urlscan.io logo urlscan.io
SecurityTrails logo

www.shadowserver.org Open in urlscan Pro
72.52.15.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Effective URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Submission: On June 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 37 HTTP transactions. The main IP is 72.52.15.18, located in United States and belongs to PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US. The main domain is www.shadowserver.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 21st 2019. Valid for: 2 years.
This is the only time www.shadowserver.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 30 72.52.15.18 32787 (PROLEXIC-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 6
30    72.52.15.18 (United States)

ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US)
blog.shadowserver.org
www.shadowserver.org
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
28 www.shadowserver.org www.shadowserver.org
4 fonts.gstatic.com www.shadowserver.org
2 www.google.com www.shadowserver.org
www.gstatic.com
2 blog.shadowserver.org 2 redirects
1 www.gstatic.com www.google.com
1 www.googletagmanager.com www.shadowserver.org
1 fonts.googleapis.com www.shadowserver.org
37 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
wiki.shadowserver.org
Subject Issuer Validity Valid
shadowserver.org
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-12-19		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Frame ID: 06CCD0C5E6A40CF63B9DCA05087F0935
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd-ZUUAAAAAI4uGx0OWVijq_ZphoH70fN-xm5w&co=aHR0cHM6Ly93d3cuc2hhZG93c2VydmVyLm9yZzo0NDM.&hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&size=invisible&cb=olpuv7ajadva
Frame ID: 51D6CEE72F18E6FC2A218812C63AAEC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-servin... HTTP 301
    https://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-servin... HTTP 301
    https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-servin... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

37
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

355 kB
Transfer

856 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/ HTTP 301
    https://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/ HTTP 301
    https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Redirect Chain
  • http://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
  • https://blog.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
  • https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
e758d40cc3cd05efa2a1644e6bd9933c9938eacd78ab1bf57f0010ba2a603a52

Request headers

:method
GET
:authority
www.shadowserver.org
:scheme
https
:path
/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Wed, 10 Jun 2020 01:54:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
BunnyCDN-DE1-487
cdn-pullzone
66178
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cdn-requestcountrycode
US
cdn-edgestorageid
487
cache-control
public, max-age=0, s-maxage=604800
last-modified
Mon, 08 Jun 2020 14:21:05 GMT
x-amz-version-id
.7gtNG7iUeLowoCJyGo1FeWJi4rmGbgQ
x-amz-error-code
NoSuchKey
x-amz-error-message
The specified key does not exist.
x-amz-error-detail-key
2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/index.html
x-amz-request-id
64EB33C555BBE16A
x-amz-id-2
oDX9zkDNwEZKo+n1fh59yNYMXNxIyVMTWinOFYSk0/MzpBWB1REtKRBd0ujcSxGVJV4xM1B+xxk=
cdn-cachedat
2020-06-09 13:01:30
cdn-requestid
b14fdad226f966908e8951a7483ebf96
cdn-cache
HIT
content-encoding
gzip

Redirect headers

status
301
date
Wed, 10 Jun 2020 01:54:00 GMT
content-type
text/html
content-length
162
location
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
server
BunnyCDN-DE1-487
cdn-pullzone
66178
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cdn-requestcountrycode
US
cache-control
no-cache
cdn-requestid
45862c34a2a6bdd33af7761225d6777c
style.min.css
www.shadowserver.org/wp-includes/css/dist/block-library/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
0866C47EAAF33136
status
200
cdn-cachedat
2020-06-08 14:35:04
cdn-pullzone
66178
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
3fLlsRq64yTHOFoK9iaSiPli4bHCzqfxs+0zzJ3POMOoxijVS0zEN8Dbei5F2loTJiijPvhhMNg=
access-control-allow-origin
*
last-modified
Thu, 30 Apr 2020 12:59:17 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
6O5mKt5aIo7dv8R_tHc3BjRVbPE91Dz7
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
14c9f64b9d51f1dba405c76563dc5014
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
styles.css
www.shadowserver.org/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
7e9e324458b7f29aa70490ebd12dfdf61e500ae213d5382e0618e8497d513649

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
5232596A6BBE38E1
status
200
cdn-cachedat
2020-06-08 14:35:04
cdn-pullzone
66178
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
jaAqrqmMYqwMcgpdJFMFIWXONXSx5PhBx0NUJrpFiZBVRilfWyj2SGelqGIMPERjw0+pe39uIyk=
access-control-allow-origin
*
last-modified
Fri, 13 Mar 2020 00:08:51 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
Jw6QEmiE3PLabMe4fIhJ7l1z.JrQxdkD
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
d375ae91c714c7b5ac32d4b9382b16f4
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
search.css
www.shadowserver.org/wp-content/plugins/hardypress/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-content/plugins/hardypress/search.css
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
890625d437517aa3c2392f3ac2df3e3fbebdac1bf6e91049b85f455a035edd00

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
A76FBD6511CC7350
status
200
cdn-cachedat
2020-06-08 14:35:04
cdn-pullzone
66178
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
cjrvqqnw8gJRk97/3pCnG05sQUhHG3rDl/LiD5mlNzQ4lP835fqXpmv5EO6XVfo4MtgW/fjeP7M=
access-control-allow-origin
*
last-modified
Wed, 24 Apr 2019 04:22:09 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
004286ddad3136aefe39c678921caa01
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Anonymous+Pro%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i&ver=1.0.1
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18150d6fe6f7d3bcb4344027b0e419b3e5ebc518d415a05af127a793666853fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Jun 2020 01:54:00 GMT
server
ESF
date
Wed, 10 Jun 2020 01:54:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Jun 2020 01:54:00 GMT
common.css
www.shadowserver.org/wp-content/themes/shadowserver/build/css/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-content/themes/shadowserver/build/css/common.css
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
07b7ae64bf177ee3d3c50d951f936e72d19f5260ebd32cfacbc7db467ae91004

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
B3B7AF04F738B257
status
200
cdn-cachedat
2020-06-08 14:35:04
cdn-pullzone
66178
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
cHKZD0pAhQ6HKRZ6+t8aTWoz/+Jg41nc4d3+R6IZH9yNTFm8v8Dp7sHkHMkTqxfWf6d36N7nSVQ=
access-control-allow-origin
*
last-modified
Thu, 18 Apr 2019 23:49:14 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
5c56b9e93e68c62d5486014400dbca02
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
jquery.js
www.shadowserver.org/wp-includes/js/jquery/ 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-includes/js/jquery/jquery.js
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
6F4B0DB900DF1B7A
status
200
cdn-cachedat
2020-06-08 14:35:05
cdn-pullzone
66178
x-amz-id-2
/4wL0w8a9fPOnVvSHpb94N90nP89BbrEUyu320D75YErwg1k3KR8S+xCrs1bJn/CyxSBYb+ePXw=
last-modified
Thu, 22 Aug 2019 11:48:27 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
ZgfNCZb9p1ywX6K4d4GgmetmHnQrFW6H
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
2b2a04cd375f4bf2c1ad27986831fc31
content-type
application/javascript
cdn-requestcountrycode
US
jquery-migrate.min.js
www.shadowserver.org/wp-includes/js/jquery/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
374055110C9A3AEC
status
200
cdn-cachedat
2020-06-08 14:35:05
cdn-pullzone
66178
x-amz-id-2
MymbzKmivAZqsghGCHIqTASEOG00rbWUZ3vidm4pzVMxErRuWrtWz2ACV+h0CZu84bcYjduHXZk=
last-modified
Wed, 12 Jun 2019 20:07:43 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
f83c438bc74ae9fb856d843118ad37f6
content-type
application/javascript
cdn-requestcountrycode
US
vendor.js
www.shadowserver.org/wp-content/themes/shadowserver/build/js/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-content/themes/shadowserver/build/js/vendor.js
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
cc4e91b18c7a5838f04f656a4ce1b14565839077f4b91578bcf6f5dee0a3f715

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
59E7A7C3882AE5BA
status
200
cdn-cachedat
2020-06-08 14:35:05
cdn-pullzone
66178
x-amz-id-2
coY08V4nh6MYU6cvEr4bB79ag+w8u6++Qm+UfT2EX5q5NIqwiGxBSur65DZjxVqGuU39aPcm5Jw=
last-modified
Wed, 12 Jun 2019 20:07:43 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
d9188ecfd15f6cdcf34488198376e603
content-type
application/javascript
cdn-requestcountrycode
US
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51828365-2
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
212d9139f5aeb7254565244b5d987f33ad159e9b29a0dd7d833d02785421c256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33236
x-xss-protection
0
last-modified
Wed, 10 Jun 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Jun 2020 01:54:00 GMT
40948f29e376a210bd88302d2a7824b8
www.shadowserver.org/hp-rewrite/ 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/40948f29e376a210bd88302d2a7824b8
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
36f6a7cdcec4ba424ada1a340cb8747bd65124fff0f2ca91e7032f86852e45a9

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
E3FFCE996485F3B9
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
l0MtEurtMJ70GVwzZWoQU6nFs87/Oq2tVGPeoLbD9TImu3mE5gIpeCA1ijh9DN+ppnKIOCxunNc=
last-modified
Tue, 23 Jul 2019 13:14:17 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
ocYdN06ONU7yZU85F2QbbQSZynByZVu2
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
b1fa31e5ddcb184058db61e47cc73fab
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
logo-shadowserver.svg
www.shadowserver.org/wp-content/themes/shadowserver/build/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shadowserver.org/wp-content/themes/shadowserver/build/images/logo-shadowserver.svg
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
13e80e538a780cafcff886941d165e26d6a8c3e4a5d087add149710311022e28

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
47C57B3A4236011B
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
QRYJ7Vu/cjMSFaW1QVUKiaz2J0oWmRUKdD9SsG1QR6bbMu72f/CUTMO9t0JUhW3kl/SbYcwKJvw=
last-modified
Thu, 18 Apr 2019 23:49:13 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
2877bb00a9736373b4a19e2fe7d6b250
content-type
image/svg+xml
cdn-requestcountrycode
US
4fea21981ab84fab30531629176dbe35
www.shadowserver.org/hp-rewrite/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/4fea21981ab84fab30531629176dbe35
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
50576e92db4feff35da9059127a4c09fc088b83de00bb6ea1f607378bfd775b7

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
96A7ED8F7F735E18
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
MVq6Ja5VTJ02egyRBy2wZ1cKXI4rgw4Wy1LZgYu4MmUk6nZQq7FE9Fi/kbx5erUIgD+U9YqhmCU=
last-modified
Tue, 23 Jul 2019 13:14:17 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
.7BE0HZwGC16gHj9f6mSNqDVjKooM46A
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
c29a242556f3d51aadf3a3c1796eb520
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
77cd7d7c4170350282bb45a1f4c38abd
www.shadowserver.org/hp-rewrite/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/77cd7d7c4170350282bb45a1f4c38abd
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
dcd81919e259852ce3e34c1090c9af8238627c32cd2170e7a84c666461dd9e1a

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
A22E7A3BDBDDDBE1
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
Lzx93rJYH6OfAOFDAGRKhROenjnr9FU/l+GFdVIVwitg4VweVbOeDQbsOhGB2ttwZKeqRPT04Xs=
last-modified
Tue, 23 Jul 2019 13:14:17 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
y778GdTE7r7v1lcs2LPG97eFlsIn9ShT
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
ed10b0625875204636cc3077f687c391
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
logo-tagline.svg
www.shadowserver.org/wp-content/themes/shadowserver/build/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shadowserver.org/wp-content/themes/shadowserver/build/images/logo-tagline.svg
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
fcf9a65d0252e0810e360b39e203f414677a193a8c7ea6a342a28d934a527a9d

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
7AE371698DFDB104
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
FLflD3dmztzoLr9QFqyrP6X3cPnGFzHpeKkH+A83WE/AVE3PI8yIxWpvEv4ab/vfyPLkvj4Kwtg=
last-modified
Thu, 18 Apr 2019 23:49:14 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
3016362115e9cc326cdfc89f2fae7b11
content-type
image/svg+xml
cdn-requestcountrycode
US
f978171d9b71037e60a3ffa55bb6d1a8
www.shadowserver.org/hp-rewrite/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/f978171d9b71037e60a3ffa55bb6d1a8
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
1160fb6c07f93bac02054f85a792961e1d162fc292e1a5dfc75c0c7e44ae0458

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
ADADF0A30B61251E
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
7VqXLj7NpuMdEeE47OTG1Bjvvdr82Yj2M6l+e9ovQGe0tFJIhZ4UlJ1xSFG6M4eDQ+JZiv7qQks=
last-modified
Tue, 23 Jul 2019 13:14:18 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
sehtYfbtlaRz2PWfHAWdWXV9E0TsFULU
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
f18f3162b74748c546573dcb202b4caf
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
592441043ce93c5a1302562482c62217
www.shadowserver.org/hp-rewrite/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/592441043ce93c5a1302562482c62217
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
16132caa5292431bace5fb47b53f333dc6bc7aa4a0c220f3dd4527ed3238fb3d

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
035771D351F683B9
status
200
cdn-cachedat
2020-06-08 14:33:47
cdn-pullzone
66178
x-amz-id-2
f3pZJ99RrReSpvMqQM69aifvtP9anGnRWCjVG7no3JpWzQrYpcJHrvzjZ95wyxYkWCz7oac1gzs=
last-modified
Tue, 23 Jul 2019 13:14:18 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
_UkzST3ZFjG2196hM7CCNMHMWL2x.daL
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
ee903989c3401655e4c785e4d9d59053
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
8ed457140fd3c84ac4811ed39ec5d32a
www.shadowserver.org/hp-rewrite/ 		734 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/8ed457140fd3c84ac4811ed39ec5d32a
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
53fbb44462bcb65e8dd8d4d396318a00c535f234b15bebecf0faef71a8af24c0

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
F16D9ED5209FA40C
status
200
cdn-cachedat
2020-06-08 14:33:47
cdn-pullzone
66178
x-amz-id-2
q/bOY4Ic1x6FO/kHO3ol4VwD442a6itAcqVGtncm38J7h3Jvod2S+nmVAVHxyKCONzp8q8PCpko=
last-modified
Tue, 23 Jul 2019 13:14:18 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
WiugYZqdbJBYLMuCkuPalbJCYg01cDwp
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
877844b2c44df8e94cfa562ae59ee8a1
content-type
application/javascript
cdn-requestcountrycode
US
5e3e85766f606fe9050232bcade84b0a
www.shadowserver.org/hp-rewrite/ 		323 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/5e3e85766f606fe9050232bcade84b0a
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
e3f38eeabffa3691329faaa8d81af26445b8fe1398b7dd7509d08b0c97da7740

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
4E9B33ACDCC26045
status
200
cdn-cachedat
2020-06-08 14:33:47
cdn-pullzone
66178
x-amz-id-2
njTCUFb/zEVKTQmjVkXyB0LqOhpdGTibpX8KxoonJ5KvEVo9tiCDGvfMzxjTBRBMGhzxAaCI+cg=
last-modified
Tue, 23 Jul 2019 13:14:17 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
cUE7xdqTQ1O.qFgpFjmTsgjHH01Dt_g6
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
35171560af22b7fb0acab7500df7484e
content-type
application/javascript
cdn-requestcountrycode
US
927dc96d1fc7e4b8540263176cc50d61
www.shadowserver.org/hp-rewrite/ 		950 B
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/927dc96d1fc7e4b8540263176cc50d61
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
0464c3dd2d8a349acb7f07d10cb6fb2dc70e107207930bbb9ad3514c817c5d76

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
00FA9710AE31D56E
status
200
cdn-cachedat
2020-06-08 15:49:11
cdn-pullzone
66178
x-amz-id-2
+gKxB9SCA0opRtT30U5IIJNIhImnH7KjzqBLO70DRdad7H1TY4Vfg86pwJbzVT5XNUHL1MaoH7A=
last-modified
Tue, 23 Jul 2019 13:14:18 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
j.mmM3TvupP5AamlPNdujmbQ6PB1iSEg
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
dbf10a17a5f1cf40bb78b9ae45785f01
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
8c56d7a65ef49d6cf0431538caece7f2
www.shadowserver.org/hp-rewrite/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/8c56d7a65ef49d6cf0431538caece7f2
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
55be76321db3711b95c2c1b3a1cbd3afca1ebab12c7ca2315c84818c83490dd7

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
112C32E6445AD281
status
200
cdn-cachedat
2020-06-08 14:33:50
cdn-pullzone
66178
x-amz-id-2
f6BN2ETMUP3U4GVlLoE/ypidLrUyHjM53H0+2tt44O/MyvZvu4hzG+uuaFO0WQdc7+qAASHdETE=
last-modified
Tue, 23 Jul 2019 13:14:17 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
j1UPJToLS..rfleQdLjhBNrGqRq.zMlU
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
953eecb4638bfac79d7f18aada3f4374
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
icon-shadowserver.svg
www.shadowserver.org/wp-content/themes/shadowserver/build/images/icons/ 		874 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shadowserver.org/wp-content/themes/shadowserver/build/images/icons/icon-shadowserver.svg
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
30972803318323d55255c6fd77e58c1afa276147b426d78c59b6b6d87976a2c7

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
25BE49809E4502CE
status
200
cdn-cachedat
2020-06-08 14:33:50
cdn-pullzone
66178
x-amz-id-2
vOnC+p2gpFCsATYrh52p27XqqqD59rhthhk7gMPfHRngPWxWaufzKfmJphsCz2Ik3IW4/skD20Q=
last-modified
Thu, 18 Apr 2019 23:49:14 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
e285bb4506c0c758be949dede154aa86
content-type
image/svg+xml
cdn-requestcountrycode
US
icon-twitter-circle.svg
www.shadowserver.org/wp-content/uploads/2018/02/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shadowserver.org/wp-content/uploads/2018/02/icon-twitter-circle.svg
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
d8a41f9c69e5b69073edf417ddbd2a2faaa8a5816dc116955275446cc37a928f

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
E7CE3E1C2728DB85
status
200
cdn-cachedat
2020-06-08 14:33:50
cdn-pullzone
66178
x-amz-id-2
8YC89KYK/wQ+xWVGw0USqfoc1hxJkqkiTGcz5tkZ4P0CG5GrEZ8AM6WFGbFn/O7fWPbgMj2wVGU=
last-modified
Thu, 18 Apr 2019 23:49:05 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
7fe5f06b07b5e74184d7dfc1cd85dcf3
content-type
image/svg+xml
cdn-requestcountrycode
US
icon-linkedin-circle.svg
www.shadowserver.org/wp-content/uploads/2018/02/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shadowserver.org/wp-content/uploads/2018/02/icon-linkedin-circle.svg
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
e95eda11473d7b1c8f103dfb587c9c630bb5495a55a0febe0db80003abe0b2aa

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
705FDB1E1929374D
status
200
cdn-cachedat
2020-06-08 14:33:50
cdn-pullzone
66178
x-amz-id-2
Ihh9XZwJOPeRTHwn0nPrSdavfqcgkLxaWHsh35zLNsstKRIwZR5f6JH+gPdlXnyV4q4VRRf04Ic=
last-modified
Thu, 18 Apr 2019 23:49:05 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
ea220f60deda1e624cf7e5b7ec66767e
content-type
image/svg+xml
cdn-requestcountrycode
US
scripts.js
www.shadowserver.org/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
F80569F256699A77
status
200
cdn-cachedat
2020-06-08 14:35:05
cdn-pullzone
66178
x-amz-id-2
YUPrlU0s33WWt+OgKNvkWpT04xroYXLJ9LzhjlbB1vhQAXNwv0bTnPujjZSRlZQLlsgb/DTKMfc=
last-modified
Wed, 27 May 2020 12:27:38 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
Q5tzBz9Tb5rPSezAwOz43gk0LAthYcs.
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
c0c337284e0f42658a89f7d494e5c675
content-type
application/javascript
cdn-requestcountrycode
US
search.js
www.shadowserver.org/wp-content/plugins/hardypress/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-content/plugins/hardypress/search.js
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
3452b250097fe300cdf663e47a1ffacde1e1d938d1c29d5d8041405584ab1687

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
9836E7ADCD745C75
status
200
cdn-cachedat
2020-06-08 14:35:05
cdn-pullzone
66178
x-amz-id-2
pqwqon/4C4RQQ5CcyiO9vNhpMsUY0Ddm4tKZD0960Xk5hVhlX4+sOXWwBbjoevOk8OyfiTXcIDU=
last-modified
Wed, 12 Jun 2019 20:07:43 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
907a6815756e1a6fe6b0a86c7abcd99b
content-type
application/javascript
cdn-requestcountrycode
US
api.js
www.google.com/recaptcha/ 		708 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ldd-ZUUAAAAAI4uGx0OWVijq_ZphoH70fN-xm5w&ver=3.0
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b68459e8a7468bba316d1bdf0652976f01600492ae5faf3939be8413f054fbb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
479
x-xss-protection
1; mode=block
expires
Wed, 10 Jun 2020 01:54:00 GMT
wp-embed.min.js
www.shadowserver.org/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/wp-includes/js/wp-embed.min.js
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
br
cdn-edgestorageid
487
x-amz-request-id
6B50ADE4B3FEE299
status
200
cdn-cachedat
2020-06-08 14:35:05
cdn-pullzone
66178
x-amz-id-2
sACA525+E77V2q6YqdOD4T153HXH2bu+YU/SARTZLWElGiT2c5jhbMKZ+7ECa3WycD3aw6I8Edg=
last-modified
Thu, 02 Apr 2020 18:27:21 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
lTPZwwKVvLN_rvaC27YdwYFJasktBh6a
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
3757f0ffa874faf77af63d9d81ead518
content-type
application/javascript
cdn-requestcountrycode
US
e4db50446e40eb5c7d999ddaa1aede31
www.shadowserver.org/hp-rewrite/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/e4db50446e40eb5c7d999ddaa1aede31
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
b4c25c228b710b69317601149950f191f012bf67de3cc00ad13259cb1768d688

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
6C3E2F3D104644F9
status
200
cdn-cachedat
2020-06-08 14:33:46
cdn-pullzone
66178
x-amz-id-2
rHhRONoEVu/aH4N/nLX4XkdG9ySHaR5Faf/MdUQ5E3JAShZM/LF7h5qFwfVhtxh7hrSNraBagT0=
last-modified
Tue, 23 Jul 2019 13:14:18 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
U_jSdvvdLGPUbzm1_mPwaLQDhWT_WHnJ
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
3588f87cb39fe563aedaaae92d980088
content-type
application/javascript
cdn-requestcountrycode
US
dcc6032976bc239d430c54b64cf7b690
www.shadowserver.org/hp-rewrite/ 		732 B
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shadowserver.org/hp-rewrite/dcc6032976bc239d430c54b64cf7b690
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
ac3edb6873e89b2fc44b89d57a8d38f6a0ebccfca7a4e0247a142d250e9215a3

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
3945C386BDD16A1A
status
200
cdn-cachedat
2020-06-08 14:33:51
cdn-pullzone
66178
x-amz-id-2
el9/tRbyYxMqoYjkM+vjOo+3Dm8fhUCV25RZ/cxeCjdYYhqwAkKSs1EL/iX+snhw/0lSdL9aUSM=
last-modified
Tue, 23 Jul 2019 13:14:18 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
ZrbCYj2h4EFuutbXTLq3c8gSzpLrP4Xu
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
404e58026a6ac3ef096c1850cd90d2af
content-type
text/css; charset=utf-8
cdn-requestcountrycode
US
icon-search.svg
www.shadowserver.org/wp-content/themes/shadowserver/build/images/icons/ 		480 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shadowserver.org/wp-content/themes/shadowserver/build/images/icons/icon-search.svg
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.52.15.18 , United States, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US),
Reverse DNS
Software
BunnyCDN-DE1-487 /
Resource Hash
e41fc7ef05c0774a5ba90a8385c40d8027a1d2a3a3e03cfe726d92e4a7a4a8cd

Request headers

Referer
https://www.shadowserver.org/hp-rewrite/4fea21981ab84fab30531629176dbe35
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 01:54:00 GMT
content-encoding
gzip
cdn-edgestorageid
487
x-amz-request-id
46599003EECDE229
status
200
cdn-cachedat
2020-06-08 14:35:07
cdn-pullzone
66178
x-amz-id-2
y89bDMmI5yeGGtAHLcm29U2sjjStdcu8p6PvsKejZNPTW0W03LpfPW9ioZHRD08oOMw/aSegAbs=
last-modified
Thu, 18 Apr 2019 23:49:14 GMT
server
BunnyCDN-DE1-487
vary
Accept-Encoding
x-amz-version-id
null
cdn-cache
HIT
cdn-uid
25e272f5-167d-4855-b99f-3c8d13b1518a
cache-control
public, max-age=604800, s-maxage=604800
cdn-requestid
ec5d7ebd8a923393b96b5800b0a9a590
content-type
image/svg+xml
cdn-requestcountrycode
US
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Anonymous+Pro%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i&ver=1.0.1
Origin
https://www.shadowserver.org

Response headers

date
Tue, 09 Jun 2020 03:17:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:53 GMT
server
sffe
age
81361
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15212
x-xss-protection
0
expires
Wed, 09 Jun 2021 03:17:59 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Anonymous+Pro%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i&ver=1.0.1
Origin
https://www.shadowserver.org

Response headers

date
Wed, 10 Jun 2020 00:49:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:40 GMT
server
sffe
age
3872
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15448
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:49:28 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/ 		310 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldd-ZUUAAAAAI4uGx0OWVijq_ZphoH70fN-xm5w&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 16:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 19:45:58 GMT
server
sffe
age
119295
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125146
x-xss-protection
0
expires
Tue, 08 Jun 2021 16:45:46 GMT
rP2Bp2a15UIB7Un-bOeISG3pHls29QP-4Ks.woff2
fonts.gstatic.com/s/anonymouspro/v13/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/anonymouspro/v13/rP2Bp2a15UIB7Un-bOeISG3pHls29QP-4Ks.woff2
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79183953fdbb285e45886918b8e47513ab91b861233c5369c828da3935cb946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Anonymous+Pro%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i&ver=1.0.1
Origin
https://www.shadowserver.org

Response headers

date
Tue, 09 Jun 2020 21:45:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:33:02 GMT
server
sffe
age
14925
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9272
x-xss-protection
0
expires
Wed, 09 Jun 2021 21:45:16 GMT
va9B4kDNxMZdWfMOD5VnPKreRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnPKreRhf6Xl7Glw.woff2
Requested by
Host: www.shadowserver.org
URL: https://www.shadowserver.org/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6a3567935e374cef99f3c922ef6b788c1b7e5c468e35f371a60bd0ddcfdadcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Anonymous+Pro%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A300%2C300i%2C400%2C400i%2C500%2C500i&ver=1.0.1
Origin
https://www.shadowserver.org

Response headers

date
Wed, 10 Jun 2020 00:49:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:18 GMT
server
sffe
age
3884
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15308
x-xss-protection
0
expires
Thu, 10 Jun 2021 00:49:17 GMT
anchor
www.google.com/recaptcha/api2/ Frame 51D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldd-ZUUAAAAAI4uGx0OWVijq_ZphoH70fN-xm5w&co=aHR0cHM6Ly93d3cuc2hhZG93c2VydmVyLm9yZzo0NDM.&hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&size=invisible&cb=olpuv7ajadva
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fYBnBntcuQUl/qbeHh0K+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ldd-ZUUAAAAAI4uGx0OWVijq_ZphoH70fN-xm5w&co=aHR0cHM6Ly93d3cuc2hhZG93c2VydmVyLm9yZzo0NDM.&hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&size=invisible&cb=olpuv7ajadva
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.shadowserver.org/2012/05/15/cyber-espionage-strategic-web-compromises-trusted-websites-serving-dangerous-results/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 10 Jun 2020 01:54:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-fYBnBntcuQUl/qbeHh0K+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9661
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery function| webpackJsonp object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| Shadowserver object| google_tag_manager object| dataLayer object| wpcf7 object| hardypressSearch object| HardyPressSearch object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| wp object| recaptcha object| closure_lm_449812

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 204=WHOzJ0sL9tBqyav0FkkTPKBfpOa7oPSmzlbJpCVly3c8cO-X6gnSLzNWDa5BEqm8bWj7pA3rjuIbpDG41WI__7OqsT2iBbnGWi1hksGmS7_Gf6fW68OB1lSHE-SBTnlRM1TFnbfVHTRcO4ly4-luPvWlVoUZ2nV0F8xtvcwXWNk

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.shadowserver.org/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.shadowserver.org
fonts.googleapis.com
fonts.gstatic.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.shadowserver.org
2a00:1450:4001:815::2004
2a00:1450:4001:81a::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2003
2a00:1450:4001:824::2008
72.52.15.18
0464c3dd2d8a349acb7f07d10cb6fb2dc70e107207930bbb9ad3514c817c5d76
07b7ae64bf177ee3d3c50d951f936e72d19f5260ebd32cfacbc7db467ae91004
1160fb6c07f93bac02054f85a792961e1d162fc292e1a5dfc75c0c7e44ae0458
13e80e538a780cafcff886941d165e26d6a8c3e4a5d087add149710311022e28
16132caa5292431bace5fb47b53f333dc6bc7aa4a0c220f3dd4527ed3238fb3d
18150d6fe6f7d3bcb4344027b0e419b3e5ebc518d415a05af127a793666853fd
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
212d9139f5aeb7254565244b5d987f33ad159e9b29a0dd7d833d02785421c256
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
30972803318323d55255c6fd77e58c1afa276147b426d78c59b6b6d87976a2c7
3452b250097fe300cdf663e47a1ffacde1e1d938d1c29d5d8041405584ab1687
36f6a7cdcec4ba424ada1a340cb8747bd65124fff0f2ca91e7032f86852e45a9
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
50576e92db4feff35da9059127a4c09fc088b83de00bb6ea1f607378bfd775b7
53fbb44462bcb65e8dd8d4d396318a00c535f234b15bebecf0faef71a8af24c0
55be76321db3711b95c2c1b3a1cbd3afca1ebab12c7ca2315c84818c83490dd7
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
72ebfeb1ce24b152349b7a231f6fc29ff2a2b7a5ede91dcdb80d6b9de1779046
7e9e324458b7f29aa70490ebd12dfdf61e500ae213d5382e0618e8497d513649
890625d437517aa3c2392f3ac2df3e3fbebdac1bf6e91049b85f455a035edd00
ac3edb6873e89b2fc44b89d57a8d38f6a0ebccfca7a4e0247a142d250e9215a3
b4c25c228b710b69317601149950f191f012bf67de3cc00ad13259cb1768d688
b68459e8a7468bba316d1bdf0652976f01600492ae5faf3939be8413f054fbb9
b79183953fdbb285e45886918b8e47513ab91b861233c5369c828da3935cb946
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
cc4e91b18c7a5838f04f656a4ce1b14565839077f4b91578bcf6f5dee0a3f715
d6a3567935e374cef99f3c922ef6b788c1b7e5c468e35f371a60bd0ddcfdadcb
d8a41f9c69e5b69073edf417ddbd2a2faaa8a5816dc116955275446cc37a928f
dcd81919e259852ce3e34c1090c9af8238627c32cd2170e7a84c666461dd9e1a
e3f38eeabffa3691329faaa8d81af26445b8fe1398b7dd7509d08b0c97da7740
e41fc7ef05c0774a5ba90a8385c40d8027a1d2a3a3e03cfe726d92e4a7a4a8cd
e758d40cc3cd05efa2a1644e6bd9933c9938eacd78ab1bf57f0010ba2a603a52
e95eda11473d7b1c8f103dfb587c9c630bb5495a55a0febe0db80003abe0b2aa
fcf9a65d0252e0810e360b39e203f414677a193a8c7ea6a342a28d934a527a9d