www.mirus-it.co.uk Open in urlscan Pro
2606:4700::6811:73b4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784...
Submission: On September 24 via api (September 24th 2020, 5:34:33 pm UTC) from US

Summary HTTP 88 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 30 domains to perform 88 HTTP transactions. The main IP is 2606:4700::6811:73b4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mirus-it.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 21st 2020. Valid for: a year.

This is the only time www.mirus-it.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700::68... 2606:4700::6811:73b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	51.140.49.131 51.140.49.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	99.80.174.18 99.80.174.18	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5805	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
88	33

32 2606:4700::6811:73b4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mirus-it.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f4cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.49.131 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.leadforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:58e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress13

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.174.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	mirus-it.co.uk www.mirus-it.co.uk	445 KB
7	hubspot.com app.hubspot.com forms.hubspot.com track.hubspot.com	2 KB
7	google.com www.google.com	908 B
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
4	addthis.com s7.addthis.com m.addthis.com	190 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
2	hsforms.com perf.hsforms.com forms.hsforms.com	835 B
2	facebook.com www.facebook.com	406 B
2	facebook.net connect.facebook.net	166 KB
2	google.de www.google.de	194 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	licdn.com snap.licdn.com	3 KB
2	leadforensics.com secure.leadforensics.com	2 KB
1	twitter.com analytics.twitter.com	651 B
1	gstatic.com www.gstatic.com	133 KB
1	t.co t.co	368 B
1	usemessages.com js.usemessages.com	19 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hsleadflows.net js.hsleadflows.net	68 KB
1	hs-banner.com js.hs-banner.com	12 KB
1	addthisedge.com v1.addthisedge.com	710 B
1	hubapi.com api.hubapi.com	549 B
1	moatads.com z.moatads.com	1 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	hubspot.net cdn2.hubspot.net	2 KB
88	30

	Domain	Requested by
32	www.mirus-it.co.uk	www.mirus-it.co.uk js.usemessages.com
7	www.google.com	www.mirus-it.co.uk www.gstatic.com
4	track.hubspot.com
3	s7.addthis.com	www.mirus-it.co.uk s7.addthis.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	www.facebook.com	www.mirus-it.co.uk
2	connect.facebook.net	www.mirus-it.co.uk connect.facebook.net
2	www.google.de	www.mirus-it.co.uk
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	px.ads.linkedin.com	1 redirects www.mirus-it.co.uk
2	snap.licdn.com	www.mirus-it.co.uk snap.licdn.com
2	secure.leadforensics.com	www.mirus-it.co.uk secure.leadforensics.com
1	analytics.twitter.com	static.ads-twitter.com
1	forms.hsforms.com	www.mirus-it.co.uk
1	perf.hsforms.com	www.mirus-it.co.uk
1	www.gstatic.com	www.google.com
1	in.hotjar.com	script.hotjar.com
1	t.co	www.mirus-it.co.uk
1	vars.hotjar.com	static.hotjar.com
1	js.usemessages.com	www.mirus-it.co.uk
1	js.hs-analytics.net	www.mirus-it.co.uk
1	js.hscollectedforms.net	www.mirus-it.co.uk
1	js.hsadspixel.net	www.mirus-it.co.uk
1	js.hsleadflows.net	www.mirus-it.co.uk
1	js.hs-banner.com	www.mirus-it.co.uk
1	app.hubspot.com	www.mirus-it.co.uk
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	api.hubapi.com	www.mirus-it.co.uk
1	z.moatads.com	s7.addthis.com
1	static.ads-twitter.com	www.mirus-it.co.uk
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	www.linkedin.com	1 redirects
1	static.hotjar.com	www.mirus-it.co.uk
1	www.googletagmanager.com	www.mirus-it.co.uk
1	www.googleadservices.com	www.mirus-it.co.uk
1	cdn2.hubspot.net	www.mirus-it.co.uk
88	39

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
gitlab.com
chromereleases.googleblog.com
securityintelligence.com
www.facebook.com
www.linkedin.com
twitter.com
www.addthis.com

Subject Issuer	Validity	Valid
www.mirus-it.co.uk Cloudflare Inc ECC CA-3	`2020-07-21` - `2021-07-21`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.leadforensics.com Go Daddy Secure Certificate Authority - G2	`2019-11-28` - `2021-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.hotjar.com Amazon	`2020-08-29` - `2021-09-28`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Frame ID: 3F9A8194472A820D1A98103850FCB242
Requests: 81 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 291F40822B875926E77AC11A0232BCCC
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B5950FD95EE090A91FEB5BEFDBBB8C40
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 8696614FB2B91A02511D6F677C898E8A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly93d3cubWlydXMtaXQuY28udWs6NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&badge=inline&cb=70c62aap7xan
Frame ID: AF9E493EED0AE2E5E9D7B9958A65F7B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly93d3cubWlydXMtaXQuY28udWs6NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&badge=inline&cb=cvx1lc1mq2lf
Frame ID: 3BC5D9A4216B7D4E65415C6D38A5F999
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=c46ba4pm5n98
Frame ID: 38458AD192BD3CF1FC029ACEEDF911AB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=9grfj5tygjvq
Frame ID: 26DE3F7E2EC8D6E308C74AC8977AC04A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i

Page Statistics

88
Requests

99 %
HTTPS

73 %
IPv6

30
Domains

39
Subdomains

33
IPs

7
Countries

1227 kB
Transfer

3874 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/
Title: Firefox’s detailed security advisory, here.

Search URL Search Domain Scan URL

URL: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/tree/master/firefox-android-2020
Title: researcher Chris Moberley’s GitHub page

Search URL Search Domain Scan URL

URL: https://chromereleases.googleblog.com/2020/09/stable-channel-update-for-desktop_21.html
Title: over on their security advisory, here.

Search URL Search Domain Scan URL

URL: https://securityintelligence.com/posts/botnet-attack-mozi-mozied-into-town/
Title: X-Force’s write-up

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mirusitsupport/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mirus-it-solutions

Search URL Search Domain Scan URL

URL: https://twitter.com/mirusit

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=156961&time=1600968855388&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%20Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D156961%26time%3D1600968855388%26url%3Dhttps%253A%252F%252Fwww.mirus-it.co.uk%252Fthreat-thursday%252F24-09-maze-mozi-chrome-firefox%253Futm_campaign%253DThreat%2BThursday%2526utm_content%253D140784810%2526utm_medium%253Dsocial%2526utm_source%253Dtwitter%2526hss_channel%253Dtw-71201913%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=156961&time=1600968855388&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat+Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&liSync=true

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 24-09-maze-mozi-chrome-firefox Show response
www.mirus-it.co.uk/threat-thursday/ 64 KB
16 KB 913ms
855ms Document
text/html 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / HubSpot

Resource Hash

4620eaf503a694ca0d42c598101ef9809234b39fef8f80025658cb23f702d406

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: www.mirus-it.co.uk
:scheme: https
:path: /threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 24 Sep 2020 17:34:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d50e190d30c322232c1cc6c50327761491600968854; expires=Sat, 24-Oct-20 17:34:14 GMT; path=/; domain=.www.mirus-it.co.uk; HttpOnly; SameSite=Lax __cfruid=53143699fc16acc52e5f7162568ca04128f2459d-1600968855; path=/; domain=.www.mirus-it.co.uk; HttpOnly; Secure; SameSite=None
cache-control: s-maxage=30,max-age=5
etag: W/"9224f1153587f4d4c94bf41d5aeef0d4"
last-modified: Thu, 24 Sep 2020 15:08:15 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.86/js/post_listing_asset.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.86/js/comment_listing_asset.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>; rel=preload; as=script
strict-transport-security: max-age=0
cf-cache-status: REVALIDATED
cache-tag: CT-35316592935,P-1620496,L-4962967564,L-4963043419,L-5093744634,L-7238509057,E-4963038580,E-4963042350,MENU-4963047162,PGS-ALL,SW-4,GC-26909199957,GC-30597999690
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-35316592935,P-1620496,L-4962967564,L-4963043419,L-5093744634,L-7238509057,E-4963038580,E-4963042350,MENU-4963047162,PGS-ALL,SW-4,GC-26909199957,GC-30597999690
x-hs-cache-config: BrowserCache-5s-EdgeCache-30s
x-hs-combine-css: Disabled
x-hs-content-campaign-id: 297cbe3a-6691-43dc-8b67-b0012461afe5
x-hs-content-id: 35316592935
x-hs-hub-id: 1620496
x-powered-by: HubSpot
cf-request-id: 0562c723620000c2efac95b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5d7e414bdc61c2ef-FRA
content-encoding: br
cf-h2-pushed: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</hs/hsstatic/AsyncSupport/static-1.86/js/post_listing_asset.js>,</hs/hsstatic/AsyncSupport/static-1.86/js/comment_listing_asset.js>,</_hcms/forms/v2.js>,</hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js>

GET
H2 200 project.js Show response
www.mirus-it.co.uk/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
630 B 30ms
0ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 ec2068c87c2d80519a5753dcf9eaede7.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 300679
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41511ee0c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726b20000c2efac994200000001
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4xPWdTCMK_ol29sXEyujO8CRXc0Fa5bfIxQJCFtK7zHn4N3_xAOZkw==

GET
H2 200 post_listing_asset.js Show response
www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/js/ 3 KB
2 KB 20ms
0ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/js/post_listing_asset.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db899cb4fc9a9ff7b7312786e0eaf8a58294cc8e67b628536f3def0d1c908206

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 70e06614c0a8446cd4a80ab3436628d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 107141
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41511ee2c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726b20000c2efac995200000001
last-modified: Wed, 19 Aug 2020 22:23:28 GMT
server: cloudflare
etag: W/"720f1f0e6d1b57cd25eeed9d33a41e96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: XsCIgGLiVt2IX_IZzYVBIgGuOUDwhLqp
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: NGagA2WFnoGyJZWJHfXVEzVrBbyce7UiThHQOYNE_KvPyBm-CDkbhQ==

GET
H2 200 comment_listing_asset.js Show response
www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/js/ 8 KB
3 KB 21ms
0ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/js/comment_listing_asset.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8665fde2817bfcc92af1e3220e20942783eb81645eb963e4963c7d56d27a8fd7

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 41d17421c3cbd1f0e8a454b1a3df7a65.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 300679
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41511ee3c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726b20000c2efac996200000001
last-modified: Wed, 19 Aug 2020 22:23:28 GMT
server: cloudflare
etag: W/"867ea0be10deaac1d248db8924a11c23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: abU1eieSsxEbHv2sVGy52uQLm2GzPIn7
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: TqbF4NopBH310OeLtpNhrp7B9fGjmB-OCtXP1nSsh6pCyczgo2RXJA==

GET
H2 200 v2.js Show response
www.mirus-it.co.uk/_hcms/forms/ 472 KB
117 KB 186ms
0ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/_hcms/forms/v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c168c4c2b57ce0bd26874763d799bd446002204dac6f96ab81e12efdc7974242

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 316ff1e97338bc9bbb335af58b00d0ab.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD66-C2
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41511ee5c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726b20000c2efac997200000001
last-modified: Thu, 17 Sep 2020 03:08:01 UTC
server: cloudflare
etag: W/"cd6b67c54502c08c86d7650fd1fd770c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 4RPYMtP0cEaOXUe62hbvEkB4y3JYanbQ
cache-control: s-maxage=600, max-age=0
access-control-allow-credentials: false
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Ltua5kbPx_yvgzfkE3RyDlAS-bvFRQLyXr53vLwIM3AtSpnzhhVVmQ==

GET
H2 200 index.js Show response
www.mirus-it.co.uk/hs/hsstatic/HubspotToolsMenu/static-1.79/js/ 10 KB
3 KB 24ms
0ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 2cfc0bae5f623e4a6a6bc0939f1d71c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 300679
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41511ee6c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726b20000c2efac998200000001
last-modified: Mon, 14 Sep 2020 20:19:23 GMT
server: cloudflare
etag: W/"e669ca94e2fffafc96a88184dda30834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: RcBG9DPSu_6ZVzKnktPJ4cTzKi_y_4VM
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: CbKubpy1WsZxLqX45qy-HCvUsF8eCnNp0dUUMj8zGm3vaMUesjbGeg==

GET
H2 200 jquery-1.11.2.js Show response
www.mirus-it.co.uk/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
32 KB 40ms
37ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 cef2b4d24f9bca7ece48f6be33efd62c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 300679
cf-ray: 5d7e41513f1ec2ef-FRA
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 0562c726c70000c2efac99a200000001
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: lTYntdpYciD_GvPK4GpwY5zRiEQDlkAAlHyJiwpqhY2DQblo3yCMug==

GET
H2 200 font-awesome.min.css
www.mirus-it.co.uk/hubfs/font-awesome-4.7.0/css/ 30 KB
7 KB 35ms
32ms Stylesheet
text/css 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hubfs/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5312540534,P-1620496,FLS-ALL
age: 300678
edge-cache-tag: F-5312540534,P-1620496,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: B2413356F3577DD5
cf-request-id: 0562c726c70000c2efac99b200000001
last-modified: Tue, 10 Oct 2017 05:24:44 GMT
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-amz-id-2: cYVRms38vlqNCgacaxBi2Q0vc5Qk4UZMuJMczu0o7OglvGapqXn5lq1wddfAblzPRllSoBVHk1o=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: raQEIVqX4c2KdAK5CNKM0RDZbuPfwMKQ
x-amz-cf-pop: FRA6-C1
cf-ray: 5d7e41513f20c2ef-FRA
x-amz-cf-id: 3rJMy1ZfZ8Ny_rtofvXEzOKpbcFcbNsf8G4HPZUXWl0t_MMEMjMXyQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 slick-theme.css
www.mirus-it.co.uk/hubfs/slick-1.6.0/ 2 KB
1019 B 56ms
53ms Stylesheet
text/css 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hubfs/slick-1.6.0/slick-theme.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7c44005188739cb2fb9abca610ad2d2eea1c5b7e7a6bec2d96173a02caf6bf

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-6377899365,FD-5312525930,P-1620496,FLS-ALL
age: 300678
edge-cache-tag: F-6377899365,FD-5312525930,P-1620496,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 94AA203003DF195B
cf-request-id: 0562c726c70000c2efac99c200000001
last-modified: Tue, 23 Oct 2018 13:34:11 GMT
server: cloudflare
etag: W/"e0daebe422194128d4c38d17a38f6a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-amz-id-2: bqBSqj/q9PM5judDBPMUZAxhQWscfqUzznt8oaj1eO56JPJryEoy6NbCK1yNi7+eOZea5jamDPg=
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: 1uhZFfxrj9uzmgCItVBrjHLoGkIu1bUK
x-amz-cf-pop: FRA6-C1
cf-ray: 5d7e41513f23c2ef-FRA
x-amz-cf-id: Z4fqiTvwHqN-Vx9bG7SipQ9u5s-uTAc0tLtmvaY2-HFzmk2bam1Z4A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 comments_listing_asset.css
www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/sass/ 1 KB
776 B 37ms
35ms Stylesheet
text/css 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/sass/comments_listing_asset.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 895371b22358988c93ca9e5318fdf9784782e44efff401ea65d7171cd9a12bc6

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 de8f46f8f922c244bbc7d8b62cc964e9.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 300679
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41513f26c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726c70000c2efac99d200000001
last-modified: Wed, 19 Aug 2020 22:23:28 GMT
server: cloudflare
etag: W/"c968756b365e11e754dac723e04806b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cDiCbWChQNMI2lNYZRuXSatkCZCTPYhp
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: text/css
x-amz-cf-id: PFfHgYKPass_g-ZEvC0vN4YYIOJJHvzNpggsgVuxoEu65X6IDa1iKg==

GET
H2 200 rss_post_listing.css
www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/sass/ 910 B
485 B 33ms
31ms Stylesheet
text/css 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/sass/rss_post_listing.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 41d17421c3cbd1f0e8a454b1a3df7a65.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 111320
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41513f28c2ef-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c726c70000c2efac99e200000001
last-modified: Wed, 19 Aug 2020 22:23:28 GMT
server: cloudflare
etag: W/"e1b521ec14a912d6d385c21388ec7d79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 1LSDLQQY2N_i6uSXG_Fcur.LzIagr.xT
cache-control: s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-cf-pop: IAD66-C2
content-type: text/css
x-amz-cf-id: odMd9Pe392GH7gYTit4MqkMnceUaJR9Gk64ipbnAp1YeCLr1jrNAgA==

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/ 5 KB
2 KB 57ms
28ms Stylesheet
text/css 2606:4700::6811:f4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 1454377
status: 200
x-amz-meta-md5-hash: 0b0c633d59ab0af9553a98c0e7d97349
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 8
cf-request-id: 0562c726e200002c2a3f93a200000001
last-modified: Thu, 18 May 2017 21:11:43 GMT
server: cloudflare
etag: W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=7200, max-age=7200
x-amz-cf-pop: IAD89-C1
cf-ray: 5d7e415168712c2a-FRA
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 8

GET
H2 200 march2017-style.min.css
www.mirus-it.co.uk/hs-fs/hub/1620496/hub_generated/template_assets/4963042350/1592402481295/Coded_files/Custom/page/Mirus-march2017-theme/ 65 KB
12 KB 296ms
295ms Stylesheet
text/css 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs-fs/hub/1620496/hub_generated/template_assets/4963042350/1592402481295/Coded_files/Custom/page/Mirus-march2017-theme/march2017-style.min.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf8029348dc3f43a929eab7dc8d0416f7064efb7e4494c2d504dbffe90c25fd

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 90a702a7e21c444d32e69f4d93b07bb5.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD66-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: AA9ED6C704F81DA5
x-amz-id-2: FdDOYbKZO2eUsR6KpAat61GWCPng1KLzygIQCbIF5bxnt8k+5+nesSN9eMB25vl0iWihkcv8rAk=
last-modified: Wed, 17 Jun 2020 14:01:22 GMT
server: cloudflare
etag: W/"95037072bcfd4c06d8005acf6dbb2ee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: PoB.anv9l5jCeTE.RozbBwpkxRGms5Hy
cf-request-id: 0562c726c70000c2efac99f200000001
cf-ray: 5d7e41513f29c2ef-FRA
x-amz-cf-id: dCGyvrYSx8HfTBVsmDnnZsQE67151B0jNC5FTahBuUAKj-jvu61esw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 march2017-modules.min.css
www.mirus-it.co.uk/hs-fs/hub/1620496/hub_generated/template_assets/4963038580/1592402117113/Coded_files/Custom/page/Mirus-march2017-theme/ 35 KB
7 KB 305ms
304ms Stylesheet
text/css 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs-fs/hub/1620496/hub_generated/template_assets/4963038580/1592402117113/Coded_files/Custom/page/Mirus-march2017-theme/march2017-modules.min.css
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24d222bad42b5e8b79346310cf0163b646528538c224ed8777afb3a8e5837aa

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 8d6d65c40f49b96d1f700720137be26a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD66-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 0E9445C2CAECAD19
x-amz-id-2: y+5SKQ8Kkv5nkVGjPjGUOXYZw88jhGK/s8ecZ0pOC71worxICGxOuHi96fxOHxzBhpISTjSfM8Y=
last-modified: Wed, 17 Jun 2020 13:55:18 GMT
server: cloudflare
etag: W/"3a553049bc0f97cf38eb68203410936d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: IX7X5XRSaHzllIGpC0X5Pdhrh3RUec2V
cf-request-id: 0562c726c70000c2efac9a0200000001
cf-ray: 5d7e41513f2ac2ef-FRA
x-amz-cf-id: 8wqDXfdQiqUSErG-TucQuN4UGIpVTMSMokjWMfB-dgBeDPJFrDyKqA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Mirus_Logo_RGB_Reverse-1.png
www.mirus-it.co.uk/hs-fs/hubfs/ 2 KB
3 KB 45ms
33ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Mirus_Logo_RGB_Reverse-1.png?width=300&name=Mirus_Logo_RGB_Reverse-1.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5118de56a322353f2552e0c9cb1016ebae51320d944b5a1b2f0f2961af28d20a

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 122594
cf-polished: origFmt=png, origSize=5280
edge-cache-tag: F-30525066873,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Mirus_Logo_RGB_Reverse-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 2462
cf-request-id: 0562c727420000c2efac9a6200000001
x-amz-server-side-encryption: AES256
last-modified: Mon, 07 Sep 2020 04:27:23 GMT
server: cloudflare
x-cache: Miss from cloudfront
etag: "6a57491efeb98c03054fc96399d256bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208c0c2ef-FRA
x-amz-cf-id: 2G5nr3JJGuetRl3JQwAv1XJlotCpvCZb4NrxSE5cXLtjlweiOJUlzg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 contact_icn.svg
www.mirus-it.co.uk/hubfs/March-2017-Temp-Images/svg/ 449 B
702 B 59ms
48ms Image
image/svg+xml 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hubfs/March-2017-Temp-Images/svg/contact_icn.svg
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6737aeaf51b5ce3e96debff2096eca17f8b418a8536793d737904c212db94393

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5006983340,P-1620496,FLS-ALL
age: 300678
edge-cache-tag: F-5006983340,P-1620496,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 2A39223E6B15D33C
cf-request-id: 0562c727420000c2efac9a7200000001
x-amz-id-2: 3GNwyom7DDcmWHYtREZzO1IzeSPusM4cdvjRvRqa5cVVTYldktr7w9LJWgZY5IqIhjAzsU9z43s=
last-modified: Tue, 10 Oct 2017 05:19:41 GMT
server: cloudflare
etag: W/"df18e8730394f0f7602812a18bf45c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: nx4PnCvBckCaFOizrofzdymV1H5UCBGX
x-amz-cf-pop: FRA50-C1
cf-ray: 5d7e415208c2c2ef-FRA
x-amz-cf-id: eu9IRYGPfkJYuoor3V19LKl5AIncbkPKdOhNtrvmkYHH87HndEqOpg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 map_location_icn.svg
www.mirus-it.co.uk/hubfs/March-2017-Temp-Images/svg/ 538 B
825 B 41ms
29ms Image
image/svg+xml 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hubfs/March-2017-Temp-Images/svg/map_location_icn.svg
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ca45a318543e523bedc62a385b57463ad71f0ec49fc14d0709c8cdb9ac3f3e

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5006983372,P-1620496,FLS-ALL
age: 300678
edge-cache-tag: F-5006983372,P-1620496,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: AD5F6387E5947B48
cf-request-id: 0562c727420000c2efac9a8200000001
x-amz-id-2: uPr5T8aEC9RrebhMZQRRGGX5zWvGTZu7NW9xUsvDJplMkaZnKlyYtQYbeAK28rAV3B8GpKuODX8=
last-modified: Tue, 10 Oct 2017 05:19:44 GMT
server: cloudflare
etag: W/"ed201100557f1afb45f0ddf1e8a52601"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: ZkONSXvZCr2IJYPtbHFx_Av2j8_BWXMY
x-amz-cf-pop: FRA6-C1
cf-ray: 5d7e415208c3c2ef-FRA
x-amz-cf-id: KdvT4MD-6xLJclrDieBWxtu1bDqEA2EhmOT84TZ1-clNFP8qVopCfw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 email_icn.svg
www.mirus-it.co.uk/hubfs/March-2017-Temp-Images/svg/ 502 B
868 B 55ms
44ms Image
image/svg+xml 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hubfs/March-2017-Temp-Images/svg/email_icn.svg
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858c137ba0fa2fa9d52a78a8b26c06619be30d0bdc291631d679b599b86f2f2c

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5007126768,P-1620496,FLS-ALL
age: 300678
edge-cache-tag: F-5007126768,P-1620496,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-encoding: br
x-amz-request-id: 8N3JCG2Q2QBM9X6T
cf-request-id: 0562c727420000c2efac9a9200000001
x-amz-id-2: 3Ox0oYG5d4F1v7es1WLKz/Wxm5DWHdYi8u7Kn+K6BUNyDjQExGlrwE+YIrmCiNTx6CfIrDvInLY=
last-modified: Tue, 10 Oct 2017 05:19:56 GMT
server: cloudflare
etag: W/"619499d8cfd6fa0104278bc895594656"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: sD_myT8HoVtzPQ4y_iyFLsecihnzVM0b
x-amz-cf-pop: FRA6-C1
cf-ray: 5d7e415208c6c2ef-FRA
x-amz-cf-id: Bs4fSCqUBpR0Ct3Tp0wH4Ud5q2TKrPDyDVCJ_SAI_OqQ8tm0_YtV0A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Threat%20Thursday%20Blog%20Header%202409.jpg
www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/ 109 KB
110 KB 326ms
315ms Image
image/jpeg 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Threat%20Thursday%20Blog%20Header%202409.jpg?width=1600&name=Threat%20Thursday%20Blog%20Header%202409.jpg
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea77a8c9c32be8b68974758bea68b6845c7156c7e423572e0fde1846dc2ff42

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 2ad0cde89ab58d454177893ae4447f50.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 5d7e415208c7c2ef-FRA
edge-cache-tag: F-35316390434,FD-20473545075,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 111755
cf-request-id: 0562c727420000c2efac9aa200000001
x-amz-meta-index-tag: all
last-modified: Thu, 24 Sep 2020 10:48:55 GMT
server: cloudflare
etag: "ad91e0b9395ed1ea5ecbe8bc81268213"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1600944534677
content-type: image/jpeg
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: 0uwKE1gKw4QEnJQYp80HZbnF8DsHLTGVC2D7smopCIL9jqvTMQoXow==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 1.png
www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Blog%20Images/Threat%20Thursday%202409/ 9 KB
9 KB 63ms
52ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Blog%20Images/Threat%20Thursday%202409/1.png?width=152&name=1.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0b75abb866cc859fc14b8bf9f184d58639a8ef2826f9b7839714eca917b653

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 547c5e28f010be7961f641c3903c0954.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4845
cf-polished: origFmt=png, origSize=16235
edge-cache-tag: F-35319306973,FD-35319373487,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 8818
cf-request-id: 0562c727420000c2efac9ab200000001
x-amz-server-side-encryption: AES256
last-modified: Thu, 24 Sep 2020 13:20:57 GMT
server: cloudflare
x-cache: Miss from cloudfront
etag: "fa484b2412dd5bafd58519577ad84809"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208c9c2ef-FRA
x-amz-cf-id: VzqL68hX-aKsOBMRdEhPS57Z02uvRaq2Xi86Pex5Qh1mI3dfZ_y4-A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 2.png
www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Blog%20Images/Threat%20Thursday%202409/ 5 KB
6 KB 76ms
66ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Blog%20Images/Threat%20Thursday%202409/2.png?width=152&name=2.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b125f4c1d8f499abe6a2b7c9e16a0bf5da9e1d3c3978bee43a0e350cb5cf5b4

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 b5e757a7da6f6fe6261f56a8a9646881.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4844
cf-polished: origFmt=png, origSize=9402
edge-cache-tag: F-35319006784,FD-35319373487,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="2.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 5228
cf-request-id: 0562c727420000c2efac9ac200000001
x-amz-server-side-encryption: AES256
last-modified: Thu, 24 Sep 2020 13:20:57 GMT
server: cloudflare
x-cache: Miss from cloudfront
etag: "e8bf707e257816137d5836790df33124"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208cbc2ef-FRA
x-amz-cf-id: EujUYlEMaDOvwDEiCKTyJdeC_6zKwi4TeVBOrIxNoQ8IZMpFK58S_A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 3.png
www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Blog%20Images/Threat%20Thursday%202409/ 24 KB
24 KB 52ms
42ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Blog_post_images/2020/Blog%20Images/Threat%20Thursday%202409/3.png?width=152&name=3.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbdd618f559bd4216a5484e086afa815e1716c5bbf6e17efb5986e919c6ed24

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 ef6762d67d012a06d2761f42352c9e53.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4843
cf-polished: origFmt=png, origSize=35585
edge-cache-tag: F-35319306975,FD-35319373487,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="3.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 24174
cf-request-id: 0562c727420000c2efac9ad200000001
x-amz-server-side-encryption: AES256
last-modified: Thu, 24 Sep 2020 13:20:55 GMT
server: cloudflare
x-cache: Miss from cloudfront
etag: "fbad3a0762bdb7a458ebdf01ca757c33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208ccc2ef-FRA
x-amz-cf-id: y2oOGflLiSX1YBjVgiJrqQ8PHoVNoAC2n6y4R315baYI4Dr1vAxUfg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 linkedin.png
www.mirus-it.co.uk/hs-fs/hubfs/Social%20Icons/ 1 KB
2 KB 336ms
326ms Image
image/png 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Social%20Icons/linkedin.png?width=35&name=linkedin.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c0811029c25d5028bb55d2758b949d99a974e2885b465c1f7094bf9db382fe

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 85fc1201a1918facbeb30836e7391661.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-5478518360,FD-5478268802,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 1519
cf-request-id: 0562c727420000c2efac9ae200000001
last-modified: Mon, 07 Sep 2020 08:21:43 GMT
server: cloudflare
etag: "8b14e8740e55f91dcc37b10f094fa5fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5d7e415208cdc2ef-FRA
x-amz-cf-id: SSxTh72lDZV2FiGSopU-XSGdnWTefRnK-GR4NhFbFLzR033S9lzvAQ==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 twitter.png
www.mirus-it.co.uk/hs-fs/hubfs/Social%20Icons/ 478 B
1 KB 53ms
43ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Social%20Icons/twitter.png?width=33&name=twitter.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbeabce7d26ad4a9f287d296bd969b8f978eef8aaada39dde2dc0e4224515eed

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 148f45d892bd2198be5295012ed59888.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 122592
cf-polished: origFmt=png, origSize=1462
edge-cache-tag: F-5478268979,FD-5478268802,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="twitter.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 478
cf-request-id: 0562c727420000c2efac9af200000001
x-amz-server-side-encryption: AES256
last-modified: Wed, 09 Sep 2020 16:49:21 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "a241833921a94487daad60c8ec512d32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208d1c2ef-FRA
x-amz-cf-id: -HmIapxjbDNIGPs59lQck3iNjPInYN2H1Ub7DRSlV0omarR8XQ6Bdg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Facebook-logopng.png
www.mirus-it.co.uk/hs-fs/hubfs/ 404 B
776 B 48ms
39ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Facebook-logopng.png?width=27&name=Facebook-logopng.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea224defd17538b333fd7c248e0517c2efdcf659693210835a7e6b5fd8f1e329

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 f88487c9214731db4c82619c9183bf7b.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 122592
cf-polished: origFmt=png, origSize=1046
edge-cache-tag: F-11695324569,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Facebook-logopng.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 404
cf-request-id: 0562c727420000c2efac9b0200000001
x-amz-server-side-encryption: AES256
last-modified: Sat, 05 Sep 2020 12:13:49 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "98129968cbca74318fa2fb387b7bab74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208d3c2ef-FRA
x-amz-cf-id: NjIGQM6C76aLyWp09SWwg1B0uwwR9yuugVEgV9NfQrApZY0OIrzD8g==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 Mirus_Logo_RGB_Reverse-1.png
www.mirus-it.co.uk/hs-fs/hubfs/ 768 B
1 KB 49ms
39ms Image
image/webp 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirus-it.co.uk/hs-fs/hubfs/Mirus_Logo_RGB_Reverse-1.png?width=116&name=Mirus_Logo_RGB_Reverse-1.png
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3ace086128463a9609678e41fdaca0b1168adda9eceb1b6abe2d4cb2d6d3f6

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
via: 1.1 55b6418a8a2f714a67d8e4d292154ef3.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 111319
cf-polished: origFmt=png, origSize=1779
edge-cache-tag: F-30525066873,P-1620496,FLS-ALL
status: 200
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Mirus_Logo_RGB_Reverse-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 768
cf-request-id: 0562c727420000c2efac9b1200000001
x-amz-server-side-encryption: AES256
last-modified: Mon, 07 Sep 2020 04:54:57 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "dd37daae6d865d2b6209df5d9bd4cd78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-C1
accept-ranges: bytes
cf-ray: 5d7e415208d4c2ef-FRA
x-amz-cf-id: B6Mq_Vb_0T1QBcpnBx9FHpRo5ptv3O55H19NBGBWR2Nz9F_O9Uwxfg==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 1620496.js Show response
www.mirus-it.co.uk/hs/scriptloader/ 3 KB
712 B 257ms
248ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100a64cb4ad0303d113e0d07722a7832a440b4fc7d3b55b20d305f900fcc2538

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BDC8A290EE3D27669B5C95A40D89060D26272B8A4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60
access-control-allow-credentials: false
cf-ray: 5d7e415208d6c2ef-FRA
cf-request-id: 0562c727420000c2efac9b2200000001
expires: Thu, 24 Sep 2020 17:35:15 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 50ms
49ms Script
text/javascript 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

6ad80c3d7e4bdaf43e39825ca84c4af13ddcf0b6869284c3f781e9708757d06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11417
x-xss-protection: 0
server: cafe
etag: 18319899054604527704
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Sep 2020 17:34:15 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 44ms
43ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 24 Sep 2020 17:34:15 GMT
x-host: s7.addthis.com
content-length: 116323

GET
H/1.1 200
OK 14850.js Show response
secure.leadforensics.com/js/ 3 KB
2 KB 310ms
72ms Script
text/javascript 51.140.49.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.leadforensics.com/js/14850.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 42d8f504384e92d48127962a99085204d77f9a4ef26836bf959b075310386888

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 17:34:14 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 69 KB
27 KB 30ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKZ5QT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a1d3ad80b1ad44a792a19d7b84cbdeb5c05fcdae96be35d2fc3cd15ee3481c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27986
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Sep 2020 17:34:15 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 16ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 17:34:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=85236
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 hotjar-1222717.js Show response
static.hotjar.com/c/ 3 KB
2 KB 72ms
64ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1222717.js?sv=6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress13

Software

Resource Hash

71822db183832dede792a7c2abbbe48edde084c7aaf5ce61c9666dc1a8cfa752

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 0
status: 200
section-io-cache: Miss
vary: Accept-Encoding
content-length: 1502
cache-control: max-age=60
etag: W/20124b008e69d80097bee4420a3f08e6
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.019
accept-ranges: bytes
section-io-id: 256d2e3020dbc3f10fa903c4691ceca1
section-origin-responded: true

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 17:34:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=16067
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=156961&time=1600968855388&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%20Thursd...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D156961%26time%3D1600968855388%26url%3Dhttps%253A%252F%252Fwww.mirus-it.co.uk%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=156961&time=1600968855388&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat+Thursday...

0
41 B

108ms
107ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=156961&time=1600968855388&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat+Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&liSync=true
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: z2rPJbHINxYgeJVfwCoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: 7+SYILHINxaQ/UlK/CoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 8F9ECF4852F84B31A094B673B62F6901 Ref B: FRAEDGE1318 Ref C: 2020-09-24T17:34:15Z
x-frame-options: sameorigin
date: Thu, 24 Sep 2020 17:34:14 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=156961&time=1600968855388&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat+Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKZ5QT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3634
date: Thu, 24 Sep 2020 16:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 24 Sep 2020 18:33:41 GMT

GET
H2 200 modules.4ad81bb00d95f9e8b05d.js Show response
script.hotjar.com/ 360 KB
70 KB 57ms
56ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.4ad81bb00d95f9e8b05d.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222717.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress13
Software: /
Resource Hash: 6352a6b3bdf5373dcf75ff2cf98d51dc83481ce306280927afb49f6aa64ecaae

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:15 GMT
content-encoding: br
age: 29615
status: 200
section-io-cache: Hit
content-length: 71605
last-modified: Thu, 24 Sep 2020 09:15:39 GMT
etag: "1e819f5d605967a80a2f3cb95ebacd72"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.107
section-io-id: a606e75448450369e69db107b2faf664
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 14ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=898104289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&ul=en-us&de=UTF-8&dt=%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=194936301&gjid=2009125011&cid=64831207.1600968856&tid=UA-30988490-1&_gid=1189205751.1600968856&_r=1&gtm=2wg9g1WKZ5QT&z=62032742

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 17:34:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.mirus-it.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-30988490-1&cid=64831207.1600968856&jid=194936301&gjid=2009125011&_gid=1189205751.1600968856&_u=YEBAAAAAAAAAAC~&z=2039989259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Sep 2020 17:34:15 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.mirus-it.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 33ms
33ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-30988490-1&cid=64831207.1600968856&jid=194936301&_u=YEBAAAAAAAAAAC~&z=1253072521

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 17:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 31ms
31ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-30988490-1&cid=64831207.1600968856&jid=194936301&_u=YEBAAAAAAAAAAC~&z=1253072521

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 17:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
www.mirus-it.co.uk/hubfs/font-awesome-4.7.0/fonts/ 75 KB
76 KB 45ms
45ms Font
application/font-woff2 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/hubfs/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hubfs/font-awesome-4.7.0/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.mirus-it.co.uk
Referer: https://www.mirus-it.co.uk/hubfs/font-awesome-4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-meta-cache-tag: F-5312540644,P-1620496,FLS-ALL
age: 225477
edge-cache-tag: F-5312540644,P-1620496,FLS-ALL
status: 200
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: B70D2DF99B537EC5
cf-request-id: 0562c729e40000c2efac9db200000001
x-amz-id-2: OBjNiIjo1vsfpdpmNsv04TX2GSP2lvJd9PMbiJ7pRBl7iD6/TR9up8rjSGmXk/GUFSvn7RrLvvE=
accept-ranges: bytes
last-modified: Tue, 10 Oct 2017 05:24:44 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id: reNjLPM85ag4Mz2q_oIuM1RS_kw8F4nE
x-amz-cf-pop: FRA50-C1
content-length: 77160
cf-ray: 5d7e415639bcc2ef-FRA
x-amz-cf-id: Ye6wE0MaQ0Yqy43BMwhwT_yKK3b8QYTMbfYH4unjVY1Gw-6C-CW6Vw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11

GET
H2 200 fb8f12c9-ad19-4dca-9e4b-2cad50400e54 Show response
www.mirus-it.co.uk/_hcms/forms/embed/v3/form/1620496/ 10 KB
2 KB 176ms
175ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirus-it.co.uk/_hcms/forms/embed/v3/form/1620496/fb8f12c9-ad19-4dca-9e4b-2cad50400e54?callback=hs_reqwest_0&hutk=

Requested by

Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c372a414a8e9c31032238b20d35c63f08faf387baa58d93043f96ac5a07616

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-trace: 2B34FB78B49C7E437FA6EF6EF8B60D220315BE1BD7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
content-disposition: attachment; filename=no-rfd.txt
cf-ray: 5d7e4156fb52c2ef-FRA
cf-request-id: 0562c72a5c0000c2efac9e1200000001

GET
H2 200 6ca1e1d1-97ed-452d-80a0-f84af93267ac Show response
www.mirus-it.co.uk/_hcms/forms/embed/v3/form/1620496/ 10 KB
3 KB 172ms
171ms Script
application/javascript 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirus-it.co.uk/_hcms/forms/embed/v3/form/1620496/6ca1e1d1-97ed-452d-80a0-f84af93267ac?callback=hs_reqwest_1&hutk=

Requested by

Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38a90a363b65fbfbd6cf81da9e11f71055696269bbb9a534ef30b3ef9a92ce87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-trace: 2BE5033E4B4BAB4451006BA25E701561B8A7113615000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
content-disposition: attachment; filename=no-rfd.txt
cf-ray: 5d7e41570b5dc2ef-FRA
cf-request-id: 0562c72a600000c2efac9e2200000001

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: w/CLdsVppOYpPAXAs3grm7qZ8ZB/dLrwSRMSbDen/fNjSo4G/SV3wCR9zH4mYShe6VW1K7FuRI7/+J2WebiNlw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 24 Sep 2020 17:34:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065678253/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065678253/?random=1600968856163&cv=9&fst=1600968856163&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&tiba=%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

370ec0a91078c0d0da2bb97b4447667296faf21c2b37206d0c8353316f2cdb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1132
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 117ms
38ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
age: 72115
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4028-HHN
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1600968856.266451,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 123ms
41ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=38098
accept-ranges: bytes
content-length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H/1.1 200
OK Capture.aspx Show response
secure.leadforensics.com/Track/ 0
92 B 92ms
91ms Script
text/plain 51.140.49.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.leadforensics.com/Track/Capture.aspx?retType=js&trk_uid=&trk_user=14850&trk_sw=1600&trk_sh=1200&trk_ref=&trk_tit=%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates&trk_loc=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&trk_agn=Netscape&trk_agv=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36.lfcd24.lflngen-US&trk_dom=www.mirus-it.co.uk&trk_cookie=5d4efa4b-c675-4591-a27c-14037346a79f-c14850-sw1600-sh1200-ms1600968856228-r3251442
Requested by: Host: secure.leadforensics.com
URL: https://secure.leadforensics.com/js/14850.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 17:34:15 GMT
Content-Length: 0
Server: Kestrel

GET
H2 200 public Show response
api.hubapi.com/comments/v3/comments/thread/ 75 B
549 B 152ms
135ms Script
application/javascript 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/comments/v3/comments/thread/public?portalId=1620496&offset=0&limit=1000&contentId=35316592935&collectionId=19391827783&callback=jsonp_1600968856255_31654

Requested by

Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96382667f11e23b72d36bcdeb3cf7176ee561e3a959336683b3a1625bf1dda3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B09CBF7FC88C39AA3CBBED5B6C32B3E29A7689ACF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5d7e4157bcefc2ea-FRA
cf-request-id: 0562c72ad10000c2ea0e9df200000001

GET
H2 200 postlisting Show response
www.mirus-it.co.uk/_hcms/ 2 KB
534 B 162ms
162ms XHR
application/json 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/_hcms/postlisting?blogId=19391827783&maxLinks=5&listingType=recent&orderByViews=false&hs-expires=1632496094&hs-version=2&hs-signature=AJ2IBuGwrCiWBBfVKXKKqlJH180h9XaqAQ&currentUrl=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/hsstatic/AsyncSupport/static-1.86/js/post_listing_asset.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e808e1f7c2103801acd0dd8c8acb9520a42d54ca356b7b8078bbcc540a4a5d00

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5d7e41579c92c2ef-FRA
date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-trace: 2B5D1DF4E77BA7FD636E30785212C4153FFDE44C61000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
access-control-allow-credentials: false
x-robots-tag: none
cf-request-id: 0562c72ac20000c2efac9e6200000001

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-591c4666f259958f/ 1 KB
710 B 659ms
658ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-591c4666f259958f/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3666e230a15adfc0970811d9d3dd82ff3d64b05a5524ccd86a4c5a490fa0099

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
etag: -134662369--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 534

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 178ms
177ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f6cd8981dde5ecf&bkl=0&bl=1&pdt=925&sid=5f6cd8981dde5ecf&pub=ra-591c4666f259958f&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.mirus-it.co.uk&fp=threat-thursday%2F24-09-maze-mozi-chrome-firefox&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1600968856276&jsl=1&uvs=5f6cd8984654dc88000&skipb=1&callback=addthis.cbs.jsonp__062449868579562250
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 64625b6ef61cc87a228573c66205b3239bfe9d1e698da7697d23570a6bb4be5e

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 24 Sep 2020 17:34:16 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 291F 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B595 0
0 44ms
44ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 24 Sep 2020 17:34:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
427 B 158ms
128ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=1620496&callback=jsonpHandler

Requested by

Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/hsstatic/HubspotToolsMenu/static-1.79/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B527531BF9BD13A389B47F6C1889A2B5655D0075C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
status: 204
cache-control: max-age=0
access-control-allow-credentials: false
cf-ray: 5d7e4157fbed6377-FRA
cf-request-id: 0562c72aff0000637727b80200000001

GET
H2 200 1620496.js Show response
js.hs-banner.com/ 46 KB
12 KB 72ms
37ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/1620496.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1c26d6a0d31e2df8a7e024f23dcbfec4c96da3266bbfba91bf6efcb6e08fba

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=uNpzgw==, md5=dzib+Wj5pAYBy1QqA+I1gw==
date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-UwpS-kbBqF1Z7-HlRg7jBemh3b98lVE1RKQFvkLF6qcuap5FvRbF1MmquI09NS2EF6YvYG7jC7FxqB1NFJMVWc
x-goog-storage-class: STANDARD
status: 200
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 0562c72b2b00002b292a001200000001
timing-allow-origin: *
last-modified: Wed, 09 Sep 2020 14:44:48 GMT
server: cloudflare
etag: W/"77389bf968f9a40601cb542a03e23583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1599662688766117
access-control-allow-origin: https://www.mirus-it.co.uk
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 47229
cf-ray: 5d7e41584fe12b29-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 24 Sep 2020 17:39:16 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 411 KB
68 KB 66ms
32ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0df7e73cbc0768c0bedff98c883e3d5d1423e9805646c094670e9366a129d14

Request headers

Origin: https://www.mirus-it.co.uk
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
via: 1.1 603961b1b2dad8873023f00c2744bd6f.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 77342
x-amz-server-side-encryption: AES256
cf-ray: 5d7e415849e3d6e9-FRA
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c72b2b0000d6e9729eb200000001
last-modified: Thu, 03 Sep 2020 09:11:52 UTC
server: cloudflare
etag: W/"d6d87f6b69c9c3436cb524ac7790e207"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: P1C37XS8PnAD4aj9b8nHaKJeVCmooB.3
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Eun0QxeOmZ0PkgBd-2nYXrQyPyFXatWO7AydralpqxdCfl3g_YHX5w==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 48ms
15ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a8f002a9a8717596c63bc67fb90e34fe2273d480e8a5e59fa807e7f74d615a

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
via: 1.1 c974a69619205281e0e6b8e73f95e4b5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 469
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 0562c72b2b0000176eb20a2200000001
last-modified: Tue, 08 Sep 2020 03:54:36 UTC
server: cloudflare
etag: W/"5ece4efe27d3c9e898d737f56f5dfbb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: AGrJk1b8OS4VYnkrFU7ROm2e0Nb6MfLl
cache-control: max-age=600
x-amz-cf-pop: IAD89-C3
cf-ray: 5d7e41584e9b176e-FRA
x-amz-cf-id: lOnM9N_qepeF7Fv8QnTJnxn7QJWM2N13GsWC35W4pidFGWwbiBDxbA==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 90 KB
26 KB 71ms
39ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f

Request headers

Origin: https://www.mirus-it.co.uk
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
via: 1.1 30034d7efe222fd8a4ca5a31609cb495.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 8919
x-amz-server-side-encryption: AES256
cf-ray: 5d7e41584d9ac2b8-FRA
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0562c72b2b0000c2b81c80f200000001
last-modified: Thu, 20 Aug 2020 10:23:03 UTC
server: cloudflare
etag: W/"421b26f95ea43197174fcb344facb242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: IDP52L7B1Fr.Tl8ZOvcH4PutJxHgMsyE
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-amz-cf-pop: IAD66-C2
content-type: application/javascript; charset=utf-8
x-amz-cf-id: MaqjBWg4xfO4fj7omPQsU8SlQtxVnyIn6X5Vl7d5S01Vhy2ASXYlZQ==

GET
H2 200 1620496.js Show response
js.hs-analytics.net/analytics/1600968600000/ 60 KB
18 KB 730ms
700ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1600968600000/1620496.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 120758c37ff481d290f82539069fa8aae7569561852d5502691405b9fa5e0e24

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:17 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: B413FF2D6A9DA415
x-amz-server-side-encryption: AES256
cf-ray: 5d7e415848912c22-FRA
status: 200
x-amz-id-2: TfbIms6D6k5u8SBG86V7D6LCNraMM1hH3OAd5FmaEBoqc6FAA6OHhAX937/Rs64ggLMAyL7aur4=
last-modified: Mon, 24 Aug 2020 14:13:03 GMT
server: cloudflare
etag: W/"df44f3d542198a7bb983e7343aac9d04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0562c72b2b00002c2224b7d200000001
content-type: text/javascript
expires: Thu, 24 Sep 2020 17:39:16 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 75 KB
19 KB 53ms
18ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/hs/scriptloader/1620496.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676529fd5b7dd3241964ef9540dfab2e2c230899bf2903b64d8d1cb197ba0074

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
via: 1.1 4abbc8dea2f611b4eb50afc252d13327.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 432
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
cf-request-id: 0562c72b4200001e47673f5200000001
last-modified: Mon, 21 Sep 2020 12:49:07 UTC
server: cloudflare
etag: W/"cd04a8e6e78cd06f9e18fe4f4a7508e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: fy03yr8NI03EwMS4QLQju9a6DG6KOofc
cache-control: max-age=600
x-amz-cf-pop: IAD66-C2
cf-ray: 5d7e41586a371e47-FRA
x-amz-cf-id: oBWXcedrZ3Cb3OUQxpoIiTcVevvbaxTn1OdRBgW7FUDLjVVm2J4yLg==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 8696 0
0 61ms
57ms Document
text/html 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222717.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress13
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

status: 200
date: Thu, 24 Sep 2020 17:34:16 GMT
content-type: text/html
content-length: 851
last-modified: Thu, 24 Sep 2020 06:54:28 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.055
section-origin-responded: true
age: 38250
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 08098e3c253f4af9d6127d83293e8100

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1065678253/ 42 B
88 B 36ms
28ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1065678253/?random=1600968856163&cv=9&fst=1600966800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&tiba=%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates&fmt=3&is_vtc=1&random=2569744625&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 17:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1065678253/ 42 B
88 B 36ms
28ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1065678253/?random=1600968856163&cv=9&fst=1600966800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&tiba=%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates&fmt=3&is_vtc=1&random=2569744625&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 17:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1844482012441776 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 69ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1844482012441776?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

694e9e97620757e57f60c77e6d08a3cfe6aa57ce9ce741a693ae76da295f01ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MdpLSECxpvHSH1yjhyfe25BViTsS7dS85k6Zy50H9m3TrHcqlIF2lde0RsPcmDxeh8AzI8e/rM/Qm4CuCIrYkA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 24 Sep 2020 17:34:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
368 B 154ms
153ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nygn1&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Thu, 24 Sep 2020 17:34:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 898ffe93c55dc1b18c4a53a83e254454
x-transaction: 000a7c26009df102
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 918 B
714 B 16ms
15ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/_hcms/forms/v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9010f6d68ec286e8e0a2bfb1165077c06aac87015b7d53eec88f1c8e22244db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Thu, 24 Sep 2020 17:34:16 GMT

GET
H2 200 widget Show response
www.mirus-it.co.uk/_hcms/livechat/ 421 B
496 B 172ms
172ms XHR
application/json 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/_hcms/livechat/widget?portalId=1620496&conversations-embed=static-1.7458&mobile=false&messagesUtk=7314b6ef14894189a58d63b112ca360c&traceId=7314b6ef14894189a58d63b112ca360c
Requested by: Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62aa9a7048b540999e01ad00aa67160153348ec3e77258c673b2cf1107439c60

Request headers

X-HubSpot-Messages-Uri: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-trace: 2BAF80CE595E4AD42D62489AA80986914EB4142FA0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
status: 200
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5d7e415a8a47c2ef-FRA
content-length: 317
cf-request-id: 0562c72c900000c2efac9fd200000001

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1222717/ 178 B
320 B 239ms
84ms XHR
application/json 99.80.174.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1222717/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4ad81bb00d95f9e8b05d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.174.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/ 340 KB
133 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.mirus-it.co.uk
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 16:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3548
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136265
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 00:07:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Sep 2021 16:35:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 11ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1844482012441776&ev=PageView&dl=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&rl=&if=false&ts=1600968856799&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.2.1600968856798.1317506343&it=1600968856464&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Sep 2020 17:34:16 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
650 B 138ms
115ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=1620496&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5cd4f32e36dff6238f8f5f33e03c2caebfccf7d1a191ddaf51e96e4e131d056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0562c72d0400002c4ec2a79200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mirus-it.co.uk
access-control-allow-credentials: false
cf-ray: 5d7e415b3e562c4e-FRA
access-control-allow-headers: *

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame AF9E 0
0 25ms
25ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly93d3cubWlydXMtaXQuY28udWs6NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&badge=inline&cb=70c62aap7xan

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vxW2ikb+qAkxJug6y72vZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly93d3cubWlydXMtaXQuY28udWs6NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&badge=inline&cb=70c62aap7xan
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Sep 2020 17:34:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-vxW2ikb+qAkxJug6y72vZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10829
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 3BC5 0
0 23ms
22ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ieJznTvTmeURVkWwz9a1TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&co=aHR0cHM6Ly93d3cubWlydXMtaXQuY28udWs6NDQz&hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&size=invisible&badge=inline&cb=cvx1lc1mq2lf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Sep 2020 17:34:16 GMT
content-security-policy: script-src 'report-sample' 'nonce-ieJznTvTmeURVkWwz9a1TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11074
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
525 B 99ms
45ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=1620496

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B6B0072465933FBC1339C46CF04B53BB737CD8935000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5d7e415bd91e2b4d-FRA
content-length: 35
cf-request-id: 0562c72d6500002b4da9ae9200000001

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 46ms
44ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Thu, 24 Sep 2020 17:34:16 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
310 B 37ms
26ms Image
image/gif 2606:4700::6810:5805
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:17 GMT
cf-cache-status: MISS
server: cloudflare
x-trace: 2BA63733E96EA7BD6F1624F5651899ACB67EEE5B6E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5d7e415c5a7b2b4d-FRA
content-length: 35
cf-request-id: 0562c72db300002b4da9aef200000001

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 256ms
172ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nygn1&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 127
pragma: no-cache
last-modified: Thu, 24 Sep 2020 17:34:17 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: df0d1c490ef8007b9a336709d8582cad
x-transaction: 003ee71000b5b934
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
351 B 41ms
32ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=fb8f12c9-ad19-4dca-9e4b-2cad50400e54&fci=9824e75f-10ea-42b1-9ab9-1cb859b8e074&ft=4&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1620496&pi=35316592935&ct=blog-post&ccu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox&cpi=35316592935&cgi=19391827783&lpi=35316592935&lvi=35316592935&lvc=en&pu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&t=%23ThreatThursday+%7C+24th+September+2020+%7C+Cyber+Security+Updates&cts=1600968857513&vi=011b0678c511c4d3f3f94d18d5a6f06e&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5d7e415f9fa86377-FRA
date: Thu, 24 Sep 2020 17:34:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 0562c72fbf0000637727bae200000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 60ms
51ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=6ca1e1d1-97ed-452d-80a0-f84af93267ac&fci=da9c28a0-0a77-4360-979d-728b5412e4a2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1620496&pi=35316592935&ct=blog-post&ccu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox&cpi=35316592935&cgi=19391827783&lpi=35316592935&lvi=35316592935&lvc=en&pu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&t=%23ThreatThursday+%7C+24th+September+2020+%7C+Cyber+Security+Updates&cts=1600968857516&vi=011b0678c511c4d3f3f94d18d5a6f06e&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5d7e415f9fa96377-FRA
date: Thu, 24 Sep 2020 17:34:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 0562c72fbf0000637727baf200000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 55ms
47ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=6ca1e1d1-97ed-452d-80a0-f84af93267ac&fci=da9c28a0-0a77-4360-979d-728b5412e4a2&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1620496&pi=35316592935&ct=blog-post&ccu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox&cpi=35316592935&cgi=19391827783&lpi=35316592935&lvi=35316592935&lvc=en&pu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&t=%23ThreatThursday+%7C+24th+September+2020+%7C+Cyber+Security+Updates&cts=1600968857522&vi=011b0678c511c4d3f3f94d18d5a6f06e&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5d7e415f9fa56377-FRA
date: Thu, 24 Sep 2020 17:34:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 0562c72fbf0000637727bac200000001
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
129 B 41ms
33ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=1620496&pi=35316592935&ct=blog-post&ccu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox&cpi=35316592935&cgi=19391827783&lpi=35316592935&lvi=35316592935&lvc=en&pu=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&t=%23ThreatThursday+%7C+24th+September+2020+%7C+Cyber+Security+Updates&cts=1600968857524&vi=011b0678c511c4d3f3f94d18d5a6f06e&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5d7e415f9fa66377-FRA
date: Thu, 24 Sep 2020 17:34:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
content-length: 45
cf-request-id: 0562c72fbf0000637727bad200000001
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 14ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1844482012441776&ev=Microdata&dl=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913&rl=&if=false&ts=1600968857554&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates%22%2C%22meta%3Adescription%22%3A%22It%E2%80%99s%20a%20browser%20bonanza%20in%20this%20week%E2%80%99s%20Threat%20Thursday%2C%20with%20multiple%20cyber%20security%20updates%20across%20Chrome%20and%20Firefox%20for%20Windows%2C%20Mac%20and%20Linux.%20%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22It%E2%80%99s%20a%20browser%20bonanza%20in%20this%20week%E2%80%99s%20Threat%20Thursday%2C%20with%20multiple%20cyber%20security%20updates%20across%20Chrome%20and%20Firefox%20for%20Windows%2C%20Mac%20and%20Linux.%20%22%2C%22og%3Atitle%22%3A%22%23ThreatThursday%20%7C%2024th%20September%202020%20%7C%20Cyber%20Security%20Updates%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.mirus-it.co.uk%2Fhubfs%2FBlog_post_images%2F2020%2FThreat%2520Thursday%2520Blog%2520Header%25202409.jpg%23keepProtocol%22%2C%22og%3Aimage%3Awidth%22%3A%221600%22%2C%22og%3Aimage%3Aheight%22%3A%221000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.2.1600968856798.1317506343&it=1600968856464&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Sep 2020 17:34:17 GMT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 3845 0
0 19ms
17ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=c46ba4pm5n98

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pWsO/uJb2vdWOMKjGwU9fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=c46ba4pm5n98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Sep 2020 17:34:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-pWsO/uJb2vdWOMKjGwU9fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1172
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 26DE 0
0 26ms
16ms Document
text/html 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=9grfj5tygjvq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uUzXMxpmSi57gKCIERPzwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=yXSLJBpiFoTYkexaPhFknpU7&k=6Lc2_RsUAAAAAAYBSd4rxsgeQz7whuL9COCsHeET&cb=9grfj5tygjvq
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Sep 2020 17:34:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-uUzXMxpmSi57gKCIERPzwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1173
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 perf Show response
www.mirus-it.co.uk/_hcms/ 2 B
391 B 156ms
156ms XHR
text/plain 2606:4700::6811:73b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirus-it.co.uk/_hcms/perf
Requested by: Host: www.mirus-it.co.uk
URL: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

cf-ray: 5d7e4171b958c2ef-FRA
date: Thu, 24 Sep 2020 17:34:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B2AAFC5CDF4B40EDB699E654BDAA7DBF5DBDE094C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
status: 200
access-control-allow-credentials: false
x-robots-tag: none
content-length: 2
cf-request-id: 0562c73b170000c2efacb09200000001

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
465 B 145ms
145ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1620496&contentId=35316592935&currentUrl=https%3A%2F%2Fwww.mirus-it.co.uk%2Fthreat-thursday%2F24-09-maze-mozi-chrome-firefox%3Futm_campaign%3DThreat%2520Thursday%26utm_content%3D140784810%26utm_medium%3Dsocial%26utm_source%3Dtwitter%26hss_channel%3Dtw-71201913

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0f58130e15ab67f76893075b879c314d217e16cdba1ceebf9aa5554afbca147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.mirus-it.co.uk/threat-thursday/24-09-maze-mozi-chrome-firefox?utm_campaign=Threat%20Thursday&utm_content=140784810&utm_medium=social&utm_source=twitter&hss_channel=tw-71201913
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 17:34:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0562c7536d00002c4ec298a200000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.mirus-it.co.uk
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 5d7e4198ac242c4e-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mirus-it.co.uk/	1970-01-19 14:52:24	Name: _fbp Value: fb.2.1600968856798.1317506343

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.hubapi.com
app.hubspot.com
cdn2.hubspot.net
connect.facebook.net
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
m.addthis.com
perf.hsforms.com
px.ads.linkedin.com
s7.addthis.com
script.hotjar.com
secure.leadforensics.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
track.hubspot.com
v1.addthisedge.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.mirus-it.co.uk
z.moatads.com
s7.addthis.com
104.244.42.133
104.244.42.67
147.75.84.91
151.101.112.157
172.217.16.162
23.210.248.44
23.210.250.213
2606:4700::6810:5805
2606:4700::6811:44b0
2606:4700::6811:73b0
2606:4700::6811:73b4
2606:4700::6811:83ab
2606:4700::6811:cbcc
2606:4700::6811:eacc
2606:4700::6811:edcc
2606:4700::6811:f4cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:809::2003
2a00:1450:4001:809::2008
2a00:1450:4001:81f::2002
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9a
2a02:26f0:10c:58e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
51.140.49.131
99.80.174.18
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0ea77a8c9c32be8b68974758bea68b6845c7156c7e423572e0fde1846dc2ff42
100a64cb4ad0303d113e0d07722a7832a440b4fc7d3b55b20d305f900fcc2538
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120758c37ff481d290f82539069fa8aae7569561852d5502691405b9fa5e0e24
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
20ca45a318543e523bedc62a385b57463ad71f0ec49fc14d0709c8cdb9ac3f3e
2698f18de870d08f9b84a9e741e1ca17697c8a8ef90703564579bb42ae579d82
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
370ec0a91078c0d0da2bb97b4447667296faf21c2b37206d0c8353316f2cdb70
38a90a363b65fbfbd6cf81da9e11f71055696269bbb9a534ef30b3ef9a92ce87
42d8f504384e92d48127962a99085204d77f9a4ef26836bf959b075310386888
4620eaf503a694ca0d42c598101ef9809234b39fef8f80025658cb23f702d406
4d7c44005188739cb2fb9abca610ad2d2eea1c5b7e7a6bec2d96173a02caf6bf
5118de56a322353f2552e0c9cb1016ebae51320d944b5a1b2f0f2961af28d20a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a1d3ad80b1ad44a792a19d7b84cbdeb5c05fcdae96be35d2fc3cd15ee3481c0
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62aa9a7048b540999e01ad00aa67160153348ec3e77258c673b2cf1107439c60
6352a6b3bdf5373dcf75ff2cf98d51dc83481ce306280927afb49f6aa64ecaae
64625b6ef61cc87a228573c66205b3239bfe9d1e698da7697d23570a6bb4be5e
6737aeaf51b5ce3e96debff2096eca17f8b418a8536793d737904c212db94393
676529fd5b7dd3241964ef9540dfab2e2c230899bf2903b64d8d1cb197ba0074
694e9e97620757e57f60c77e6d08a3cfe6aa57ce9ce741a693ae76da295f01ae
6ad80c3d7e4bdaf43e39825ca84c4af13ddcf0b6869284c3f781e9708757d06c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71822db183832dede792a7c2abbbe48edde084c7aaf5ce61c9666dc1a8cfa752
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c3ace086128463a9609678e41fdaca0b1168adda9eceb1b6abe2d4cb2d6d3f6
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
82c372a414a8e9c31032238b20d35c63f08faf387baa58d93043f96ac5a07616
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858c137ba0fa2fa9d52a78a8b26c06619be30d0bdc291631d679b599b86f2f2c
8665fde2817bfcc92af1e3220e20942783eb81645eb963e4963c7d56d27a8fd7
895371b22358988c93ca9e5318fdf9784782e44efff401ea65d7171cd9a12bc6
8b125f4c1d8f499abe6a2b7c9e16a0bf5da9e1d3c3978bee43a0e350cb5cf5b4
8f1c26d6a0d31e2df8a7e024f23dcbfec4c96da3266bbfba91bf6efcb6e08fba
96382667f11e23b72d36bcdeb3cf7176ee561e3a959336683b3a1625bf1dda3a
9c277da20a770eea8a7b34967e336fbbec3c0060f7acac2d65e427bfd5d9874f
9cbdd618f559bd4216a5484e086afa815e1716c5bbf6e17efb5986e919c6ed24
a0f58130e15ab67f76893075b879c314d217e16cdba1ceebf9aa5554afbca147
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c168c4c2b57ce0bd26874763d799bd446002204dac6f96ab81e12efdc7974242
ccf8029348dc3f43a929eab7dc8d0416f7064efb7e4494c2d504dbffe90c25fd
d0df7e73cbc0768c0bedff98c883e3d5d1423e9805646c094670e9366a129d14
d24d222bad42b5e8b79346310cf0163b646528538c224ed8777afb3a8e5837aa
d3666e230a15adfc0970811d9d3dd82ff3d64b05a5524ccd86a4c5a490fa0099
d5a8f002a9a8717596c63bc67fb90e34fe2273d480e8a5e59fa807e7f74d615a
d5cd4f32e36dff6238f8f5f33e03c2caebfccf7d1a191ddaf51e96e4e131d056
d9010f6d68ec286e8e0a2bfb1165077c06aac87015b7d53eec88f1c8e22244db
db899cb4fc9a9ff7b7312786e0eaf8a58294cc8e67b628536f3def0d1c908206
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd3eb59038a5df086653388d9394fed2f2f1d72d9c01cfdc4920247a9d371e83
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e808e1f7c2103801acd0dd8c8acb9520a42d54ca356b7b8078bbcc540a4a5d00
e9c0811029c25d5028bb55d2758b949d99a974e2885b465c1f7094bf9db382fe
ea224defd17538b333fd7c248e0517c2efdcf659693210835a7e6b5fd8f1e329
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ee0b75abb866cc859fc14b8bf9f184d58639a8ef2826f9b7839714eca917b653
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fbeabce7d26ad4a9f287d296bd969b8f978eef8aaada39dde2dc0e4224515eed

www.mirus-it.co.uk Open in urlscan Pro 2606:4700::6811:73b4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

88 Requests

99 %HTTPS

73 %IPv6

30 Domains

39 Subdomains

33 IPs

7 Countries

1227 kBTransfer

3874 kBSize

1 Cookies

8 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mirus-it.co.uk Open in urlscan Pro
2606:4700::6811:73b4 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

99 %
HTTPS

73 %
IPv6

30
Domains

39
Subdomains

33
IPs

7
Countries

1227 kB
Transfer

3874 kB
Size

1
Cookies

88 HTTP transactions
0 data transactions