cfe89bcae489ff61b8afdfb46cc7b467d2e34148e4bba207cc15516bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: K7Oz7b8jIlLCsTCz0/q1OA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139094
x-fb-rlafr: 0
x-fb-debug: P6D+DnkjL27TTv8owWDeWHRJgIV2Cm4Uz3oMWYuVrqlyllDT5tAJP8gKYvX1nWFjWynxX4Q6fUXMVHTQGZo2WQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 30 Mar 2023 02:05:19 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame B836 67 B
99 B 31ms
30ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1648651104393&t_start=1648651104393&t_domcontent=1648651104420&t_layout=1648651104432&t_onload=1648651104432&t_paint=1648651104432&t_creport=1648651104432&t_tti=1648651104420&lid=7080902571306622734-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.3/plugins/like.php?action=like&app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ba1c36a500438%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: zCraUtMcWz0022sMwM4tu16ewnvr3EZQTUqEMyw1qPJ1TLjGlKvgZaS7f0vbW6RH6mQLfUoJkU/R8gi4Ha3VwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 30 Mar 2022 14:38:23 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1E6 0
0 43ms
43ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220328&jk=1808181346014839&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame E5AE 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 13:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 13:41:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5AE 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KnIahw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 2241c8b8db3f488aa45370bcce8a4af2_cpn_300x600_1.jpeg
static.criteo.net/design/dt/4955/220222/ Frame 59D4 17 KB
17 KB 26ms
26ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/4955/220222/2241c8b8db3f488aa45370bcce8a4af2_cpn_300x600_1.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cef514245b8ec86368954de1bc28f62864961ed3377b366264b7da71f3202c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:24 GMT
last-modified: Tue, 22 Feb 2022 11:19:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6214c6bc-4264"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 16996
expires: Sat, 25 Mar 2023 14:38:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220328&jk=1808181346014839&bg=!sLOls_fNAAbzJazn0yU7ACkAdvg8WlfXcgD38S-9gRaTlbPUdrcqkXnJhA-fifKi4vBO5a0seLpHzwIAAACyUgAAAANoAQeZAug1RRG1zv71Yity4WkpWW4ZgextzFDvMNych7Hlwt0zotuqGn30NmI35jaKYlYiKaU8sF_mmbna2uS-QVqy49R9Am3EzcFVm0aT5NgKXqNl3HjOgJaYDPrj63DsvjOlD-3ZvVd4KVwZoJhoUarvBp-IUMRNB0hx1Y9xuOtpeyYY8tUUqC7beBx-LmtT206SIv4tteQ9p62MzBYgvOSryRBZj1pfwYT86VY7skzZuI3Jax0pu15Wi46HTHi_xPTB5_O0t5sJn_wGTEzo9wPGBqZXDog96ZiBNtXBKtHwWxs_zMpDppzbBsuuyyGYhrqBHfCNc1h1Ku4E9k2nRIvGgVXX5uJS9_lJMVhNK6eu2zEKyKLO9iiqd8Y30SboumLmn2047zqZh5rlzrq_Q8TJxICnu-ToX1LUlLw10f257grlsW9d9zB1xNohtSjYopc0aSfEZ6aSibLC1MwRcTddIhq6jIavIncrBHqUqR2-1_fIEJk8j88KaOZEqFUV_LlRlcgSYmh-Ob_WcnKCIwqopNjTAdGZTGDL7E4XNSHhIdP2Q4taFcJSHcEO2nh-NJD8ho8hh0GUiaQ9N94tXh9y2y7RNE2DSFTRNTrXid2faHFr8PU9CPJzhcLHW-DQjRNl6edXjw_znzcYAC6Bk9ucoLvcRX-HtIEmgGN0HniBXyGkAgyiphXeGqYVa38SVo3q8Ywb0mzfRTqvBZhxW9t3oVf83ZhR-Sy9BBS4ckh280hxwY6sMINhjPc0sERYPeKqQJDi8U0uX0-tav7oPcuTmZLikI3p9Gn_FTLnI_dlEkrr2DccwqRURW-Lh1Mc6HwRFlUJLkMPHSAddgwA6OBFCLH9c2h0xgCZol2b93XouxNGS0ogf8HkGFeJTzZiyT1dDFTj8Fv0JqxjikGeyJBaaFfPJW6xdqW5irsGDqyBT2VZyVz_A-cjJ34q5f5vV7tGUt0OP_qNx2TJYi5h4-Wq8zRXb_XUwqmGF08

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://laptrinhx.com/daily-emotet-iocs-and-notes-for-11-11-19-1809292531/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Mar 2022 14:38:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tEyxdXZNU_p.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 582F 705 B
432 B 7ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/tEyxdXZNU_p.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=207946532970943&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2bcc1630efd6c4%26domain%3Dlaptrinhx.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flaptrinhx.com%252Ff32a2ad8d470eec%26relation%3Dparent.parent&container_width=1472&height=100&href=https%3A%2F%2Flaptrinhx.com%2Fdaily-emotet-iocs-and-notes-for-11-11-19-1809292531%2F&locale=en_US&numposts=7&sdk=joey&version=v3.3&width

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

879d96944105ff807c48acdce8eeb7ded4a833589428eebcf05853b990500c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vpP90KyLmQdtTXYLZU0Jjg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 378
x-fb-rlafr: 0
x-fb-debug: T7wJYkQOP8m2VsTjSpiKpkCM3135wxt4Y4du6Fo3Ka7adMGD7nBrtBANg/NFwrFueM2icSzuy4M17M8TOli5lw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Mar 2023 11:17:21 GMT

GET
H3 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 582F 125 KB
20 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DaMRuE+YoIxDIzGIPbrOjw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20378
x-fb-rlafr: 0
x-fb-debug: WTXRf23EKSt6PqEfY6rRvNc9cH0+XSEE0vitu3DLmFizx0CJwVH0XFQA+PY6oaBM6aDFrML9vJfyVjb+6EQSgw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Wed, 29 Mar 2023 09:47:19 GMT

GET
H3 200 EFr_VFYatPg.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 582F 307 KB
82 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EFr_VFYatPg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

70ba72f2a8a571c7ee6b9c5b6a9a2f307d21d506e115c852d335bc71babb9354

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BbCqV3I+0UzfhK34TfyxyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84411
x-fb-rlafr: 0
x-fb-debug: YCeeesY2p6vF1oVfisfSXEm2v+Iyg9QeY9IEiiGhHdn+hx6vOfb7c0uzZIbl+4/kIxHvpT2rJcxMrZu4a274cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 30 Mar 2023 01:55:46 GMT

GET
H3 200 rIfYRbts4s3.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yw/l/en_US/ Frame 582F 156 KB
43 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yw/l/en_US/rIfYRbts4s3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d85b1a1d64df4864283faebc3d00199666fff929a209f741e6b318a9448cb032

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h718P4tWKs7xuy9XOz6+7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44426
x-fb-rlafr: 0
x-fb-debug: 9MLGsiJKjx2f5T1H5n6fcCVOP2RyUJa1KAgouwUq5tryTghrlOlCknQQ5fZIa9hNziIj3dMBWdib+eKOp7vE/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Mar 2023 17:09:08 GMT

GET
H3 200 zNwkbjHclhW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yK/l/en_US/ Frame 582F 1 MB
333 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yK/l/en_US/zNwkbjHclhW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

640a6a37e1fdcb5086597f099f07bb70dfbeaadb692afc70e51595d18e2dae0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QHfeaBR65WBobGKx0gh2jw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 340440
x-fb-rlafr: 0
x-fb-debug: T8Vh1e6hdF4aWL/mAp9yMC/cmlbFWxe1GSvMJ9dVi49CiclB7HekqraK708GYur/VAl3yOrP/URD8m6m6mN2vw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 00:07:27 GMT

GET
H3 200 rAHOJhbbO5R.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 582F 36 KB
11 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/rAHOJhbbO5R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe5e4ee79f114a995689f21597a04b4f7672d8b8cfe525bd4e40461a800ac816

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JgVrEK0E6kYcgKQoGavuRw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 11301
x-fb-rlafr: 0
x-fb-debug: wlUZb9GKvll6b+PZ7SXPQNafZZ3WVfLOb0bpGzLLck7LtWAev9NEZ859R7qDQyudiDp9RP5VfD2qcZBllXplOA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Wed, 29 Mar 2023 10:40:42 GMT

GET
H3 200 jFADBD6dLLg.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/y5/l/en_US/ Frame 582F 41 KB
12 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/y5/l/en_US/jFADBD6dLLg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

127afd5d44cda999547cc478804305c788a40f24910debffedff269740591543

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: C1XSG19xHpfoR572Q2c9KA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12322
x-fb-rlafr: 0
x-fb-debug: IVHZnYheTDGpKEABYaHmcHi+uIp73v9dWXyoKFCbdWo8PI8jo/yE5lQmO+cJRpR+20P7dchFpd1Tq4dcGqlmyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 26 Mar 2023 00:59:12 GMT

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 582F 251 KB
251 KB 8ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: k3u86njV6V+S9BFQNUMwtOM+OctrFHFDpcg2TlqS/aB4XTc2WSaP9yCZoCsPyxvnKtJLKCtFid4K/ZI/UJxytA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Mar 2023 14:08:47 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 582F 1 KB
1 KB 10ms
10ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 14:38:25 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: XR3xYrPuh63B+EQHzUVxpj80rgoAao7rXWEK4raH6xhMpnm+nOhXzhxUjyz5K4ElAYLyN7GLyyPeWomVbs2TAQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Mar 2023 14:47:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 59D4 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 30 Mar 2022 14:38:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adservice.google.de
URL: https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com

Domain: adservice.google.de
URL: https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com

Domain: adservice.google.de
URL: https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com

Domain: adservice.google.de
URL: https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.laptrinhx.com/	1970-01-20 19:28:43	Name: _ga Value: GA1.2.1922533143.1648651099
.laptrinhx.com/	1970-01-20 01:58:57	Name: _gid Value: GA1.2.656609813.1648651099
.laptrinhx.com/	1970-01-20 01:57:31	Name: _gat_gtag_UA_65593818_5 Value: 1
.laptrinhx.com/	1970-01-20 11:19:07	Name: __gads Value: ID=e086b29adb66d10d-221fe5cb67cd0031:T=1648651098:RT=1648651098:S=ALNI_MasMiPTZU9HXpc1vXJKAWTn1yKuGw
laptrinhx.com/	1970-01-20 01:57:38	Name: XXXID Value: njgA9ofj5biJ5xJNrKTx4qUb5M
.doubleclick.net/	1970-01-20 11:19:07	Name: IDE Value: AHWqTUnhID0BQnPXK1dH0LATI6ZsvJPS_pUh_I4Cy0DHkf8fFINY-W3La8LXlblL4bo
.quantserve.com/	1970-01-20 04:07:07	Name: d Value: EFkBCQHkJYEA
.quantserve.com/	1970-01-20 11:27:45	Name: mc Value: 62446b5c-9b15a-dab21-1e4c3
.innovid.com/	1970-01-20 04:07:07	Name: uuid Value: 7b276e9c-99f5-48f1-9643-c13365845f9a-20220330 10:38:20
.pubmatic.com/	1970-01-20 01:58:57	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:07:07	Name: KADUSERCOOKIE Value: 0D526078-01DF-4E08-87D8-D90AFAC912E7
.casalemedia.com/	1970-01-20 10:43:07	Name: CMID Value: YkRrXqWL0bu4Zt2WTi.Y3gAA
.casalemedia.com/	1970-01-20 04:07:07	Name: CMPS Value: 3224
.casalemedia.com/	1970-01-20 04:07:07	Name: CMPRO Value: 1161
.casalemedia.com/	1970-01-20 01:58:57	Name: CMST Value: YkRrX2JEa18A

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paste.cryptolaemus.com&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2026110378062824&plah=laptrinhx.com(Line 442) Message: Refused to load the script 'https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2026110378062824&plah=laptrinhx.com(Line 444) Message: Refused to load the script 'https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bkns.vn&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://camo.githubusercontent.com/8456a67ab97a13866d928d3a14dff59a57cdeccb/68747470733a2f2f63616d6f2e716969746175736572636f6e74656e742e636f6d2f613237306466313136326564356333626639393638623234303634623931656564306466636331312f36383734373437303733336132663 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blog.usejournal.com&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2026110378062824&plah=laptrinhx.com(Line 442) Message: Refused to load the script 'https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2026110378062824&plah=laptrinhx.com(Line 444) Message: Refused to load the script 'https://adservice.google.de/adsid/integrator.js?domain=laptrinhx.com' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://camo.githubusercontent.com/8456a67ab97a13866d928d3a14dff59a57cdeccb/68747470733a2f2f63616d6f2e716969746175736572636f6e74656e742e636f6d2f613237306466313136326564356333626639393638623234303634623931656564306466636331312f36383734373437303733336132663 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://boygeniusreport.files.wordpress.com/2019/11/webp.net-resizeimage-2-2.jpg?quality=98&strip=all Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkRrXqWL0bu4Zt2WTi-Y3gAABIkAAAAB&google_push=AYg5qPKKSpZPC1wjqAFVT53BCwzlidXtxWdyVtEyFSOd6NO3sm2_hjjlyMWcdS4Z7rCFNh9k3h2Y1Axaxv3vOcmKjAhC45bdFgQ&google_cver=1&google_gid=CAESEDfusHPYJLlHnsnELYTpU9Y Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com connect.facebook.net www.google-analytics.com onesignal.com unpkg.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googletagservices.com cm.g.doubleclick.net googleads.g.doubleclick.net www.gstatic.com cdn.ampproject.org fonts.googleapis.com .googleadservices.com .google.com.vn .google.com .googlesyndication.com .laptrinhx.com .sharethis.com *.amcharts.com; object-src 'self'
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
149611589.v2.pressablecdn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
blogs.sap.com
boygeniusreport.files.wordpress.com
camo.githubusercontent.com
cat.fr.eu.criteo.com
cdn-images-1.medium.com
cdn.amcharts.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
developers.redhat.com
gdj.graphicdesignjunction.com
gigadom.files.wordpress.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
i2.wp.com
image6.pubmatic.com
images-na.ssl-images-amazon.com
images.careerbuilder.vn
itctoday.com
laptrinhx.com
media.bkns.vn
mmikowski.github.io
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
qiita-user-contents.imgix.net
reactjsexample.com
rtb.nl.eu.criteo.com
rtb.openx.net
s3.amazonaws.com
scanlibs.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
t0.gstatic.com
t1.gstatic.com
t2.gstatic.com
t3.gstatic.com
tpc.googlesyndication.com
wololo.net
www.commitstrip.com
www.educba.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.hiepsiit.com
www.learningjquery.com
www.monkeyuser.com
adservice.google.de
cm.g.doubleclick.net
103.153.215.173
112.213.89.40
130.214.229.186
142.250.185.130
142.250.185.226
151.101.12.193
151.139.241.27
178.250.0.160
178.250.0.162
178.250.2.135
18.159.80.129
185.199.110.133
192.0.72.19
192.0.72.26
192.0.77.2
192.0.77.39
192.82.242.209
222.255.236.247
2403:6a40:0:88:6996:6886:6688:6688
2600:1f14:2e0:3802:6bf4:294b:4d72:b5b6
2600:9000:2315:3a00:1d:d7f6:39d0:c781
2606:4700:20::681a:7ba
2606:4700:3032::6815:407b
2606:4700:7::a29f:9804
2606:4700::6810:5514
2606:50c0:8002::153
2606:50c0:8003::153
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2016
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9c
2a00:1450:4014:80c::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a02:26f0:fb::5f64:997b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:1b::720
2a05:d01c:1d8:8102:a946:f0fe:2301:5b7a
2a06:98c1:3120::7
2a06:98c1:3121::7
34.98.67.61
35.227.252.103
51.254.132.82
52.217.138.56
69.173.144.138
00e12bf450c21d26b28c1119a5c0e0e4ce5d69018d61bfc4e58dc99d5dc66e04
01f5ed73496cd60e84cbd357ab710e0d75fe0a1a06172f7a2969f84161110914
02351bba897892ccd1eb5e270978dd4b88a63de5b018984fa14526101d9c157a
03527cdd8d30c8d35ff35d8e1be294beff2aa76b7574e277073883c7d81123da
0643a80cb2078ff8567cb4b2016d8f73727340f073a7befae1145a3e0a7543f2
07c54695a2461c88393db1e06023ad1db883f2c4c04b95c2a408c0b7f3fb74a8
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be5ab7a9de5e2340f137739809e35971b7825bc769ab138e6045544a5b37259
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0fdd4cfb7bb83961b9a553a555e1857eae632e7f5b8102a436548fa404700746
127afd5d44cda999547cc478804305c788a40f24910debffedff269740591543
18e70b3198a20a58f2f87a600cb499447d8af3f2e96da28719fb36c5d4f47ba8
18fe83f28b5469dc5e7f8b6878aa7e86b7a31839ac20bdb3acc1f377538db06a
1930221a7f3f63776276e9de50672fb60ad022d987e3a6524a90299243e26648
1b3f50cac875b57357b7716c6a9717ebf9c0e59b14f4301847785d17596e59b0
1efe8a6aab3b4e9ec2540e9787a88f79a985d57d5a8c15033182daf659b86132
216574bfa9e563b5a30852dd93cbe80fa0c7af1919cce820d1be832039c87039
2365b37a1a33788069e407048e568431dc80249682baf171cbe2ff0c3bda4db1
255f10e608202a2d62bd3d79816ad42712bd8bf8000491b855df3315ea904af9
2609991acfecb113dfd25fc91ac3d5e3f141b9b05e31a7fda2fc92fb418c28a6
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
26f179d83350b1da1ca4d2190562920d53c42bb4ebd1f5242c86f3a2408045fb
27377803f0c1923c3d5d32c5b85d3794a7452e1fe27dc165fa6c11d94fa3c064
28dae7c8bde2f3ca608f86d0e16a214dee74c74bee011cdfdd46bc04b655bc14
2d1dc8150fd57992132d766052c9def8bfbb8f30e347520c00f6f462967b3498
2e5c53cefd90b5a45afcf7a17c4782987d57bfd9981a63fefe268ca06fc61338
2e77ce1afe8b605a903d920e951813bdfee51b89edd911091c8726ff6f3bce30
2f12daf14684476b3ef7891883165e562e041161952aabffb39a701162f1782f
323a4533e338bf25fd3a6449c8ce9747affdb6f8d228ecd30bb77e1b68e02691
32e9ae795b15c50cced87bea96caf36b2b3f9bb8a363dfadeb4fdcdff465ff46
334b4718a71650f2528f192fdb37975db92eec9b9e2a3dfada5a98331eeaeb92
35a48f3672638fd18d01f790ae4ce4edf68007711c7104f12f03fbb5bcd52919
3e340f37ccbaf1230fb16e6ce926a574f480ee52d3f0ef8444875c132991ec99
412359e008cd8f5391628f11858234d8e74d81dba356a4077a0b7b832af0e336
468c8a376db29cb07cf4408da3b36e9d6c5fe1677aea99e95e71e3fcb0ba6f92
468eee25780f40c29069d2d91645e07ff5775c98bc4f414c5818ee7eee6dbf06
4992ed04e919fb75750cdb596910f6a90a855bc39870572873435803bc51edc8
4a724ff2a95b5a54c343317baf6090f082980a1989788544c59c24c70f0e125d
4c6734d31c4e5ffde831fce9d3eb8164837a556b3869187fef531eb45eb8edcb
4de62ac1229445319cb0b188be629ee8867063c1925b18d7689e3c4d4005b8a2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f01fcf13c2ccf4075d87a50d9e70a8fb7edbf32f9a937b3fca3e9b998d0ae3d
4fae60420292dca967dda56aedf8d94c16ecb0f577db64f7265ae04f5d104bd7
5199297d1cfd21738414ba84dcb77ed50254dae5421b56ba12f397e71c2af92f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56dfc56d1c8e123f0832aa2a4a1183017a5bee1a8b8f9820f6f9bf8b6e824c49
57c5e87832728734eabcdac247a426f82dc1535ad5377e5cab16d09c0c72b252
5869f8b7a0c1419b0f8793234ae47779f4e1d46bc1aaf914bd037fe55d84ae6b
58886cc9b93f368d76a97136a7a4392a44b56857eb91a3dcaa60d97662746cd6
5966ade67ff39aadb0349c181e880ec47ede96f4082d6308e8361602fc5e0d12
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5a8b11a4e5448be8730c2892d3829dc682bec2f21be9c158cf8b296a8ee15927
5b0c696bcc3e5b91a8a5a98fa69cbedc79d806de689581d0ea018e39065c204c
5b103b6dd4cd46cfba0944e3c19de471e7fbce56bf0198c37179bb619b23c09e
5bd02cd6b9a75af6d734dd94e449f79d83867eec28c1636274c628e613383cb2
5c5b08ac5e0a72787a5b561c315493b9d578c71334a77f875e12bbeb5239b905
5c5da3ee66c088459a421a419d52da1fe0b297ed8eee42068ca849c0cd1b7f7a
5e7b99e1ab2965143ebd3f6e8898a3a51a222b1140349061ea198ad3f2da735b
5f1b88f820071e1914b68ad1a5e0f760cb91d66a42658941bde44ad33a208d62
5f820324bc0ec7544a1f1ee172cc42b877bcbfb7a5d8198a72214915884c485d
601a6adb733eb7ef3c775335b95f965d7c94d40173824f0fb822280228130f61
616a575b1d7805a7590c5217c66b2089cdf9866c864956fa0ab26f1e783bfe13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621b54e5d3acddbe93a633ee199a3fe538cd2469527f4cc2cc65b67131189704
63a0113f56c3dfc27b724ab7921fd430064702233b51de3937717895591915e5
640a6a37e1fdcb5086597f099f07bb70dfbeaadb692afc70e51595d18e2dae0b
6495436bd41ddbda9660b2d78de2ea925ab34b4060082a40170de5c27b08efef
654e8c2c6cc9676911d5cfda26ee3e1627792e251042a4d02cbafd48d9045460
662dae67065bef1763ed6d671404e7e86e7488a05c82147f7e2df1ef1809b1a4
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6c22768076916e67bf8469e03525f76918e4f51ef1ff13c6fa64cbd1b4ee596e
6c24b0cad0f1848650222b8267994fae95f6744e642dde3296f7411c84f14f27
6e9088819767e178d0f17cdae2c9af320e41310f35a0466c181a9d98481c7566
70ba72f2a8a571c7ee6b9c5b6a9a2f307d21d506e115c852d335bc71babb9354
710af5297bb2f76f1505a317810677b981d190bcd69c43c9c8706656f8defe32
7154482c9253f4032ac52966ce9007f18d15254aa701e4603e771c0cb9284909
7208f9fb965f6bd84cb0f43accef87d01858af47acdd671b6fd242d735ae330d
7744a4e85f4aefcd5ca65c23f43e3769e22d4d17a24e846d371728c78b3d6e4a
77c60ac9f434251d4368b46ca924255149f20359dea3cdb643dd43fd92550645
78e585e4d07b15ca2ed80452aeb633dfd2a8557861a425a261281620c84fa3ae
7ab906d88d650fead07a772065344479d5967e028976b4da92c22f8ecf5cc2fb
7b3066934852d6aefc6c66911ba51f8913d3365929929f394c1af6301a1d8d6b
7bb31d735e8432585a40fca9f1303bbb5a279623d6a4adf6a642e54700669e41
7f0e3a714e236333b6fa25d1186ada3875edaa4987be84dc9163c5c7fb59fd12
80a291e9fe9a438b33d09c46eac2c455e8735ecbfeec17e339727aa5c9db16cd
80a873d33e3ba2852ca3ce57e4d469ba3f7031879e91df9ca470101566283bde
80bd7a40984357addad6af28ed2ccf233fc54b895817de9ab342fcc1e2077741
81a8eb9d21e718efca58ee7b796645966e475c35a78f92527a3815a6c0026490
81c563ab78f65ce3d4c1edc76ff2de2c15a9e5bad150eb5fa44a418ecc4cb4ca
82f15997c945adab658b7c8e05680e0a30be1b1a031ca4a7fd9b4416664137a1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8574871cfe89bcae489ff61b8afdfb46cc7b467d2e34148e4bba207cc15516bd
864023030afd00d66ebfb86f11acd1a3b0b2c7b2ce9eb80e6c68077c4ffdfb57
86c9ed0f23530e9c79219a80d1ac660fb258e93a07fc1999ab8b14de02abb35e
879d96944105ff807c48acdce8eeb7ded4a833589428eebcf05853b990500c8f
8836fbb9d741722beb421a2bea88740b84d050998ca07e2fa3737394ac39c738
8bc7cd123176573d6400bd6bc425d527d2d13b3e550874434be41ebe8dddf4cb
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f6a09123b72e9f9de4c536462d3c6de92b0609afb676ca3bc9aedd9967b76d2
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90d539d740fb820364745484011c96f1f353ae16c369185411ab571ef9490d51
9304db75b84c5498c435c9238af80b55d510bb3bdead9dc80b5911baff1772a7
94d36353eaf861b135a53971586f30a4e85e1905eefcb3013c0a8330f6bd84e1
94e1e09da771dfd037f11e85116bb217b7b0ca39af6eec836e1870995e05d5f3
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
97717f3bdc47d512640a6c94d39a88b40978172bb157198de98e97d29bc9c644
98bd147a9f2bbfebf2fdee36a57883223ffba851d2adb4f465a8900812373a5a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad31ed76d017094ce15298d3979ec09f5d5fd05b6bf60da2e8a1623ef177d5c
9b2228c8ed200577126db43a8d7168a8da19efd252a1df628f46438345a64044
9bb178924aa932c8765b3a483976e549f587407bd63dfb5052789b21784d8a65
9c59256d9da57a8b3e1db6dfb557021da6367d009bccc25b92c879986c295673
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558f9c53e092e98696ca0afde1369b11e2b26581bb898eaf59e3b55bf8cdbea
a64ec60541fc015c22d3b6762273f7c017b4359bdeef057e1f37b83e56428e7c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79d7641b7b7af5ed581d24bf7af1c96964554b1c75d1c6e3defb51d507d5903
a8f1e5286594e966751e12125c3fba0c140cc2217d87661e305224fa1a9a3b59
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aff9ebdb30c164bb04791eaa97ad287e3bd3be72e4c9d2c11760ff95be992fa6
b0dd739c0e029cf3ccc53afcfaeac9d062ffe27325823314d830689726c8a034
b264d7b70dbc7a6734e79cb1d87e5d5bd6c2a766e01ab9559529f400f98bbbf4
b4d4a302536868814e656fc867b941eb9ba1597c8a9e3299aa2685bb4c8b6bc7
b6c23a3e60974925453991470dff6203c7135a22eab321f9a85c26356c1e1c3f
b88b76363553ea9009e4c58d1d6dddef5970428453fcaaf08628e76340cc5d6b
bb9dc3c489f54f69edd320647423e1f8f757da53c6d1aa957c3996d99b15294d
bc427467e02960ccf9d7164e74077347133a4806c042b6282edd80638fed128a
bc7f3a22f95684b2d09312693ac37e4a9a9cf5b3835459592d2b040b3132f4ef
bcde6bda055c6de7654a22b3a9fcee4e121149da17417c58cde90347ebea8cef
bdd692f09eb94847571d4676434990b8873ab99764c193cbc23ee9ee99482d7d
c137c4c64307da61d68e742d8466ca1b028856195a6403c92202810fbcd85b5e
c3ab26cd5436f646ae93cd6db3b1048652ca754057780e8ae8787d76ea8b7dec
c48f911e435d29da984703acc41fe919d641cea8c4dc114a915589d29ce62b3a
c60b2e8e81bc1a96fdb5c2f5aa721e20b42a314dda339ef4506027e477d0081a
c926045e935344042306319724df6334c46a9e76ff94893e2ee38395cf322f53
c9a511fdf44cca6b02e85a7b663f8cc5de62a4ce9ebaf3404a6e548262b60ea3
cabc7b0a3dec80a79e7a0bba210c4e1259f834c450255f0f357a4424effde4bb
caeec4cb0b2a41dd969a28fe9aa7df8734c3fe70ec1867732f7d6ed64957c0d2
ce1b6b2c4b538eae742f05464031e3bdede7badc612ef5ce8caf5dd41d1a32ee
ce5a81115fe6f71c1edea17bc4247d2a6c38cdfef7073edcd2dc2971f42deea8
cef514245b8ec86368954de1bc28f62864961ed3377b366264b7da71f3202c4d
cfe837f46fd3d783877e2b79862378ea52f9d0747f469c326cf1c02e4b7dd5f4
d0127e3ae778fb0269cc319e174515249943436d4b372b428b00232023925bde
d1b61ca3c161ce274e9f82a42249280820c01fe62660994717577791dfb24ad8
d745d7516fab6abb46cf209a4e6ca23723f64d95743e97d64bc910cec4e0e687
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d8339b9ae233d6ec110d68701190e9dcd781cd61c7bcedd0354d44b6faade0a0
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d85b1a1d64df4864283faebc3d00199666fff929a209f741e6b318a9448cb032
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de934a085817710cb3bbd98d33e5b0c91709425d89eada2a2c55909c8b3443de
e0d5d6797984ae121e2952692737349455e08c1c2a517f5bbb91f759c7d7cc7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42d40e35bb1ca3cb5d043176898314197107e06e3e4ab40edc1a2d410d9c78a
e43dca7beb19f75ace75d0d6ca4dc00fda163f6109198d8879d8e49dcbbc9c10
e50d3be11c1df9c9e16599cf3b08b0da389fca900f895ced0b1efaeb81001a5d
e605103a125349e6eedef067689d754641003d47dc4b80216b81f327ead0df51
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb84c91f403529a7f2f3661d6a5b7ee555c574647e59e790adc45649a4fc6579
ebb6754087064b74b598913cac0ec4a2c24cbd66722977ee31a5455599ab9916
ecb2154fb2b46b2573e5b20c777fb349893286cf73ca5d98d54be7042ed63a77
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ea70e8f2e0fb4264e619ab50cf26caf2cf2165b6b20c8fe4e265e2b59164be
f1819e9e4a0c6859d077cd4bc3c75fc7118f1a49c8aff31ba454c762ad73a3d9
f22db316a8ea80dd814b7d639eff17a4047c9b74a31b98ea498ba000af9cb9cd
f2ccea91b70f17797ad019ae0e554729a4a6592d80132f298da21cd3a56dd9ba
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6270bd263e4da19a7f1d006027561db756f342db7d260459f166ee11bbcae5a
f6b08e0b004c48f1d9692333bb535647bc812d8d9f67987272c432c724c98c6a
f957f0996053d409ed93207c211a1538f97466ba02605ed96fa6a66c42cc1c9c
fc630344a4ff9bf393fc45c3c7717601da19574957c6a3adb2eac705095b8361
fc8bb91d8240ba46783e5b5c01f42275e245841e2542a22994867978f30317a2
fcd7707620d8a9336f4bf1d4aa8356a194589c97c463106131e89a8d87ef6887
fd95bc4a2930c310df0fa4a02259951fbe8b3ffa995c20f526ce02e51854f536
fe5e4ee79f114a995689f21597a04b4f7672d8b8cfe525bd4e40461a800ac816

laptrinhx.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

211 Requests

88 %HTTPS

60 %IPv6

49 Domains

62 Subdomains

55 IPs

8 Countries

7901 kBTransfer

12721 kBSize

15 Cookies

121 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

laptrinhx.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

88 %
HTTPS

60 %
IPv6

49
Domains

62
Subdomains

55
IPs

8
Countries

7901 kB
Transfer

12721 kB
Size

15
Cookies

211 HTTP transactions
3 data transactions