blog.sekoia.io Open in urlscan Pro
35.214.255.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkd.in/e96U9FfT
Effective URL:
https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Submission: On February 22 via manual (February 22nd 2024, 4:44:34 pm UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 24 domains to perform 88 HTTP transactions. The main IP is 35.214.255.233, located in Groningen, Netherlands and belongs to GOOGLE, US. The main domain is blog.sekoia.io.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on January 9th 2024. Valid for: a year.

This is the only time blog.sekoia.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.214.255.233 35.214.255.233	15169 (GOOGLE) (GOOGLE)
32	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7d0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:50ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:5a9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2a09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.192.243.198 23.192.243.198	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	130.248.173.59 130.248.173.59	15224 (OMNITURE) (OMNITURE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:be59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
88	29

4 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lnkd.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.255.233 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 233.255.214.35.bc.googleusercontent.com

blog.sekoia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

t7f4e9n3.rocketcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7d0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5a9a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2a09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.243.198 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-243-198.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.248.173.59 (United States)

ASN15224 (OMNITURE, US)

362-pti-203.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:be59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	rocketcdn.me t7f4e9n3.rocketcdn.me	4 MB
9	gstatic.com fonts.gstatic.com	268 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	485 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4538 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4459 track.hubspot.com — Cisco Umbrella Rank: 2372 forms.hubspot.com — Cisco Umbrella Rank: 5253	32 KB
4	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 362 px4.ads.linkedin.com — Cisco Umbrella Rank: 6425	2 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2707 www.google.com — Cisco Umbrella Rank: 2	769 B
3	google.de www.google.de — Cisco Umbrella Rank: 6575	622 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 86	440 B
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2217	29 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 712 script.hotjar.com — Cisco Umbrella Rank: 944	63 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3707	6 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4301 perf-na1.hsforms.com — Cisco Umbrella Rank: 4877	2 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4510 forms.hscollectedforms.net — Cisco Umbrella Rank: 4634	26 KB
2	sekoia.io blog.sekoia.io	56 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 6442	1 KB
1	mktoresp.com 362-pti-203.mktoresp.com	318 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 800	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	865 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2669	258 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2213	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 5018	88 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3140	4 KB
1	lnkd.in 1 redirects lnkd.in — Cisco Umbrella Rank: 50220	478 B
88	24

	Domain	Requested by
32	t7f4e9n3.rocketcdn.me	blog.sekoia.io
9	fonts.gstatic.com	blog.sekoia.io fonts.googleapis.com
6	www.googletagmanager.com	blog.sekoia.io www.googletagmanager.com
3	px.ads.linkedin.com	2 redirects snap.licdn.com
3	www.google.de	blog.sekoia.io
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	js.hs-banner.com	t7f4e9n3.rocketcdn.me js.hs-banner.com
2	track.hubspot.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	munchkin.marketo.net	blog.sekoia.io munchkin.marketo.net
2	static.hotjar.com	blog.sekoia.io www.googletagmanager.com
2	blog.sekoia.io	t7f4e9n3.rocketcdn.me
1	forms.hubspot.com	js.hsleadflows.net
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	www.google.com	blog.sekoia.io
1	px4.ads.linkedin.com	blog.sekoia.io
1	362-pti-203.mktoresp.com	munchkin.marketo.net
1	snap.licdn.com	www.googletagmanager.com
1	fonts.googleapis.com	js.hs-banner.com
1	perf-na1.hsforms.com	blog.sekoia.io
1	forms.hsforms.com	blog.sekoia.io
1	vc.hotjar.io	script.hotjar.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	script.hotjar.com	static.hotjar.com
1	js.hscollectedforms.net	t7f4e9n3.rocketcdn.me
1	js.hubspot.com	t7f4e9n3.rocketcdn.me
1	js.hs-analytics.net	t7f4e9n3.rocketcdn.me
1	js.hsleadflows.net	t7f4e9n3.rocketcdn.me
1	js.hsadspixel.net	t7f4e9n3.rocketcdn.me
1	lnkd.in	1 redirects
88	32

This site contains links to these domains. Also see Links.

Domain
sekoia.storylane.io
www.sekoia.io
fr.sentinelone.com
www.coveware.com
twitter.com
www.resecurity.com
intel471.com
krebsonsecurity.com
www.justice.gov
www.group-ib.com
www.microsoft.com
sec.okta.com
help.mega.io
github.com
www.silentpush.com
www.crowdstrike.com
www.mandiant.com
www.sentinelone.com
www.trendmicro.com
unit42.paloaltonetworks.com
permiso.io
www.cisa.gov
www.facebook.com
www.linkedin.com
www.reddit.com

Subject Issuer	Validity	Valid
*.sekoia.io AlphaSSL CA - SHA256 - G4	`2024-01-09` - `2025-02-09`	a year	crt.sh
*.rocketcdn.me R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Frame ID: C083A18A86A68C01640EC6F0FBCAE876
Requests: 97 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scattered Spider laying new eggs - Sekoia.io Blog

Page URL History Show full URLs

https://lnkd.in/e96U9FfT HTTP 301
https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

88
Requests

99 %
HTTPS

75 %
IPv6

24
Domains

32
Subdomains

29
IPs

4
Countries

5018 kB
Transfer

7541 kB
Size

15
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://sekoia.storylane.io/share/kjzft6wb47op
Title: Interactive demo

Search URL Search Domain Scan URL

URL: https://www.sekoia.io/en/newsletter/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://fr.sentinelone.com/wp-content/uploads/2024/01/Watchtower_2023_EOY_rd4.pdf
Title: associates

Search URL Search Domain Scan URL

URL: https://www.coveware.com/blog/2023/10/27/scattered-ransomware-attribution-blurs-focus-on-ir-fundamentals
Title: links

Search URL Search Domain Scan URL

URL: https://twitter.com/likethecoins/status/1702439666350166520
Title: assess

Search URL Search Domain Scan URL

URL: https://www.resecurity.com/blog/article/ransomedvc-in-the-spotlight-what-is-known-about-the-ransomware-group-targeting-major-japanese-businesses/
Title: 17-22 years old

Search URL Search Domain Scan URL

URL: https://intel471.com/blog/looking-ahead-cybersecurity-challenges-in-2024
Title: refers

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2024/01/fla-man-charged-in-sim-swapping-spree-is-key-suspect-in-hacker-groups-oktapus-scattered-spider/
Title: reported

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-mdfl/pr/palm-coast-man-arrested-wire-fraud-and-aggravated-identity-theft-charges
Title: arrested

Search URL Search Domain Scan URL

URL: https://www.group-ib.com/blog/0ktapus/
Title: 130

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2023/02/hackers-claim-they-breached-t-mobile-more-than-100-times-in-2022/
Title: accessed

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://sec.okta.com/scatterswine
Title: cryptocurrency

Search URL Search Domain Scan URL

URL: https://help.mega.io/security/compliance/legal-requests
Title: storage

Search URL Search Domain Scan URL

URL: https://github.com/meganz/MEGAsync
Title: Gi

Search URL Search Domain Scan URL

URL: https://www.silentpush.com/blog/scattered-spider/
Title: reported

Search URL Search Domain Scan URL

URL: https://github.com/SEKOIA-IO/Community/blob/main/IOCs/ScatteredSpider/20240220_ScatteredSpider_IOC.csv
Title: here

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/
Title: [CrowdStrike] Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Tar-geting Telco and BPO Companies

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/hunting-attestation-signed-malware
Title: [Mandiant] I Solemnly Swear My Driver Is Up to No Good: Hunting for Attestation SignedMalware

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers/
Title: [SentinelOne] Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Mi-crosoft Drivers

Search URL Search Domain Scan URL

URL: https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-vulnerable-driver-tactic/
Title: [CrowdStrike] SCATTERED SPIDER Exploits Windows Security Deficiencies with Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/sim-swapping-abuse-azure-serial
Title: [Mandiant] SIM Swapping and Abuse of the Microsoft Azure Serial Console: Serial Is Part ofa Well Balanced Attack

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_ph/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver.html
Title: [Trend Micro] BlackCat Ransomware Deploys New Signed Kernel Driver

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/muddled-libra/
Title: [Unit42] Threat Group Assessment: Muddled Libra (Updated), 21/06/2023, up

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/unc3944-sms-phishing-sim-swapping-ransomware
Title: [Mandiant] Why Are You Texting Me? UNC3944 Leverages SMS Phishing Campaigns for SIMSwapping, Ransomware, Extortion, and Notoriety

Search URL Search Domain Scan URL

URL: https://permiso.io/blog/lucr-3-scattered-spider-getting-saas-y-in-the-cloud/
Title: [Permiso] LUCR-3: SCATTERED SPIDER GETTING SAAS-Y IN THE CLOUD

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
Title: [CISA] Scattered Spider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Scattered%20Spider%20laying%20new%20eggs&url=https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://blog.sekoia.io/scattered-spider-laying-new-eggs/&title=Scattered%20Spider%20laying%20new%20eggs

Search URL Search Domain Scan URL

URL: https://www.sekoia.io/en/you-are/
Title: Discover Sekoia SOC platform

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkd.in/e96U9FfT HTTP 301
https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQLS3wFcgHDjxQAAAY3RtEYYhaYahw6MOhv0FTqkHshJFReMwv6NEbjREznI-V3_TUShlQMuZQXSu0KEej_dRhODCFucSg

88 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.sekoia.io/scattered-spider-laying-new-eggs/
Redirect Chain

https://lnkd.in/e96U9FfT
https://blog.sekoia.io/scattered-spider-laying-new-eggs/

344 KB
54 KB

230ms
77ms

Document
text/html

35.214.255.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.214.255.233 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

233.255.214.35.bc.googleusercontent.com

Software

nginx / WP Rocket/3.15.9

Resource Hash

be573861a526efd7d692161951683a2cdb45137270f7ee57879d1960c7cf99de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, public
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 16:44:27 GMT
expires: Thu, 22 Feb 2024 16:44:27 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
server: nginx
vary: Accept-Encoding User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-httpd-modphp: 1
x-powered-by: WP Rocket/3.15.9
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Thu, 22 Feb 2024 16:44:26 GMT
location: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-cache: TCP_HIT
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
x-li-uuid: AAYR+v4XMneqdDy2WCo+8Q==
x-msedge-ref: Ref A: 0EFE30DE2542459FA74D97CB3C27C358 Ref B: FRAEDGE1207 Ref C: 2024-02-22T16:44:27Z

GET
H2 200 fa-brands-400.woff2
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/fontawesome/webfonts/ 73 KB
73 KB 119ms
40ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/16/2024 15:34:54
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 74288
last-modified: Wed, 04 Jan 2023 15:13:13 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63b59789-12230"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2f1afe3b120cd0756b98871c30f52a26
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/fontawesome/webfonts/fa-brands-400.woff2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 fa-regular-400.woff2
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/fontawesome/webfonts/ 15 KB
15 KB 119ms
40ms Font
font/woff2 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:01
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 14872
last-modified: Wed, 04 Jan 2023 15:13:13 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63b59789-3a18"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: bf26c9063757c74bdfe187101c4a4800
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/fontawesome/webfonts/fa-regular-400.woff2>; rel="canonical"
cdn-requestpullsuccess: True

GET
H2 200 o-0kIpQlx3QUlC5A4PNr4C5OaxRsfNNlKbCePevHtVtX57DGjDU1QDce2VDSyA.woff2
fonts.gstatic.com/s/notosans/v36/ 14 KB
14 KB 881ms
833ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0kIpQlx3QUlC5A4PNr4C5OaxRsfNNlKbCePevHtVtX57DGjDU1QDce2VDSyA.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50ee69eaa26f0d0f1b40bbbf32dd02ef15ff00c9be25938512ebc1e1d3ec2506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 00:29:53 GMT
x-content-type-options: nosniff
age: 144874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14068
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:38:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 00:29:53 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5aDdu2ui.woff2
fonts.gstatic.com/s/notosans/v36/ 137 KB
138 KB 903ms
855ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5aDdu2ui.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

406d989410e957ba00f65d333ce8fffae02bc075a8429ad749022a3883e23880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 08:02:30 GMT
x-content-type-options: nosniff
age: 117717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140764
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 08:02:30 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 973ms
926ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:39:17 GMT
x-content-type-options: nosniff
age: 119110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:39:17 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
9 KB 930ms
883ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:41:28 GMT
x-content-type-options: nosniff
age: 118979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8668
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:41:28 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 979ms
932ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:40:15 GMT
x-content-type-options: nosniff
age: 119052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:40:15 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 926ms
879ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:37:36 GMT
x-content-type-options: nosniff
age: 119211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:37:36 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 795ms
748ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 21:48:10 GMT
x-content-type-options: nosniff
age: 68177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 21:48:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
68 KB 811ms
761ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8T6VX2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be623e3f632dab13d703cd3f71cc438122aeec10f930be80a3d57b1dbd4c2c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68833
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Feb 2024 16:44:27 GMT

GET
H2 200 feather.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/plugins/notizia-reading-center/assets/libraries/feather-icons/ 74 KB
19 KB 84ms
39ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/plugins/notizia-reading-center/assets/libraries/feather-icons/feather.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:11:12 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59710-12803"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: b17df3908d6faf164059ce417653416f
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/plugins/notizia-reading-center/assets/libraries/feather-icons/feather.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
t7f4e9n3.rocketcdn.me/wp-includes/js/jquery/ 85 KB
29 KB 111ms
67ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 11 Aug 2023 10:22:55 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64d60bff-155ba"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 5c5502f6584675acf17a26257fc50e1d
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.0>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-migrate.min.js Show response
t7f4e9n3.rocketcdn.me/wp-includes/js/jquery/ 13 KB
5 KB 90ms
46ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 11 Aug 2023 10:22:55 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64d60bff-3509"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: c46267b4ad4f384be24298a65d19f859
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 script.js Show response
t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/notizia-reading-center/assets/js/ 3 KB
1 KB 87ms
43ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/notizia-reading-center/assets/js/script.js?ver=1705682632
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: a0d478be906f7f503f03ea807d06e01a92064709c42038f0c555cc44091fe57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Thu, 26 Oct 2023 16:39:50 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"653a9656-bcd"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: f3eea136bd4ed1aa283e44f64550cb2c
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/cache/min/1/wp-content/plugins/notizia-reading-center/assets/js/script.js?ver=1698338390>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ajax.js Show response
t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/notizia-reading-center/assets/js/ 12 KB
2 KB 111ms
67ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/wp-content/plugins/notizia-reading-center/assets/js/ajax.js?ver=1705682632
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 36ce8abfd51e57c8a40035d50183afbceeb2ec0c895903579b3b372b79fc6d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Thu, 26 Oct 2023 16:39:50 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"653a9656-30a4"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 22fed5fb02bea48f58c83f39b255f5fc
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/cache/min/1/wp-content/plugins/notizia-reading-center/assets/js/ajax.js?ver=1698338390>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 script.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/plugins/notizia-tools/assets/js/ 35 KB
5 KB 87ms
44ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/plugins/notizia-tools/assets/js/script.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 1b0e165a72588997e984e9055ce36b40c4aba3a4d45567b7af95f1cf2af23ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:09:27 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b596a7-8d6c"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 0c138ba4e1fce8c519b312a475d162a8
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/plugins/notizia-tools/assets/js/script.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.core.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 13 KB
5 KB 109ms
65ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.core.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 5e3b5a5069534703b6b441668a33d3aecd877044e2bb8ff0bbb564c5f23a29ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-3579"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 2561e7ebd723eaf19445087bd4e783ff
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.core.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.util.nest.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 3 KB
2 KB 85ms
41ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.util.nest.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: a43dd50b7d497a8b9964fc6a08dfe9895a73e588eeffbe0bb1b659d6ac5703b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-baa"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 3cdbfc53df44cf8005f35e28ae42bc72
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.util.nest.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.util.keyboard.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 4 KB
2 KB 91ms
47ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.util.keyboard.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 5259d3d1db0ab9bbb835ea4bb25b69be5db7366bda907678b2d9272b52fbc1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-e0c"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: f028580dd5f0576efdae61caf0500391
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.util.keyboard.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.util.box.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 4 KB
2 KB 98ms
55ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.util.box.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 28b58d1719430b0a469ec4afa2b8b7c1a4a801fe8734d73b273db0d01b788ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-e65"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 3d2e7700c20bb6c4f6b734716bf4a95e
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.util.box.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.util.touch.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 4 KB
2 KB 64ms
21ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.util.touch.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 48ad7fc9c26959cc4e41c1addf2f513215b9f48f6e46e587286215ea3b3e1d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/12/2024 19:39:47
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-1192"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: d9b90fff1690642464e1e3b669e0e5c3
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.util.touch.min.js?ver=6.4.3>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.dropdownMenu.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 10 KB
4 KB 110ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.dropdownMenu.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: b7c769c34783e3dfd90f07e035efafd8cc1b57a4b1db3e027c42c207802271e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/16/2024 22:45:21
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-2912"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 280ea6cc7d08cd855b05f71911586785
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.dropdownMenu.min.js?ver=6.4.3>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 foundation.accordionMenu.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/ 9 KB
3 KB 109ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/foundation/foundation.accordionMenu.min.js?ver=6.4.3
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 250354fad29f1a85fc4e431b09faeccbf0275f5d5afdf6faf422936b206f25ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:00 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59740-2237"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 3967cfda41234a10c8fa02373ab341a1
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/foundation/foundation.accordionMenu.min.js?ver=6.3.2>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 936ms
886ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MQXZQ8K

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb54b199ddcb1d46b083396130898867ed9883bbe9336f79b81cc8baedc51a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 16:44:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
93 KB 957ms
906ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-12N1XPRQ0H

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b9d468dd3c1bbeb8d552dfa3503ffda2b8e0e28ffb8c30a1ac379d6262dc931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 16:44:27 GMT

GET
H2 200 7095517.js Show response
t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/ 3 KB
1 KB 85ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 96ffa497035a548bec242e1ebb10428b7e7d7220048ea52ff03dabae0be971fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Thu, 26 Oct 2023 16:39:50 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"653a9656-b58"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 8f2b17a13f9f2dc68f8935d76e107d7f
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/cache/min/1/7095517.js?ver=1698338390>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 byline.334a.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/plugins/molongui-authorship/assets/js/ 4 KB
2 KB 74ms
55ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/plugins/molongui-authorship/assets/js/byline.334a.min.js?ver=4.7.7
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 9df6c4c7c9ded0611ccf30c49f5a271fe7ab2405cdecbfbf38413a1430d5f75e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Tue, 24 Oct 2023 17:59:22 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"653805fa-1095"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: ba67a9c7173aeb9e20cc8fcd2bcf4009
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/plugins/molongui-authorship/assets/js/byline.334a.min.js?ver=4.7.3>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 intersection-observer.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/intersection-observer/ 9 KB
3 KB 85ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/intersection-observer/intersection-observer.min.js?ver=1.1
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: d89933395cd19a7fcf51defdc49031608af28bd675c9f3524e7bc8e1e261495d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:01 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59741-22f1"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 393b83ae551afd4892213c130c31605a
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/intersection-observer/intersection-observer.min.js?ver=1.1>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 theme.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/ 81 KB
11 KB 74ms
55ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/theme.min.js?ver=1.1
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: bc7dbcdf8032d1fa2b724cdd699a0f80e3d9fa4bfecca91eb802abde8b919e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/13/2024 20:21:46
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:10:29 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b596e5-145ad"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 384a82f280a9c1143d5059dfb60c8e76
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/theme.min.js?ver=1.1>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 swiper.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/swiper/js/ 133 KB
36 KB 74ms
55ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/swiper/js/swiper.min.js
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 9ee89affccbb6f24bf0dbfd697a97d13a1dfb9a94227c6b7daf7f697ceaf073f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:13:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b5978b-212ea"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 3c546852894ae5fe492203be90292124
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/swiper/js/swiper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hoverintent.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/hoverintent/ 2 KB
2 KB 85ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/hoverintent/hoverintent.min.js
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 0ab10cbd66e537859e4a75a22fd8e3ac547eec9b4276e12e70e13700817763e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:01 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59741-913"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: f6d89873059384d5d7261c6573ee650e
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/hoverintent/hoverintent.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 magnific-popup.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/magnific-popup/ 20 KB
7 KB 84ms
65ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/magnific-popup/magnific-popup.min.js
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: fc7109dd6428c821842660a87bda6494e52c0f4ecad22105a1aed87e440ee0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:12:02 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b59742-4f29"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 5c8f4c75ae1443e78456ec6dd31703fa
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/magnific-popup/magnific-popup.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lightbox.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/js/ 9 KB
3 KB 74ms
55ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/js/lightbox.min.js
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: d3ef3695bb858983c86f962d408897ea6742380534b225ba3ecfb5d47820ad06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:13:15 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b5978b-2503"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 96e5d579cae2513abdf99980cb98df49
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/lightbox/js/lightbox.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ajax.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/ 4 KB
1 KB 85ms
66ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/js/ajax.min.js?ver=1.1
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: e43b5d8e33e7e90b8a0ee4962984feb08e72d030794dbcf94b8b292dbe8ee6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:03
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Wed, 04 Jan 2023 15:10:29 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63b596e5-eec"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: c59b39a69987e330d1afb5a8c3602f12
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/js/ajax.min.js?ver=1.1>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazyload.min.js Show response
t7f4e9n3.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 21ms
21ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/19/2024 00:25:05
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 02 Feb 2024 14:39:08 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65bcfe8c-22bc"
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: b39df52c8382f577e71ce45e66569568
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hotjar-3347717.js Show response
static.hotjar.com/c/ 9 KB
4 KB 121ms
57ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3347717.js?sv=5

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

ff12b17d543773b52f264c8642815658999cf7e7fcd04454322a9e82aff414e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/009f5f3cb0e5f0f6d84b84cf2d97a63e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vV5kXWJadPpq0q-8hHuPdjOLzn5feV0U0hGd55_bTISdEOYhBFjFEg==

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 450a081f30c7d70142410c0adbae2accc24d68f6c8a0b439b231ebb6529466f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86db658dfe497e14c80a844f99abed48bb368b88a7ebc047dc3b133267c67bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47f7889a7470a1ba509bf9ede8b40c8173f955147e7a387120a63aa7a2d07993

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a875032e680672e3aad6f4d3219695654bc69b59bb4c54aba69f2529a71f8f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0578e7fe99b79912fbdc32c63dd73f48166ab6d2a67f740be162ba61bab48855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 955181136b272f5772fd6ddb0b312ff6d4efad606910ced8e1115f0c2c6cf1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b50475a2db8b2692f39549499c8e8164b75ec8d2cfcf643d3b72e932fa048f35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2103f98dab7e47abd92c47030caa47d0dd0595ad21446d0f396a1c1df017da7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 70ms
28ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa97d5a93f1d1e252fd0259295827c1a0713d434e3acbd2e33786adfceb534ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
x-amz-version-id: isGrj7bsJKQyiYsmde6FQimVS.PTJSF2
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 249
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.522/bundles/pixels-release.js&cfRay=8598ab8a0b3d9262-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: c0f17368-7810-4ce2-a886-97c791607b76
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c0f17368-7810-4ce2-a886-97c791607b76
last-modified: Thu, 15 Feb 2024 14:51:53 UTC
server: cloudflare
etag: W/"b058f364a6909ff145f5780315cd5784"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-nww6r
cf-ray: 8598b1a09ebc1c2e-FRA
x-amz-cf-id: S7CDzuPDEIaJZXf1QSnC3PdaWqomrceL84lb0j5rDxpMqW0kGelYFA==
x-hs-target-asset: adsscriptloaderstatic/static-1.522/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 93ms
34ms Script
application/javascript 2606:4700::6812:7d0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-encoding: br
age: 11448
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js&cfRay=85979a1e9b93372c-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"2a6dc24f5ac6c8a7eefaadde95ff2129"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1313/bundle/main/lead-flows-release.js
date: Thu, 22 Feb 2024 16:44:27 GMT
x-amz-version-id: ukHk26vS_rf4a6X6Ik2.9R2qKIwOxT4G
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 77d56192-835b-4b94-a1cb-48ea6a1c1832
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 19
x-evy-trace-route-configuration: listener_https/all
x-request-id: 77d56192-835b-4b94-a1cb-48ea6a1c1832
last-modified: Tue, 06 Feb 2024 10:46:39 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-gmwm4
cf-ray: 8598b1a0bf14361e-FRA
x-amz-cf-id: Jna-7uskeHIn779GTO6wDs39pbseSR16YFfgoAqa38r9EDHFwrd6xg==

GET
H2 200 7095517.js Show response
js.hs-analytics.net/analytics/1698338100000/ 66 KB
21 KB 194ms
142ms Script
text/javascript 2606:4700::6810:50ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1698338100000/7095517.js
Requested by: Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 730df8d066b2564470d3e8dd9b0c9bc26e0fdeace2b02f06c3a81a5cc1216b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 1F77MPJJRTP3G95H
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 70491292-ea05-4611-b49d-48287e5a2d36
x-envoy-upstream-service-time: 50
x-amz-id-2: NXEbcc6KnsmgBJt0r6f4pxOxf0JwObm4TeWNTNbDo37Mri1yfWdWXn7CX9mFMy4Tc2HjFQN/iuI=
x-evy-trace-listener: listener_https
x-request-id: 70491292-ea05-4611-b49d-48287e5a2d36
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:39:01 GMT
server: cloudflare
etag: W/"7a7e55839c3707b98e9abae94d364155"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8598b1a0aa6b18ff-FRA
expires: Thu, 22 Feb 2024 16:49:27 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
25 KB 191ms
143ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9f2f620122112ded1f6498ba96d1c797429ab7c07806f689ed5d7142c15973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.911/bundles/project.js&cfRay=8598b1a0a84771d0-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"0e31e7204888ce69b5f5486b7f3c8806"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.911/bundles/project.js
date: Thu, 22 Feb 2024 16:44:27 GMT
x-amz-version-id: 6TFkQJ5lE2FVj1l7Z_pBZDXw00jHreli
via: 1.1 c13d71f8919c23db6bbd1c08a4dfb350.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 75ac4675-c85c-4de3-aede-0b6f19549c13
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-request-id: 75ac4675-c85c-4de3-aede-0b6f19549c13
last-modified: Thu, 22 Feb 2024 11:41:13 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FX1qY%2FCJrsAlmZOaUihtzOFITFcjVCz%2BAoiIt%2BzktOM9kK4vphH%2FfutzWreiqouR2zFcU8gjG45BLznMZ2FXuJc6glxK0UWTvde518GI0kfGLzDNjR%2BL8i2MgjENNRDemJg23KCXMV%2FTV9X9"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-gmwm4
cf-ray: 8598b1a0a84771d0-FRA
x-amz-cf-id: oJbDX0LiawQadHfBgni9TTveBavMKz8Lg7ZKkDybQZEZJURp8A8m8w==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/7095517/ 93 KB
29 KB 374ms
329ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/7095517/banner.js
Requested by: Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77494bdb2b63fd0f21ce489ba302563a114e1c6fd57793fc366b93a758659687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
x-amz-version-id: MpWgZt90m1uHexKl97Dnkgj56MlSuSsT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: EDSS4RV94D675KX7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 9f306bce-c8d8-4b40-93a4-5e33f4c6935a
x-envoy-upstream-service-time: 96
x-amz-id-2: R5fYHPR7RbJhzbEUX/70iT7VvAZ2GTaTEinfbM/6vxXu7HOxX+EJ/2o2LRonPVusBgkJk1ldr5EFX0YjdVYfiA==
x-evy-trace-listener: listener_https
x-request-id: 9f306bce-c8d8-4b40-93a4-5e33f4c6935a
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 13 Feb 2024 15:26:43 GMT
server: cloudflare
etag: W/"7b19c9afd3884e7ef80f0f7d93ca7f08"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://blog.sekoia.io
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8598b1a09e354dac-FRA
expires: Thu, 22 Feb 2024 16:49:27 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 191ms
140ms Script
application/javascript 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-content/cache/min/1/7095517.js?ver=1705682632

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.sekoia.io/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
x-amz-version-id: VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 488e26cd-155c-4b8b-89d9-a98507ef2341
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=8598b1a0a83e5d39-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 4
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 488e26cd-155c-4b8b-89d9-a98507ef2341
last-modified: Wed, 21 Feb 2024 09:36:07 UTC
server: cloudflare
etag: W/"0892458d49ed5681928e6be69131caa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-scqj6
cf-ray: 8598b1a0a83e5d39-FRA
x-amz-cf-id: cpig8ZJamhRUJubMP_N3eWP6ordqIGixHnsE9LXk03N1NIAiY4TA-Q==
x-hs-target-asset: collected-forms-embed-js/static-1.468/bundles/project.js

POST
H2 200 admin-ajax.php Show response
blog.sekoia.io/wp-admin/ 6 KB
2 KB 344ms
344ms XHR
text/html 35.214.255.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.sekoia.io/wp-admin/admin-ajax.php

Requested by

Host: t7f4e9n3.rocketcdn.me
URL: https://t7f4e9n3.rocketcdn.me/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.214.255.233 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

233.255.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fd871985797396785a9c5f894828d75f3c96f0606390127f5960e3a85d88caaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
vary: Accept-Encoding, Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 prev.png
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/ 1 KB
2 KB 20ms
19ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/prev.png
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:04
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1360
last-modified: Wed, 04 Jan 2023 15:13:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63b5978a-550"
vary: Accept-Encoding
content-type: image/png
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: e761522795fb7cc7d582c25ca0c2daed
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/lightbox/images/prev.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 next.png
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/ 1 KB
2 KB 21ms
21ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/next.png
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/15/2024 01:51:16
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1350
last-modified: Wed, 04 Jan 2023 15:13:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63b5978a-546"
vary: Accept-Encoding
content-type: image/png
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: c1c11f97c70ca567ad5dbde433c462bf
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/lightbox/images/next.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 loading.gif
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/ 8 KB
9 KB 46ms
46ms Image
image/gif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/loading.gif
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/08/2024 07:08:22
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 8476
last-modified: Wed, 04 Jan 2023 15:13:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63b5978a-211c"
vary: Accept-Encoding
content-type: image/gif
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 74ce1244c4d5a5545a08756e83064f43
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/lightbox/images/loading.gif>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 close.png
t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/ 280 B
878 B 20ms
20ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/themes/notizia/assets/libraries/lightbox/images/close.png
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1081
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 01/22/2024 10:38:07
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 280
last-modified: Wed, 04 Jan 2023 15:13:14 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63b5978a-118"
vary: Accept-Encoding
content-type: image/png
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 387f0f2eec60cf280314215cd6fbb3bd
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/themes/notizia/assets/libraries/lightbox/images/close.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cropped-logo-sekoia-io-blog-light.png
t7f4e9n3.rocketcdn.me/wp-content/uploads/2023/03/ 4 KB
5 KB 22ms
22ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/uploads/2023/03/cropped-logo-sekoia-io-blog-light.png
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 08674dbb7419f9e5a5e6310436d0cd84559d92789fa278b9876fdedac7dec06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 15:46:04
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 4586
last-modified: Thu, 30 Mar 2023 20:01:58 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "6425eab6-11ea"
vary: Accept-Encoding
content-type: image/png
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 483f99d4ce9d7869b1f83d5ad9751433
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/uploads/2023/03/cropped-logo-sekoia-io-blog-light.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0258a377207160921b4def95e08bde2b05f202a1d441850d49502f768e72307d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo-sekoia-symbol-6.png
t7f4e9n3.rocketcdn.me/wp-content/uploads/2023/04/ 18 KB
19 KB 23ms
23ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/uploads/2023/04/logo-sekoia-symbol-6.png
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: 3cbefb9b0f14015aba9d624075ae01b1ce1101fea52838241708ef22783f49be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1082
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 11/02/2023 18:21:53
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 18477
last-modified: Thu, 20 Apr 2023 13:56:40 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64414498-482d"
vary: Accept-Encoding
content-type: image/png
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 9b66c5a25911dade1334c9654d6c93b3
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/uploads/2023/04/logo-sekoia-symbol-6.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 spider.png
t7f4e9n3.rocketcdn.me/wp-content/uploads/2024/02/ 4 MB
4 MB 30ms
30ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7f4e9n3.rocketcdn.me/wp-content/uploads/2024/02/spider.png
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / RocketCDN - b
Resource Hash: bc8711f0f106c5bccd96a736d6d9022feb5f3b1866d3ff72471b9e502be28be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
cdn-edgestorageid: 1080
x-powered-by: RocketCDN - b
x-proxy-cache-info: DT:1
cdn-cachedat: 02/22/2024 08:49:04
cdn-pullzone: 1701112
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 3700380
last-modified: Fri, 16 Feb 2024 15:18:57 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65cf7ce1-38769c"
vary: Accept-Encoding
content-type: image/png
cdn-cache: HIT
cdn-uid: 9c62a85e-aade-42a0-9ab7-0e0ad624743f
cache-control: public, max-age=31919000
cdn-requestid: 338fc7d952e90f6bc0e72a2233d62bdc
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://blog.sekoia.io/wp-content/uploads/2024/02/spider.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 modules.3ba69200791f16077ba8.js Show response
script.hotjar.com/ 228 KB
55 KB 91ms
24ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3ba69200791f16077ba8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3347717.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

c60a1c9a37989557aed8884899ddec28096d9624f4b43c602f9b335ae1db25cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 11:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 18321
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56245
last-modified: Thu, 22 Feb 2024 11:38:42 GMT
etag: "35c74e10d354e1166c41fd72674e0488"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: g_GlrTxcRFQ-mgyrRmestSzKuUYKsVyxX0MQ_nb1eaLIH8D9dLMYUg==

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
430 B 137ms
129ms XHR
application/json 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=7095517&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756add7a8de66bf0aefb75664a2bb56808a71007823d474570f07f8ea79450af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://blog.sekoia.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8cb33aa3-cbf6-465a-8069-d5cd108bdba8
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8cb33aa3-cbf6-465a-8069-d5cd108bdba8
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.sekoia.io
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-xbcdx
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8598b1a1b9005d39-FRA

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 404 B
1 KB 147ms
146ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=7095517&currentUrl=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

629de5c42a56b67812a858341eb4162b85218eed884271ca47b0388498dc8916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8035b479-62de-47ae-83e6-103c7128fb57
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8035b479-62de-47ae-83e6-103c7128fb57
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.sekoia.io
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ygF8aIEjVsmJa3eD2xT6cQFb7TsYWhfwAZk6%2F87ACD6lgGfXRSmDG9St1Vsh0wRla%2BbfBC%2BaU7ZPwr8Er49peELYXlK6KFlVy26XxFIY3bcS%2FS%2BeN1AxRsaFX7QCPHGxGjATQt9Lgvvbzh3E9oDGBrR%2FVTDqrwwDEU%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8598b1a1b9cb71d0-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-xtpfl

GET
H2 204 3347717 Show response
vc.hotjar.io/sessions/ 0
258 B 128ms
44ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3347717?s=0.25&r=0.19115472979288417
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3ba69200791f16077ba8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.9.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
via: 1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.9.3
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: _Laj6JbsDQVybac5zKDT6Ge9L5YndCo1xNwCa8zmFUNK7bOrGFDtvg==

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1015 B 188ms
145ms Image
image/gif 2606:4700::6812:a07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:44:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 000f3714-f1b0-4f9d-9fc4-b763969d7169
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 000f3714-f1b0-4f9d-9fc4-b763969d7169
Server: cloudflare
X-Trace: 2B86C0C0291B7D8C5A7B30FDBC9C79D2E6918D2690000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-r4fkb
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 8598b1a2cab99186-FRA

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 196ms
142ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:44:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: dc5782b4-9ce9-4c3e-96f6-13d8b0196432
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: dc5782b4-9ce9-4c3e-96f6-13d8b0196432
Last-Modified: Thu, 22 Feb 2024 16:44:28 GMT
Server: cloudflare
X-Trace: 2B3D5BBE8D15BD8F92CF5A10D7E717A04313B70C12000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-z84xk
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 8598b1a2fbec35f6-FRA

OPTIONS
H2 200 view
js.hs-banner.com/v2/activity/ 0
0 175ms
132ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.sekoia.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://blog.sekoia.io
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8598b1a30a6e4db1-FRA
content-length: 0
content-type: application/octet-stream
date: Thu, 22 Feb 2024 16:44:28 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 5dc0d0f1-31fc-4495-8573-8fab3bd38594
x-request-id: 5dc0d0f1-31fc-4495-8573-8fab3bd38594

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
865 B 327ms
29ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/7095517/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 16:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 16:03:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 16:44:28 GMT

POST
H2 204 view
js.hs-banner.com/v2/activity/ 0
0 153ms
153ms Fetch 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/v2/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/7095517/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.sekoia.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator, envoyset-translator
x-hubspot-correlation-id: 4fddb759-908b-45d4-bf10-f99b482bb515
x-envoy-upstream-service-time: 23
x-evy-trace-route-configuration: listener_http/all, listener_https/all
x-evy-trace-listener: listener_http, listener_https
x-request-id: 4fddb759-908b-45d4-bf10-f99b482bb515
server: cloudflare
x-trace: 2BB3F8D857ED18EA24186D7386527FD5F5B5BED1E7000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host: all, all
x-evy-trace-served-by-pod: iad02/private-hubapi-td/envoy-proxy-856bb7f6fc-q79rx, iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin: https://blog.sekoia.io
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8598b1a3db2a4db1-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 79ms
78ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:34:39 GMT
x-content-type-options: nosniff
age: 119389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:34:39 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 81ms
81ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.sekoia.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:27:45 GMT
x-content-type-options: nosniff
age: 119803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:27:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
92 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-12N1XPRQ0H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8T6VX2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

573b8e0957ac6d88e5d1b68591599c98b9a0a9398510eec19215f8aa64cff769

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 16:44:28 GMT

GET
H2 200 hotjar-3133674.js Show response
static.hotjar.com/c/ 9 KB
4 KB 51ms
51ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3133674.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8T6VX2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

ec63b2011c94d907406159910f2a0b28992223378b07d754ada41e6fa1384e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 16:44:28 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/2975545259af7ddf9fa7e36451602e5b
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DMni_qZ9A_q1MsAUjo3L80TD51pHIufB3w8N3xSDJ-8cSAD1v3BYeA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 45 KB
16 KB 171ms
55ms Script
application/javascript 2a02:26f0:3100::1735:2a09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8T6VX2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e9841d9258210b13f0870a80d02ce8f3224c8798d1c0d618f210a573ce96038e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Feb 2024 09:12:49 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=42529
accept-ranges: bytes
content-length: 16480

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 108ms
36ms Script
application/x-javascript 23.192.243.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.243.198 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-243-198.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:44:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MQXZQ8K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8T6VX2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdf48b6110117bdf0bb48df509af3434292dfc80a138489c02bf720c9ea28e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 16:44:28 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 75ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9XJJ1LP075&gtm=45Pe42h0v9114055258za200&_p=1708620267398&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1430252361.1708620269&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1708620268&sct=1&seg=0&dl=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&dt=Scattered%20Spider%20laying%20new%20eggs%20-%20Sekoia.io%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1541
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MQXZQ8K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 85ms
30ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9XJJ1LP075&cid=1430252361.1708620269&gtm=45Pe42h0v9114055258za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MQXZQ8K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 103ms
56ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9XJJ1LP075&cid=1430252361.1708620269&gtm=45Pe42h0v9114055258za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1929060483

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152945562-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12N1XPRQ0H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9e84071766af67c23a92e39b8d4cd5de51320542ec5728af8f953515edd41ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70820
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Feb 2024 16:44:28 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 54ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-12N1XPRQ0H&gtm=45je42h0v876103120z89105367108za200&_p=1708620267398&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1430252361.1708620269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708620268&sct=1&seg=0&dl=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&dt=Scattered%20Spider%20laying%20new%20eggs%20-%20Sekoia.io%20Blog&en=page_view&_fv=1&_ss=1&tfd=1564
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12N1XPRQ0H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 64ms
31ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-12N1XPRQ0H&cid=1430252361.1708620269&gtm=45je42h0v876103120z89105367108za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12N1XPRQ0H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 79ms
57ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-12N1XPRQ0H&cid=1430252361.1708620269&gtm=45je42h0v876103120z89105367108za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1665040777

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 37ms
36ms Script
application/x-javascript 23.192.243.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.192.243.198 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-243-198.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:44:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 01 Jun 2024 16:44:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
20ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152945562-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3379
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 22 Feb 2024 17:48:09 GMT

POST
H/1.1 200
OK visitWebPage
362-pti-203.mktoresp.com/webevents/ 2 B
318 B 214ms
35ms Ping
text/plain 130.248.173.59
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://362-pti-203.mktoresp.com/webevents/visitWebPage?_mchNc=1708620268696&_mchCn=&_mchId=362-PTI-203&_mchTk=_mch-blog.sekoia.io-1708620268696-63282&_mchHo=blog.sekoia.io&_mchPo=&_mchRu=%2Fscattered-spider-laying-new-eggs%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.248.173.59 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 16:44:28 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 98a63f87-7ff8-4d9b-aee4-baaffb947539

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
654 B 190ms
190ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://blog.sekoia.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 22 Feb 2024 16:44:27 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 092C6A5DE2644DC49591BDC2A49D3825 Ref B: FRAEDGE1207 Ref C: 2024-02-22T16:44:28Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://blog.sekoia.io
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYR+ygtmFklcSoZhTGGCQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&t...

0
265 B

251ms
203ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQLS3wFcgHDjxQAAAY3RtEYYhaYahw6MOhv0FTqkHshJFReMwv6NEbjREznI-V3_TUShlQMuZQXSu0KEej_dRhODCFucSg
Requested by: Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:28 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 12F8B8C169FF4F098E262D36B4E6BDF2 Ref B: FRAEDGE1112 Ref C: 2024-02-22T16:44:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYR+yg1enCAAMOIAA7vng==

Redirect headers

date: Thu, 22 Feb 2024 16:44:28 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A217F5D51AB74E04A6D7E07ABC1273E7 Ref B: FRAEDGE1207 Ref C: 2024-02-22T16:44:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5046826&time=1708620268729&li_adsId=9d76d9e3-df69-4b4b-b008-9dc881002bd6&url=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQLS3wFcgHDjxQAAAY3RtEYYhaYahw6MOhv0FTqkHshJFReMwv6NEbjREznI-V3_TUShlQMuZQXSu0KEej_dRhODCFucSg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYR+ygxt3kX4m1s7Soz4g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 27ms
27ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=104629354&t=pageview&_s=1&dl=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&ul=en-us&de=UTF-8&dt=Scattered%20Spider%20laying%20new%20eggs%20-%20Sekoia.io%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1472267346&gjid=891251913&cid=1430252361.1708620269&tid=UA-152945562-2&_gid=2062307943.1708620269&_r=1&gtm=457e42h0z8876103120za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1914748016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.sekoia.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152945562-2&cid=1430252361.1708620269&jid=1472267346&gjid=891251913&_gid=2062307943.1708620269&_u=YADAAUAAAAAAACAAI~&z=985651888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.sekoia.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 108ms
58ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152945562-2&cid=1430252361.1708620269&jid=1472267346&_u=YADAAUAAAAAAACAAI~&z=551945310

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 54ms
54ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152945562-2&cid=1430252361.1708620269&jid=1472267346&_u=YADAAUAAAAAAACAAI~&z=551945310

Requested by

Host: blog.sekoia.io
URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7095517.js Show response
js-na1.hs-scripts.com/ 3 KB
1 KB 242ms
136ms Script
application/javascript 2606:4700::6810:be59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/7095517.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1698338100000/7095517.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:be59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4e7d788641782d9dcd47ddf9fdcc322174c60016ca8ef97f770eb9a216f991

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 68df95a4-a774-45ee-b8e6-f32bd3efe6f3
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 68df95a4-a774-45ee-b8e6-f32bd3efe6f3
last-modified: Thu, 22 Feb 2024 09:15:43 GMT
server: cloudflare
x-trace: 2BC39C93576ADE54561ECF5FF2AB8F600F0457ED0A000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.sekoia.io
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-db7qj
access-control-allow-credentials: true
cf-ray: 8598b1acabb03673-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 251ms
147ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=696607268&v=1.1&a=7095517&ct=blog-post&rcu=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&pu=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&t=Scattered+Spider+laying+new+eggs+-+Sekoia.io+Blog&cts=1708620269432&rv=1&vi=b2eca2bb913c2c08402ba4e397972103&nc=true&ce=false&cc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e4222796-891b-4b31-af62-1e1aa1162cfb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e4222796-891b-4b31-af62-1e1aa1162cfb
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q89d%2BLQUtVKGya5mS0wJdoZQX2I%2FslaWed85wa64Y%2FytipR8%2F6hirgOBGHhznubvTYfH2PFNHOUQToBhLRdihHnJW5PS9CXxO57XUB%2BDSr99VZaAWMp5WWxZ9GRKYhI%2BDTgHhWRxfTryw9R%2FeRiU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-m8f89
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8598b1aca8672bf8-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 20 KB
5 KB 206ms
196ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=7095517&currentUrl=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0930e1d0205b9d88869921e5d3f946d4c553e759be93f88e19cb07bc5847f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ca46ed87-3127-4121-9d9a-654e29284864
content-encoding: br
x-envoy-upstream-service-time: 66
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ca46ed87-3127-4121-9d9a-654e29284864
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.sekoia.io
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX43Cna1stZBMZqZQYHhcBIsh%2Bz%2BOqDE9iZxDQGgBMwHTl5tOPrUeJaj%2BBzIEZyaeP2hrieSqU4PommgQDBdN6sJBSk13HWop%2FnJj67a6I3ZM3iFX3qd7rOVPMfHguNx9FwrehjMVjQuvRWgRraM"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8598b1ac7ddd71d0-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-bfd765d7d-lxgwd

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
446 B 155ms
155ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=ef7c888f-6b8a-4095-b96d-9ce336fa2ec6&lfi=5415088&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=696607268&v=1.1&a=7095517&ct=blog-post&rcu=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&pu=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&t=Scattered+Spider+laying+new+eggs+-+Sekoia.io+Blog&cts=1708620269709&rv=1&vi=b2eca2bb913c2c08402ba4e397972103&nc=true&ce=false&cc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 16:44:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f90dc5d7-2abf-4c19-8017-f900381abd95
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 23
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f90dc5d7-2abf-4c19-8017-f900381abd95
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohKFWKJt9GFENPiqKMaWzPq%2BYd5N5PoZnObw%2FZLVHuuajcxXGKCZJezwZ9Yv42lZGCak8%2B1%2BjkytTyYl5zefOqX1BmvrD%2BpgmImVucf71Ss21Eo%2F%2BASXOFgjhHfuqQiYPOPDbE4Ncd41r4%2FyW9NE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-gzdtb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8598b1adb9502bf8-FRA
x-robots-tag: none

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-12N1XPRQ0H&gtm=45je42h0v876103120za200&_p=1708620267398&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1430252361.1708620269&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1708620268&sct=1&seg=1&dl=https%3A%2F%2Fblog.sekoia.io%2Fscattered-spider-laying-new-eggs%2F&dt=Scattered%20Spider%20laying%20new%20eggs%20-%20Sekoia.io%20Blog&en=page_view&_ee=1&_et=2&tfd=6568
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12N1XPRQ0H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.sekoia.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 16:44:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.sekoia.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
blog.sekoia.io/	1970-01-21 03:22:36	Name: pll_language Value: en
.sekoia.io/	1970-01-21 03:22:36	Name: _hjSessionUser_3347717 Value: eyJpZCI6IjRkMThhZjhjLWU5MzYtNTJhYS04NTBlLTJhMzY3ZTIzZmExNyIsImNyZWF0ZWQiOjE3MDg2MjAyNjc4MTYsImV4aXN0aW5nIjpmYWxzZX0=
.sekoia.io/	1970-01-20 18:37:02	Name: _hjSession_3347717 Value: eyJpZCI6Ijc3MjZhZTNmLWFkMzYtNDc0NC05MDUzLWVhNjNmYjczMzQzNyIsImMiOjE3MDg2MjAyNjc4MTcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.sekoia.io/	1970-01-21 04:13:00	Name: _ga_9XJJ1LP075 Value: GS1.1.1708620268.1.0.1708620268.60.0.0
.sekoia.io/	1970-01-21 04:13:00	Name: _ga_12N1XPRQ0H Value: GS1.1.1708620268.1.1.1708620268.60.0.0
.blog.sekoia.io/	1970-01-21 04:13:00	Name: _mkto_trk Value: id:362-PTI-203&token:_mch-blog.sekoia.io-1708620268696-63282
.sekoia.io/	1970-01-21 04:13:00	Name: _ga Value: GA1.2.1430252361.1708620269
.sekoia.io/	1970-01-20 18:38:26	Name: _gid Value: GA1.2.2062307943.1708620269
.sekoia.io/	1970-01-20 18:37:00	Name: _gat_gtag_UA_152945562_2 Value: 1
.linkedin.com/	1970-01-20 20:46:36	Name: li_sugr Value: 8e0b228a-4d16-49c3-9707-bdb177234c70
.linkedin.com/	1970-01-21 03:22:36	Name: bcookie Value: "v=2&b0e9f5b2-77c6-4c28-8e09-c6358c22e14d"
.linkedin.com/	1970-01-20 18:38:26	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3186:u=1:x=1:i=1708620268:t=1708706668:v=2:sig=AQHQRPYhzuYs56ge8TNPysBUgDqeM2eB"
.linkedin.com/	1970-01-20 22:56:12	Name: li_gc Value: MTswOzE3MDg2MjAyNjk7MjswMjHt47rd782AK/cQcF46oZSRdnl7ijVCvAyZ4FMtPoE0fA==
.hubspot.com/	1970-01-20 18:37:02	Name: __cf_bm Value: FuoAxsODhgf4NXAy1pQErGGqLVO0SxAOUCwL14s0Bz0-1708620269-1.0-AYILMoQAFFIB3+Kee8MGKjmQTBoCM4ojizMzAyiFH4H+cXmxKwIM5Dt2cOj6McDmpUyKfF9MT2G+QhpsAPdoYnM=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: jKwquqWHk706zqYz_pOh31e6PNNNV9WlRz68iv1FIRc-1708620269672-0.0-604800000

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://blog.sekoia.io/scattered-spider-laying-new-eggs/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

362-pti-203.mktoresp.com
blog.sekoia.io
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
forms.hubspot.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.hubspot.com
lnkd.in
munchkin.marketo.net
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
t7f4e9n3.rocketcdn.me
track.hubspot.com
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.107.42.14
13.32.27.54
130.248.173.59
18.66.112.79
18.66.97.37
2001:4860:4802:32::36
2001:4860:4802:38::178
23.192.243.198
2400:52e0:1e00::1081:1
2606:4700:4400::ac40:991b
2606:4700::6810:50ba
2606:4700::6810:be59
2606:4700::6811:5a9a
2606:4700::6811:e3a3
2606:4700::6812:7d0c
2606:4700::6812:a07d
2606:4700::6812:b07d
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:809::2008
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:26f0:3100::1735:2a09
35.214.255.233
0258a377207160921b4def95e08bde2b05f202a1d441850d49502f768e72307d
0578e7fe99b79912fbdc32c63dd73f48166ab6d2a67f740be162ba61bab48855
08674dbb7419f9e5a5e6310436d0cd84559d92789fa278b9876fdedac7dec06f
0ab10cbd66e537859e4a75a22fd8e3ac547eec9b4276e12e70e13700817763e9
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1b0e165a72588997e984e9055ce36b40c4aba3a4d45567b7af95f1cf2af23ba4
1b4e7d788641782d9dcd47ddf9fdcc322174c60016ca8ef97f770eb9a216f991
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
250354fad29f1a85fc4e431b09faeccbf0275f5d5afdf6faf422936b206f25ab
28b58d1719430b0a469ec4afa2b8b7c1a4a801fe8734d73b273db0d01b788ea3
36ce8abfd51e57c8a40035d50183afbceeb2ec0c895903579b3b372b79fc6d0c
3cbefb9b0f14015aba9d624075ae01b1ce1101fea52838241708ef22783f49be
406d989410e957ba00f65d333ce8fffae02bc075a8429ad749022a3883e23880
44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3
450a081f30c7d70142410c0adbae2accc24d68f6c8a0b439b231ebb6529466f5
47f7889a7470a1ba509bf9ede8b40c8173f955147e7a387120a63aa7a2d07993
48ad7fc9c26959cc4e41c1addf2f513215b9f48f6e46e587286215ea3b3e1d2b
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
50ee69eaa26f0d0f1b40bbbf32dd02ef15ff00c9be25938512ebc1e1d3ec2506
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5259d3d1db0ab9bbb835ea4bb25b69be5db7366bda907678b2d9272b52fbc1ed
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
573b8e0957ac6d88e5d1b68591599c98b9a0a9398510eec19215f8aa64cff769
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
5e3b5a5069534703b6b441668a33d3aecd877044e2bb8ff0bbb564c5f23a29ae
629de5c42a56b67812a858341eb4162b85218eed884271ca47b0388498dc8916
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
730df8d066b2564470d3e8dd9b0c9bc26e0fdeace2b02f06c3a81a5cc1216b2e
756add7a8de66bf0aefb75664a2bb56808a71007823d474570f07f8ea79450af
77494bdb2b63fd0f21ce489ba302563a114e1c6fd57793fc366b93a758659687
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86db658dfe497e14c80a844f99abed48bb368b88a7ebc047dc3b133267c67bf0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
955181136b272f5772fd6ddb0b312ff6d4efad606910ced8e1115f0c2c6cf1bf
96ffa497035a548bec242e1ebb10428b7e7d7220048ea52ff03dabae0be971fe
9b9d468dd3c1bbeb8d552dfa3503ffda2b8e0e28ffb8c30a1ac379d6262dc931
9df6c4c7c9ded0611ccf30c49f5a271fe7ab2405cdecbfbf38413a1430d5f75e
9ee89affccbb6f24bf0dbfd697a97d13a1dfb9a94227c6b7daf7f697ceaf073f
a0930e1d0205b9d88869921e5d3f946d4c553e759be93f88e19cb07bc5847f75
a0d478be906f7f503f03ea807d06e01a92064709c42038f0c555cc44091fe57c
a0eb564e8b104002217b23d191c384d64d77b30fa37b0f124db645e16096cfd3
a43dd50b7d497a8b9964fc6a08dfe9895a73e588eeffbe0bb1b659d6ac5703b1
a875032e680672e3aad6f4d3219695654bc69b59bb4c54aba69f2529a71f8f3b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b50475a2db8b2692f39549499c8e8164b75ec8d2cfcf643d3b72e932fa048f35
b7c769c34783e3dfd90f07e035efafd8cc1b57a4b1db3e027c42c207802271e6
bc7dbcdf8032d1fa2b724cdd699a0f80e3d9fa4bfecca91eb802abde8b919e2d
bc8711f0f106c5bccd96a736d6d9022feb5f3b1866d3ff72471b9e502be28be8
bdf48b6110117bdf0bb48df509af3434292dfc80a138489c02bf720c9ea28e24
be573861a526efd7d692161951683a2cdb45137270f7ee57879d1960c7cf99de
be623e3f632dab13d703cd3f71cc438122aeec10f930be80a3d57b1dbd4c2c79
c2103f98dab7e47abd92c47030caa47d0dd0595ad21446d0f396a1c1df017da7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c60a1c9a37989557aed8884899ddec28096d9624f4b43c602f9b335ae1db25cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d3ef3695bb858983c86f962d408897ea6742380534b225ba3ecfb5d47820ad06
d89933395cd19a7fcf51defdc49031608af28bd675c9f3524e7bc8e1e261495d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43b5d8e33e7e90b8a0ee4962984feb08e72d030794dbcf94b8b292dbe8ee6c5
e9841d9258210b13f0870a80d02ce8f3224c8798d1c0d618f210a573ce96038e
eb54b199ddcb1d46b083396130898867ed9883bbe9336f79b81cc8baedc51a01
ec63b2011c94d907406159910f2a0b28992223378b07d754ada41e6fa1384e8d
ee9f2f620122112ded1f6498ba96d1c797429ab7c07806f689ed5d7142c15973
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f9e84071766af67c23a92e39b8d4cd5de51320542ec5728af8f953515edd41ac
fa97d5a93f1d1e252fd0259295827c1a0713d434e3acbd2e33786adfceb534ce
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
fc7109dd6428c821842660a87bda6494e52c0f4ecad22105a1aed87e440ee0b1
fd871985797396785a9c5f894828d75f3c96f0606390127f5960e3a85d88caaa
ff12b17d543773b52f264c8642815658999cf7e7fcd04454322a9e82aff414e3

blog.sekoia.io Open in urlscan Pro 35.214.255.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

99 %HTTPS

75 %IPv6

24 Domains

32 Subdomains

29 IPs

4 Countries

5018 kBTransfer

7541 kBSize

15 Cookies

32 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.sekoia.io Open in urlscan Pro
35.214.255.233 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

99 %
HTTPS

75 %
IPv6

24
Domains

32
Subdomains

29
IPs

4
Countries

5018 kB
Transfer

7541 kB
Size

15
Cookies

88 HTTP transactions
10 data transactions